[vacri]

So, I had to clean some viruses off a Windows 7 machine for a friend recently. I had to grab about six different bits of anti-malware software to do so. Some of that software came from famous vendors' sites where the downloaded software wasn't even protected by https. No real way to externally validate the item I was about to install on a system which is already known to be compromised.

Some of the installers tried to install bundled crapware - which is frequent in the Windows world, and you have to watch out for it with every installer.

I hadn't done any real work on Windows for so long that I'd forgotten the whole "is this even safe to download?" problem that Windows has with it's applications.

[jimmaswell]

Are you sure Microsoft's antivirus wasn't enough?

[vacri]

The (main) virus came through a user brainfart clicking on something she shouldn't have, so it got to install directly with admin privs. Amongst other things, it managed to block the MS AV from running properly and hijacked the DNS, which I had to manually reset. I can't recall how MS AV was blocked, sorry. Once it was all cleaned up I left it with MS AV active, though.

I'm not all that experienced in cleaning windows machines these days, but I do remember that each of the tools I ran cleared out something beyond just 'tracking cookies' - and each of them got something that the others didn't.

I certainly feel for mere mortals that have to do this sort of stuff on their own, given that the anti-malware websites frequently have the same garish in-your-face appearance and crappy download sites as malware-supply websites do.