If you look on any major forum which discusses computer security, you will probably find people, or teams of people, who dedicate a large proportion of their time to helping users remove malware from their computers.
These teams typically dedicate several hours a day to going through posts on the forum and helping users locate and remove malware. This process is aided by one or more tools which scan a system for malware and optionally remove some of it. My concern is that people rely far too much on other people to fix their mistakes, than trying not to make them in the first place.
These malware-removal types have started to make documents on generic ways to detect and remove malware, which is a start, but really they need to emphasise the methods of keeping your system clean to begin with. In fact, not only that, but ISPs and IT sellers should emphasise the importance of antivirus software which is regularly updated, to their customers.
Considering that there are several free antivirus programs around, there really is no excuse for not running one! Note, here, that “I’m running Linux” still is not a valid excuse for not having virus scanners; even if Linux is itself immune to most viruses, worms, etc, it can still be used as a node along the path to infecting more users.
Especially since mail attachments sent to a Linux system without a virus scanner would not be scanned, and the Linux user may then go on to send that attachment to a Windows user, who would open it thinking it comes from a reliable source. Using a virus scanner, and educating users in prevention rather than cure, is the direction I’d like to see being taken more often.
Unfortunately, there is no accountability for ISPs or vendors, so this won’t happen.