Advice Request Best Antivirus for my Family

[Trident]

I think the fact that a bunch of AV go for Avira and Bitdefender SDKs is a testament to these engines power. They don’t go for the Eset SDK, in the past there was a router that used the Eset scan engine (not sure if it was Gryphon maybe?).

The Avira antivirus engine provides very broad detection of anything, from a pdf with phishing content, to scripts, malicious HTML content and many others.

Even with HIPS, ESET was unable to contain Netwalker?

It did not contain anything, the system was encrypted, the machine learning was set to the highest levels (from that screen with the multiple radio buttons). HIPS was set on default levels, I’m sorry but on any non-automated levels this HIPS is useless, it displays 5 alerts every time you move the mouse.

 

[Parkinsond]

I think the fact that a bunch of AV go for Avira and Bitdefender SDKs is a testament to these engines power

May be just ESET does not want to share their database with other vendors, as they rely mainly on pre-execution detection, not like B which rely more on post-execution behavioral detection, which makes their database not that precious as that of ESET.

 

[Trident]

May be just ESET does not want to share their database with other vendors, as they rely mainly on pre-execution detection, not like B which rely more on post-execution behavioral detection, which makes their database not that precious as that of ESET.

They offer OEM solutions through third parties. The engine is available to anyone who wants it. But there is a reason vendors don’t want it. They even offer white labels/rebranding.

Antivirus OEM: ESET OEM integration

ESET OEM integration description page

antivirusoem.com

 

[piquiteco]

This occured 23 years ago, unless you declares Avira is better than Kaspersky.

At no point did I say that Avira is better than Kaspersky, I am just recounting my experience with Avira in 2002. I believe that there may have been several factors that prevented K from disinfecting the malware that day. K was already well known at the time, so it may have been malware targeted at it, perhaps infecting K itself, even with self-defence enabled. I don't know, it's difficult to analyse. At that time, I didn't even know if VMs existed, there wasn't much to analyse, so I went for broke. If I could format it, I would format my friend's machine and the problem would be solved, but with the machine infected, how would I know that it would infect my hard drive? It's hard to know at that time, many people used floppy disks, writable CD-ROMs (CDR) and rewritable CD-ROMs (CDRW), so it was a time when you were quite vulnerable, receiving attachments by email, using floppy disks, compared to today. You don't know the tools @Andy Ful? didn't exist, I wish there was a range of tools and AVs that you have today to choose from.

 

[Trident]

At no point did I say that Avira is better than Kaspersky, I am just recounting my experience with Avira in 2002. I believe that there may have been several factors that prevented K from disinfecting the malware that day. K was already well known at the time, so it may have been malware targeted at it, perhaps infecting K itself, even with self-defence enabled. I don't know, it's difficult to analyse. At that time, I didn't even know if VMs existed, there wasn't much to analyse, so I went for broke. If I could format it, I would format my friend's machine and the problem would be solved, but with the machine infected, how would I know that it would infect my hard drive? It's hard to know at that time, many people used floppy disks, writable CD-ROMs (CDR) and rewritable CD-ROMs (CDRW), so it was a time when you were quite vulnerable, receiving attachments by email, using floppy disks, compared to today. You don't know the tools @Andy Ful? didn't exist, I wish there was a range of tools and AVs that you have today to choose from.

We are not comparing Avira with Kaspersky, and other companies also doing better pre-execution prevention are not mentioned.

The statement was that from the EU antiviruses, Eset is the best. Eset sadly is not the best, neither from the EU AVs, nor in general.

 

[Parkinsond]

At no point did I say that Avira is better than Kaspersky, I am just recounting my experience with Avira in 2002. I believe that there may have been several factors that prevented K from disinfecting the malware that day. K was already well known at the time, so it may have been malware targeted at it, perhaps infecting K itself, even with self-defence enabled. I don't know, it's difficult to analyse. At that time, I didn't even know if VMs existed, there wasn't much to analyse, so I went for broke. If I could format it, I would format my friend's machine and the problem would be solved, but with the machine infected, how would I know that it would infect my hard drive? It's hard to know at that time, many people used floppy disks, writable CD-ROMs (CDR) and rewritable CD-ROMs (CDRW), so it was a time when you were quite vulnerable, receiving attachments by email, using floppy disks, compared to today. You don't know the tools @Andy Ful? didn't exist, I wish there was a range of tools and AVs that you have today to choose from.

For me it is okay to say Avira at the point of time was better; lots of things have changed during 23 years.

