Hanno's blog

A while back, some people from the chaos computer club created a small tool called dingens (yeah, the name sucks) to disable windows services that open ports to the network.
The idea is simple, a common windows installation (esp. before sp2) opens various ports to the network by default, even if they aren't used for anything. This led to a couple of security threats in the past, many viruses used buggy services to attack remote computers.

Now, while it's probably in general not a good idea to use an operating system so poorly designed that it opens ports by default without needing them, if you're forced to use windows, dingens is probably a much better idea than most other »security solutions«. Why? Because it closes security holes instead of working around them and introducing new problems, like antivirus-apps or personal firewalls do.

Now, recently Antivir reported win32sec.exe (the dingens-tool) as
SecurityPrivacyRisk/Tool.KillService riskware

And Panda Antivirus says:
Hacktool/Servicekiller.A

Probably someone should tell the people at Panda about the different meanings of »Hacker«. Just because something was done by »Hackers« doesn't mean it's a hacktool. In fact, detecting dingens as something dangerous is trying to get rid of competitors in terms of security solutions. The only thing dingens endangers is the business model of so-called security companies.
After some people intervened, Antivir has removed the signature now. Panda still thinks it's a »hacktool«.

The complete idea of AV apps is wrong. The purpose of a virus is to use security holes to spread itself. AVs can only detect already known viruses. That also means the security hole is known and thus should be fixed, not worked around by some crappy software that can have security problems itself. The only valid usage of an AV I can think of is to scan email to reduce crap in your inbox. But, not to secure you (that should be done by a well-designed mail client), just to save you time from deleting the mails, the same thing spamfilters do. A command-line scanner like clamav (the only free one) is just fine for this. Everyone telling you that you need to install a »allround security solution« on your PC is lying.