A good rule of thumb is 1 (and only 1) antivirus, 1 (and only 1) software firewall, 1 (and only 1) antispyware. More than one of the same category are highly likely to conflict, cause slowdowns, and in many cases, can not be run/installed when another is already present.
Zonealarm is basically a software firewall, but also can be a suite, comprising AV as well. You would not want to be using ZA AV and AVG (which has, itself, become a suite of sorts.)

Windows Defender is an Antispyware (AS), not a firewall. Opinions vary as to its' effectiveness. It runs in realtime (resident.)
Anti whatever ware is probably an antispyware, and probably a demand scanner (like the venerable Spybot.) You can install as many demand scanners as you want. I would recommend the current "best" ones are MalwareBytesAntimalware, and Superantispyware. They are useful for detecting and removing stuff that a lot of AVs don't.

A Hosts File on any machine with a web interface will prevent a large number of known bad sites connecting. A similar effect can be achieved using SpywareBlaster, by Javacool, (This won't conflict with anything) or the "immunize" feature in Spybot. (Make sure any of these are updated regularly.)
Other "immunity" of sorts can be achieved by reducing permissions in browsers, so that, for example, it will prompt to run active scripts in all but the intranet zone. That would stop a lot of what's called "drive by downloads", where a user can get a trojan just by visiting a site, without clicking on anything. Problem is you have to have an idea of what web page might be safe to allow scripts on, or not. And some of them (most, probably) lose some functionality without scripting.