My stock solution is to disconnect from network/internet, remove the crapware “anti-malware” software, blacklight to check for rootkits, Microsoft safety scanner, some of the AV quick scanners, install Kaspersky AV, reconnect to the network/internet and patch the machine.
Ideally, if a user is backing up their data, just format the machine, re-install with an unattended install disk (nLite for the win), install KAV, connect to internet, patch. Microsoft killed off any offline patching utilities. But if you’re clever, you can isolate a port on a switch to only connect with your WSUS server.
You should not be using multiple AV/AM (anti-virus, anti-malware) products under normal circumstances. Pick a good AV and use it solely under normal circumstances. Trend, F-Secure, KAV are top tier. McAfee, Bitdefender, Norton, Clam, Microsoft Security Essentials are second tier. NOD32, AVG, et al are third tier.
Patch your OS and software regularly. Backup your info regularly. This is as important or more important than your AV/AM solution.