Five reasons antivirus has gotten worse

Third-party antivirus has slowly fallen out of favour with users. But what happened to make this software lose users' trust?

Antivirus used to be a mainstay of any home desktop. Software like McAfee was basically essential, and weekly virus scans were a feature of lots of people's early experience of 2000's home computers. But in the last decade, third-party antivirus has all but disappeared as a requirement for a new PC, and it seems less effective than ever at stopping legitimate threats to your PC, all while getting slower, more bloated and increasingly expensive. But what happened to antivirus? How did a once commonplace bit of software end up in relative obscurity? Here are five reasons why we think antivirus has gotten worse.

1.   Viruses are more complex

Simply removing a virus isn't as easy as it used to be

One key reason why antivirus software isn't as popular as it used to be is that it's fundamentally become far less effective. In the past, antivirus software had a decent chance at identifying a malicious binary or a bit of software once it was running, isolating the process, and removing any associated files it had opened. This was often enough to isolate and remove a relatively simple bit of malware, though it was always far from foolproof. However, as the potential for profitable exploitation has exploded (the rise of internet banking hasn't helped), the complexity of malware has also ballooned, making it far more difficult to remove malware once it's active on a machine.

Modern malware can use any number of exploits, techniques, and tricks to not only obfuscate its function, but to lodge itself into an operating system in a way that's extremely difficult to detect or remove. This is why, in recent years, it's become commonplace advice to physically isolate any infected PC from your network and reinstall your operating system entirely. In the case of rootkits, it may even be needed to entirely dispose of an affected PC.

This has been standard in corporate circles for a while — any affected devices would likely be nuked (or disposed of and replaced) and a full digital-forensic investigation launched to isolate any other devices that may have had contact with an affected device.

2.   Windows Defender has gotten better

First-party antivirus will always have an advantage

Microsoft introduced Security Essentials in 2009, designed as a lightweight replacement for the aging Windows Defender which shipped with Windows XP. While praised for being lightweight and easy to use, Security Essentials was often deficient at detecting malware. Windows 8 then essentially rebranded version of Security Essentials, once again named as Windows Defender (confusing, right?), which has slowly become the total 'Windows Security' package we have on Windows today.

However, despite significant failings in the early 2010's (Security Essentials was often considered effectively moot at actually detecting malware), Windows Defender has slowly improved over the last few years, and as of December 2023 has received a similar outstanding score in all categories from av-test.org's continuous antivirus analysis tests. This is in comparison to the same site's tests in December 2012, which gave Microsoft Security Essentials a mere 1.5/6 for protection.

While Windows Defender might not be the best antivirus on the market, it's easily good enough in comparison to its competition that, for most people, the extra hassle and cost of installing a third-party product was simply no longer worth it.

3.   Rising number of threats

More malware means more work to counter it.

Another problem facing antivirus companies has been a rising number of threats. As the internet has been used more and more as the backbone of many of our social and financial lives, the profitability and range of targets for exploitation has exploded. Zero-day vulnerabilities are now worth millions in common software, as their potential is huge. In comparison, while being affected by a virus in the 2000s might cost you some family photos, it was unlikely to lead to extensive financial fraud or your credit card details being leaked online.

This larger target has grown the number of malicious actors attempting to exploit machines constantly, and while most big companies (and some governments) have bug-bounty programs to counter this, there are still new exploits, zero-day attacks and forms of malware being developed all the time. Keeping on top of the detection, fingerprinting, and signature analysis of these programs required for a lot of antivirus has become an increasingly difficult job for any antivirus company. Dynamic analysis tools based on machine learning and intelligent threat detection have helped this, but they're far from foolproof.

4.   Antivirus software is bloated

Development is expensive; it's much easier to upsell a VPN

As the effectiveness of antivirus software has declined, along with the number of people installing it, antivirus companies have looked for other ways to improve profitability. This has often involved bundling their products with other services not related to malware, like web filtering, VPNs, parental controls and online identity protection. These services can be useful, but are often bundled as part of bloated subscriptions and desktop applications. While this bloat may seem like a good idea, over time it's helped garner a reputation for antivirus software as effectively bloatware, not significantly better than your operating system's default antivirus and often pre-installed on lower-end laptops to help keep the store price low. These applications also gained reputations for being difficult to uninstall, with multiple steps required and plenty of "are you really sure?" prompts designed to scare users into keeping the software on their PC.

This hasn't been helped by some more nefarious practices, including free antivirus products quietly selling your browsing data, or even crypto-mining in the background on your PC. While there are good antiviruses out there, this reputational damage to the category as a whole has had an impact. There was also the push for antivirus on phones, which seems to have largely died out now.

5.   Antivirus software slows your PC down

Antivirus has a bad reputation for slow scans

None of this is again helped by the reputation of bloatware-antivirus from the 2000/2010's, which could grind most budget laptops to a halt for hours trawling through your OS install directories.

Antivirus products lost their way, but it's still kicking

There's still space in the market for third-party antivirus, and while we don't recommend it as a necessity for new PCs (provided you have your Windows security features enabled), it is still nice to have an added layer of protection. But antivirus got muddled somewhere, becoming pre-bundled scareware that could force your PC to a halt with horrible desktop applications and performance-choking scans. But there remains plenty of great antivirus software out there though. Just be careful to do your research and only pay for features that are actually keeping you safe.

Source