Check for unexpected pop-ups, redirects, or new browser extensions you didn’t install
Notice sudden changes in homepage, search engine, or browser settings
Watch for programs you don’t recognize in your browser extensions or installed apps list
Look for unfamiliar startup items or background processes
Notice frequent crashes, freezes, or unusual system slowdowns
Observe high CPU, memory, disk, or network usage when you’re not running demanding tasks
Check for repeated attempts to open or run unknown files or processes
Monitor for unexpected additional accounts, scheduled tasks, or services you didn’t create
Look for new or changed files in common folders (Downloads, Desktop, Documents)
Check whether your antivirus or security tools are disabled, blocked, or repeatedly turned off
Confirm Windows Security (or your installed antivirus) is up to date and running real-time protection
Run a full system scan using Windows Security or your antivirus
Run an offline scan (if available)
Use a reputable second-opinion scanner (on-demand, not just a single product)
Verify your OS and browser are fully updated with the latest security patches
Check event logs for suspicious activity (Windows Event Viewer)
Review “Installed Apps” and “Programs and Features” for unknown software
Inspect startup apps (Task Manager → Startup) and disable suspicious entries
Scan removable drives (USB/external drives) if they were used recently
Check network connections for unknown or suspicious outbound traffic (Task Manager → Performance/Processes, or a network monitor)
If you suspect ransomware or credential theft, disconnect from the internet immediately
Change passwords from a trusted device after removing threats (especially email, banking, and password managers)
If infections persist, consider creating a backup and performing a clean reinstall of the OS