I'm interested in running a "companion antivirus" program in real-time, on-access mode along with my regular antivirus software. What are people's thoughts on this?
Conventional wisdom has always been to not run two (or more) antivirus programs simultaneously due to potential conflicts. However, within the last ~10 years it seems a number of anti-malware products have been designed to run alongside antivirus. Some of them are simply 2nd opinion, on-demand scanners without a real-time, on-access component. I don't believe those ever cause problems by conflicting with antivirus. However, those are also more of a re-active approach to security: designed to identify and cleanup infections and/or traces after the fact.
Other anti-malware apps offer real-time, on-access protection. The best known of these is probably Malwarebytes Anti-Malware (premium), and I've seen it run alongside antivirus without apparent issue. The latest version 3.0 seems to be designed more as a replacement for antivirus than a companion to it... And I believe Emsisoft Anti-Malware also started as a companion antivirus, and then developed into more of a standalone product.
Those products aside, there are still a number of anti-malware apps with real-time components designed to complement an existing antivirus installation. And typically, part of the rationale for this setup is that they target somewhat different types of threats. Antivirus focuses on viruses, trojans, etc., and anti-malware focuses more on adware, spyware, etc. There may well still be some overlap in coverage, but by excluding the paths of the other "anti" product in each, one can minimize any potential conflicts.
So, it seems to me that this setup could be part of a layered approach to security, realizing of course that additional layers like appropriately configured firewall, regular off-line backup, keeping OS and software updated, user caution and vigilance, etc. should all parts of a security protocol.
All of that said, anyone still against running several real-time security products concurrently? Is it always a bad idea? I would certainly attempt to choose relatively light-weight products that are known to "play nice" together. But do you think there would nonetheless be a significant performance degradation and potential for conflict under this scenario, and therefore one should stick with just one real-time antivirus?
Thanks for any thoughts!