AVG Forces Chrome Extension On Users, Extension Is Woefully Insecure (google.com)
An anonymous reader writes: The AVG Web TuneUp Chrome extension, forcibly added to Google Chrome browsers when users were installing the AVG antivirus, had a serious flaw that allowed attackers to get the user's browsing history, cookies, and more. "This extension adds numerous JavaScript APIs to Chrome, apparently so that they can hijack search settings and the new tab page," explains Mr. Ormandy. "The installation process is quite complicated so that they [AVG] can bypass the Chrome [Store] malware checks, which specifically tries to stop abuse of the [Chrome] Extension API." Simple XSS and MitM attacks expose data from other tabs opened in the browser, browsing history, and even manage to render SSL useless.
Just install linux or freebsd or whatever OS you want, and install patches timely, then you don't have the need for an anti-virus. Yes, in fact you can't even buy one for linux. And if you really need windows for some program or so, start it in a VM, not connected to the internet. Problem solved.