 

[Parkinsond]

We are not comparing Avira with Kaspersky, and other companies also doing better pre-execution prevention are not mentioned.

The statement was that from the EU antiviruses, Eset is the best. Eset sadly is not the best, neither from the EU AVs, nor in general.

I use MD currently, so I do not care much about the minimal differences between EU AVs or 3rd party AVs in general.
Each major AV has its fans which will not hesitate to attack me if I state it is not the best one; we should consider establishing a league for, similar to UEFA.

 

[Trident]

Each major AV has its fans

Your statement that from the EU AVs Eset is the best, is also based on “being a fan”. You love the 700 different settings and 50 different features they offer (which others collectively call real-time protection). These settings and “features” give you a ground to play and pass time.

It’s not based on real world evidence where G Data, Avira, Avast/AVG or Bitdefender failed to protect a system, you analysed in depth and you established there was a compromise.

So you criticise “fans” when you yourself are a “fan”. I am not a fan of anyone, I’m a fan of companies that do their job well.

Eset may the best for you and your use case, but it doesn’t mean it’s the best (period).

 

[piquiteco]

We are not comparing Avira with Kaspersky, and other companies also doing better pre-execution prevention are not mentioned.

It wasn't me, it was @Parkinsond who said it. I only said that Avira removed the malware at the time, but K couldn't remove it. That post-execution thing that Parkinsond himself sometimes comments on, right?

The statement was that from the EU antiviruses, Eset is the best. Eset sadly is not the best, neither from the EU AVs, nor in general.

I can only say that you have more experience than I do. I used Eset for a short period of time, back when it was called NOD32 by some, so I can't say whether it's good or bad, but if you say so, I believe you. It's not that I'm sucking up to you, but all the products and information you mentioned and your experience with them, such as Trend Micro, McAfee, ZoneAlarm, and your information has always been accurate, and it helped me choose an AV and changed my point of view. I didn't look at the McAfee GUI, and now I'm loving it.

 

[Parkinsond]

Your statement that from the EU AVs Eset is the best, is also based on “being a fan”

Never used ESET before; only free solutions.
But independent tests, and lost of MT members believe it is.

 

[Trident]

It wasn't me, it was @Parkinsond who said it. I only said that Avira removed the malware at the time, but K couldn't remove it. That post-execution thing that Parkinsond himself sometimes comments on, right?

I can only say that you have more experience than I do. I used Eset for a short period of time, back when it was called NOD32 by some, so I can't say whether it's good or bad, but if you say so, I believe you. It's not that I'm sucking up to you, but all the products and information you mentioned and your experience with them, such as Trend Micro, McAfee, ZoneAlarm, and your information has always been accurate, and it helped me choose an AV and changed my point of view. I didn't look at the McAfee GUI, and now I'm loving it.

I know it’s not you hahah
One thing you should know about me, in this forum, I got eyes on my back as well, there aren’t any posts that escape me.

I thank you for you kind words and I can say from my time here, I’ve tried to “disrupt” one practice — and that’s the practice, every time someone asks for recommendation, a bunch of people loving their own AVs jump to recommend what they use.

If you dare recommend something else, a lot of posting occurs, rarely containing any technical or factual information.

So I’ve spend a lot of time demonstrating that the market is not just 2-3 AVs — there are many vendors doing their job well.

Anyone who works and improves, sooner or later falls under my spotlight.

 

[Vitali Ortzi]

I’ve already started deploying McAfee on all family devices, effectively replacing Trend Micro. Trend Micro is another contender.

I obviously use Check Point on my devices.

My advice when installing security software for family, look for the options that are easiest to use. Pay particular attention to alerts and ensure the security software doesn’t make “a big deal “ out of things. Make sure the software respects the performance of the device.

Any problems — you will deal with them. So make sure there aren’t such.

how close is it to trellix and how is the behavioral parts compare to something like checkpoint wich is a beast in that regard

 

[Trident]

how close is it to trellix and how is the behavioral parts compare to something like checkpoint wich is a beast in that regard

Oh Trellix is first of all split, some products are the ex McAfee (with the old engines and everything) and some products are FireEye. Trellix sadly can not compete with Check Point — the Check Point threat intelligence and pre-execution prevention technologies like Emulation are very high up there. You can get all that through various Trellix appliances, but it’s gonna cost you.

The new McAfee technologies are McAfee patents — Musarumbra/Trellix did not pay for them and have no access. From the point of acquisition onwards, Musarumbra develops the products further.

 

[Trident]

Never used ESET before; only free solutions.
But independent tests, and lost of MT members believe it is.

