The average computer user is aware of anti-virus and anti-spyware programs, but do they really work at removing your infection?  In my experience, they do not work, at least not 100% of the time or even close to that.

If you ask any experienced and competent IT professional what to do about an infected system, they should only give you one answer: format your hard drive and reinstall your operating system.  Why skip straight to the format/reinstall and disregard the anti-virus and anti-spyware removal tools?

1. Formatting and reinstalling your operating is the only 100% guaranteed way of removing an infection.  Formatting your hard drive will, for all intents and purposes, remove all data from your hard drive, including any malicious code.  Anti-virus and anti-spyware applications can almost never find and remediate every single infection (that is why you may have heard to use multiple anti-spyware scanning tools).
2. Virus and spyware removal can take many, many hours to complete.  First you have to scan your computer, then you must remove the infections.  If  you’re using multiple anti-spyware applications, you will have to scan and remediate with each piece of software.  The usual run time is about 1-2 hours depending on the speed of your computer and the size of your hard drive.  Add in multiple scans and you can easily see how this can take up lots of time.
3. Formatting your hard drive and reinstalling your OS does not take as much time as you think it would.  An average format/reinstall should be about 2 hours on the high end.  This is probably less time than it would take you to run your anti-virus and anti-spyware programs.
4. In my experience, use of spyware and virus removal tools can lead to no results, unexpected results, or even a completely unusable computer.  Say you have an infection on your computer and you run an anti-spyware application.  The program may not completely remove the infection, leaving it to populate on the next reboot.  Even worse, the scan can trigger some malicious code and leave the computer completely unusable (e.g. locks up at the log on screen, wipes entire hard drive and partition tables).  Because of these headaches and uncertainty, it is best to just skip ahead and do a format/reinstall.
5. Computer security is proactive, not reactive.  The point of anti-spyware and anti-virus programs is to keep malicious software off of your computer, not to remove the infection once it starts.  It is much easier to identify malicious software and keep it off of your computer than it is to remove the infection.  Everybody’s computer is different and there is no way to accurately provide remediation options for every single piece of malicious software.  Look at it in terms of probabilities.  While there may be a 50/50 chance that your anti-spyware/anti-virus program will remove the infection, there’s a definite 100% chance of removing the infection by formatting your hard drive and reinstalling your operating system.

To sum it up, there is no guarantee that anti-spyware and anti-virus programs will remove an infection.  The only guaranteed infection removal method is to format your hard drive and reinstall your operating system.  Formatting your hard drive will remove all data from your hard drive, including any malicious software you may have acquired.  On top of that, a format and reinstall usually takes less time, and can save you the headache of running a full fledged scan with multiple pieces of software.

In the past decade, firewall, anti-virus, and anti-spyware companies ramped up their marketing and made the dangers of the internet known to the public.  Their marketing, along with a large portion of the media, made it seem like firewall, anti-virus and anti-spyware programs are mandatory and that no computer will ever be safe without them.

If you’re an above average user, the truth is, you don’t really need any of the three.  Of course, there’s a catch: you must be aware of your actions.  Computers do not get infected on their own, it is usually the fault of the user.  Clicking on an unknown link, opening email attachments from someone you don’t know, and downloading files (hint hint: warez and keygens) via P2P (peer to peer) file sharing programs are all very common examples of how an infection starts.

My point is: Be smart about what you do.  Use common sense! If you don’t know where a file came from, don’t open it.  If you don’t know where a link points to, don’t click on it.  In other words, if in doubt, don’t do it!  By practicing safe computer usage habits, you leave yourself less vulnerable to spyware and viruses.

One thing I hate about anti-virus and anti-spyware programs are their “Real-Time” scanners which scan files and processes as they execute in real-time.  This can cause considerable lag depending on your system configuration.  Even on a high-end system, I can still notice the slow down caused by real-time scanning.  Because of that, I disable the real-time scanning feature with every anti-virus program I come across.  Doing so speeds up the PC slightly and you can always manually scan a file if you think it may contain malicious code.

In my opinion, the days of spyware ended as soon as Mozilla Firefox was released.  Before then, I used Internet Explorer 6 and I always found myself with some sort of adware.  Back in those days, I’ll admit I wasn’t as smart as I should have been, but the end result was still unacceptable.  As soon as I switched to Mozilla Firefox, I never had spyware problems again.  From that day forward, combined with good browsing habits, I never had a need to install anti-spyware programs onto my PC.

Firewalls are another story that make me laugh.  More than likely, you’ve probably seen a company which claimed your computer isn’t safe from hackers unless you have their firewall product.  First off, ask yourself this, “Why would any hacker waste time in trying to hack into my computer?” Most, if not all, self respecting hackers target corporations and organizations for some sort of gain.  Will hackers really gain anything by gaining access to pictures you took last summer?  Why would anybody target you in the first place? More than likely, the average user will not need a firewall to keep him/herself safe.  If you have a router (which lots of us do), you probably have a hardware firewall built into the router, thus, you do not need a software firewall product.  Second, if you’re running Windows XP or later, you already have a software firewall.  The Windows Firewall may not be as flexible as a mainstream firewall company’s product, but it works the same way by keeping unneeded ports closed.

I, personally, do not like anything other than a hardware firewall.  Having a software firewall causes too many interruptions because there’s always a pop-up notification asking you to block or unblock a program from reaching the internet and such.  On the other hand, a hardware firewall is configured once and stays that way until you manually need to make a change.  A typical user will not have to mess around with hardware firewall settings because the router is usually smart enough to recognize the traffic and route it appropriately.

I’m not trying to say that all firewall, anti-virus, and anti-spyware products are worthless.  I’m really trying to say that good browsing habits along with some common sense can mitigate 99% of all your risks regarding the latter.  Being aware is your number one defense against malicious code.