Comment by sentimentscan

The issue for me is privacy, practically all AV are root level spyware, you don't know what are they sending or how, EULA are nightmarish. They can send logs, files to outside server because so, the code is not available or even opt out of diagnostics. They monitor browser data and send it to outside servers.

I mean I can't say all of them do it, but most of them and those I have checked out. Examples: https://www.tomsguide.com/news/avast-avg-data-collection

For paid one lets look for EULA (that one mentioned above with VB100 100% Detection ) eset

https://help.eset.com/eav/18/en-US/eula.html >b) Forwarding of infiltrations and information to the Provider. The Software contains functions which collect samples of computer viruses and other malicious computer programs and suspicious, problematic, potentially unwanted or potentially unsafe objects such as files, URLs, IP packets and ethernet frames ("Infiltrations") and then send them to the Provider, including but not limited to information about the installation process, the Computer and/or the platform on which the Software is installed and, information about the operations and functionality of the Software ("Information"). The Information and Infiltrations may contain data (including randomly or accidentally obtained personal data) about the End User or other users of the Computer on which the Software is installed, and files affected by Infiltrations with associated metadata ... >For the purpose of this Agreement, it is necessary to collect, process and store data enabling the Provider to identify You in compliance with Privacy Policy