Which independent tests? The one time Eset got product of the year (along with many others that got various awards)? Others (Bitdefender for example) have been winning these awards times and times again? Or the MRG Effitas last test, where Eset and Trend Micro were the only 2 solutions to fail? Or the AV-Test.org and AVLabs PL where everyone is awarded? Or the VB100 test where third-grade solutions are also VB100 certified?

I am curious which test mentions “Eset is the best of all EU AVs”? Cuz I can’t find it

That’s just test results being extrapolated as one wants to see them.

What users “believe” is another question.

 

[piquiteco]

Which independent tests? The one time Eset got product of the year (along with many others that got various awards)? Others (Bitdefender for example) have been winning these awards times and times again? Or the MRG Effitas last test, where Eset and Trend Micro were the only 2 solutions to fail? Or the AV-Test.org and AVLabs PL where everyone is awarded? Or the VB100 test where third-grade solutions are also VB100 certified?

With all due respect to the companies, I don't really believe in the tests they conduct. What about you?

 

[Parkinsond]

Which independent tests? The one time Eset got product of the year (along with many others that got various awards)? Others (Bitdefender for example) have been winning these awards times and times again? Or the MRG Effitas last test, where Eset and Trend Micro were the only 2 solutions to fail? Or the AV-Test.org and AVLabs PL where everyone is awarded? Or the VB100 test where third-grade solutions are also VB100 certified?

I am curious which test mentions “Eset is the best of all EU AVs”? Cuz I can’t find it

That’s just test results being extrapolated as one wants to see them.

What users “believe” is another question.

so would you please recommend against sharing such test results on MT as they are useless according to your point of view?

 

[piquiteco]

HIPS was set on default levels,

Really? default levels?

I’m sorry but on any non-automated levels this HIPS is useless,

it displays 5 alerts every time you move the mouse.

You made me laugh and reminded me of Comodo HIPS in paranoid mode.

 

[Trident]

With all due respect to the companies, I don't really believe in the tests they conduct. What about you?

These tests do have some meaning and authority

so would you please recommend against sharing such test results on MT as they are useless according to your point of view?

Don’t “twist” now
Please share the tests that said Eset is the best? Because the one that you shared contained a lot of superlatives towards many vendors and also, more recent tests placed other solutions on more favourable positions.

So please provide the evidence that:
Eset is the best of all EU AVs (1)
Eset has the highest pre-execution protection as you claim (2).

I am looking at this s AV-Labs test and I see Eset achieved <70% pre-execution prevention, whilst WatchGuard/Panda, F-Secure, Bitdefender and others had higher results. The highest pre-execution prevention was achieved by McAfee, missing just one damaged and corrupted sample Malware analysis 8eb08322033f193a5e7ea16d83c0cd324efaaab628fb245bdb27f6977c2a6d86 Malicious activity | ANY.RUN - Malware Sandbox Online
(and a few samples were detected post-launch) but you said EU AVs, so we are removing McAfee.

Recent Results » AVLab Cybersecurity Foundation

The latest results of the Advanced In-The-Wild-Malware Test, in which we regularly evaluate software designed to protect devices.

avlab.pl

Please go ahead and share these “tests” that claim Eset is the best and has the highest pre-execution prevention.

 

[piquiteco]

I am looking at this s AV-Labs test and I see Eset achieved <70% pre-execution prevention, whilst WatchGuard/Panda, F-Secure, Bitdefender and others had higher results. The highest pre-execution prevention was achieved by McAfee, missing just one damaged and corrupted sample Malware analysis 8eb08322033f193a5e7ea16d83c0cd324efaaab628fb245bdb27f6977c2a6d86 Malicious activity | ANY.RUN - Malware Sandbox Online
(and a few samples were detected post-launch) but you said EU AVs, so we are removing McAfee.

So, was that the only sample McAfee missed? I downloaded it here, and it says in the description: WiFi Password Key Generator Software

 

[Trident]

So, was that the only sample McAfee missed? I downloaded it here, and it says in the description: WiFi Password Key Generator Software

I checked the table provided by AV-Lab and that was the only one missed, it can be verified here.

https://avlab.pl/en/wp-content/uploads/2025/06/Report-Summary-May-2025.csv

The sample is corrupted nevertheless.

Keep in mind that’s before the introduction of TLSH by McAfee.

McAfee achieved almost 100% pre-execution prevention, but again, the statement was that Eset is the best of all EU AVs (not the best of all).

Eset missed this sample:

VirusTotal

VirusTotal

www.virustotal.com