Yes using more than one anti-virus program is not advisable
The primary concern with doing so is due to conflicts that can arise
when they are running in real-time mode simultaneously and issues with Windows resource management. Even if one of them is disabled for use as a stand-alone scanner, it can affect the other and cause conflicts
. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources
. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
Each anti-virus may interpret the activity of the other as suspicious behavior
and there is a greater chance of them alerting you to a "False Positive
". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that virus or suspicious file. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found when that is not the case.
Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself
. Because of this, many anti-virus vendors encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation
is not always possible because most of the newer anti-virus programs will detect the presence of others and may insist they be removed prior to download and installation of another. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness
or similar symptoms while trying to use it.
In contrast, as a general rule
, using more than one anti-spyware program like Malwarebytes' Anti-Malware, SuperAntispyware, Windows Defender, Spybot S&D, Ad-Aware, Spyware Terminator, etc. will not conflict with each other or your anti-virus if using only one
of them for real-time protection and others as stand-alone scanners. In fact, doing so increases your protection coverage without
causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. The overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware. However, competing tools may provide redundant alerts which can be annoying and/or confusing as a result of the overlap in protection.
If using multiple real-time resident shields (TeaTimer, Ad-Watch, MBAM Protection Module, Spyware Terminator Shields, etc.) together at the same time, there can be conflicts
when each application tries to compete for resources and exclusive rights to perform an action. They may identify the activity of each other as suspicious and produce alerts. Further, your anti-virus may detect suspicious activity while these programs are scanning (reading) files, especially if it uses a heuristic scanning
engine, regardless if they are running in real-time or on demand. The anti-virus may even detect as threats, any malware removed by these programs and placed into quarantined areas. This can lead to a repetitive cycle of endless alerts or false alarms that continually warn a threat has been found if the contents of the quarantine folder are not removed before beginning a new security scan. Generally these conflicts are more of an annoyance rather than the significant conflicts which occur when running two anti-virus programs in real time.
Keep in mind that you can overkill a system with resource heavy security programs that will slow down performance. Sometimes you just have to experiment to get the right combination for your particular system as there is no universal "one size fits all" solution
that works for everyone. No single product is 100% foolproof
and can prevent, detect and remove all threats at any given time. Just because one anti-virus detected threats that another missed, does not mean its more effective. The security community is in a constant state of change as new infections appear and it takes time for them to be reported, samples collected, analyzed, and tested by anti-vendors. Security vendors use different scanning engines and different detection methods such as heuristic analysis
or behavioral analysis
which can account for discrepancies in scanning outcomes. Depending on how often the anti-virus database is updated can also account for differences in threat detections.
Further, each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense
, safe computing
and safe surfing habits
provides the most complete protection.
P.S. Ask your daughter to read How Malware Spreads - How did I get infected
which explains the most common ways malware is contracted and spread.