You're comparing apples with oranges...

If the question is really "why can't reputable ISP's all run Nroton [or equivalent] ?" then that's a separate issue, to which there are two parts:

1. Performance. Virus/anti-spam filtering consumes huge amounts of compute power. It is very expensive to build a resilient infrastructure that has adequate performance to do this. And many ISP will reason that it's more effective to have hundreds of their customers all complaining to the sender, rather than one ISP saying we've stopped a hundred copies of this virus/spam. Plus it's cheaper

2. Privacy vs. efficay. When I recently surveyed my user population (who are a very diverse bunch), by far the two most common responses I got were:

I Do anything you like as long as you stop the spam. I dont' even care if your block legitiamte email.

II How dare you intercept my mail. It is utterly unacceptable that there is even the faintest possibility that legitmate email may get blocked.

Of course, I got almost equal numbers supporting each position and I suspect that this would apply to most ISPs

Since it is not possible to satisfy both at the same time, many service providers take the easy option of not intercepting. Although it is the easy way out, it's not entirely obvious that it's the wrong thing to do. The issue of false positives (that is incorrectly identifying legitimate email as a spam or virus) is a significant one.

It's not at all obvious which is the right thing to do here. Perhaps it would be illuminating to run a poll on I and II to see what Pruners think... ?