I honestly think that "anti-virus" software is mostly
Snake Oil. It's a highly popularized but rather-ineffective "patch" for a problem that is never really honestly described to the end-user.
In my humble opinion, the problem is not
that "rogue software can arrive on your computer and be executed." The problem is that such software, when it arrives, when it executes, succeeds.
This is totally preventable.
I don't believe that you can realistically stop the rogue-software problem by trying to keep it from arriving.
There are simply too many ways that this could happen. Ditto trying to keep it from executing.
The way to stop it is ... keep it from succeeding.
And you do that with privileges.
Most Windows systems ship where the one and only user is an Administrator .. and has no password. Anything
that an Administrator .. or a rogue executing in his name .. asks to do, will be done. Which is why viruses and rogues succeed.
Make sure that you use your computer, on a daily basis, as a completely non-privileged, ordinary-Joe, user.
Have a separate, unrelated account for system maintenance .. an account that is not root
. If you wear many hats in your company .. salesman, CEO, accountant, geek .. have separate accounts for each role that you play, with different passwords. No other account should have login privileges.
is what will keep your system secure. I worry, frankly, about "anti-virus" programs because it stands to reason that they,
to do their jobs, must be "all powerful." Which makes them .. a vulnerability. And, in my humble, an unnecessary one.