Guideline of checking if your desktop infected and the follow up actions

This module is designed for non-technical users to help identify, contain, and recover from potential computer infections or hacks.

What you will learn:

  • How to tell the difference between a real virus and a "fake" scam pop-up.
  • What to do immediately if you think you are hacked.
  • How to secure your accounts and prevent future attacks.

Click "1. Signs of Infection" in the menu to get started.

Step 1: Signs of Infection

Not every computer glitch is a hack. Learn to distinguish between real threats and common annoyances.

⚠️ Common Scam: The "Browser Notification"

Scenario: You see pop-ups in the corner of your screen saying "System Infected" or "McAfee Expired," even when your browser is closed.

The Truth: This is rarely a virus. You likely clicked "Allow Notifications" on a shady website.

The Fix: Go to Browser Settings > Privacy > Site Settings > Notifications. Remove suspicious websites.

Real Red Flags

  • Unexpected Slowness: High fan noise when doing nothing.
  • New Extensions: Toolbars or search engines you didn't install.
  • Mouse/Cursor Moving: Without you touching it (Immediate disconnect required).
  • Account Alerts: Emails saying "New login from [Country]" that wasn't you.

How to Check Safely

1. Windows Users

Open Windows Security > Virus & threat protection > Quick Scan. Avoid using "Process Explorer" unless you are an expert; stick to standard Task Manager.

2. macOS Users

Your Mac has an invisible guard called XProtect that runs automatically. You cannot "open" it. For a manual check, download the free version of Malwarebytes.

Step 2: Immediate Actions

If you confirmed a threat, act fast. Don't panic.

1. Disconnect Immediately

Unplug your Ethernet cable or turn off Wi-Fi. This stops the malware from sending your data to the hacker.

2. The "Full Screen" Scam Freeze

If your browser freezes with a siren noise and a phone number on screen, DO NOT CALL THE NUMBER. It is a script, not a hack.

Fix: Force close the browser.

  • Windows: Alt + F4 or Ctrl+Shift+Esc to end task.
  • Mac: Cmd + Option + Esc to Force Quit.

3. Safe Mode

Restarting in Safe Mode loads only essential files, preventing viruses from running.

  • Windows: Hold Shift while clicking Restart > Troubleshoot > Startup Settings.
  • Mac: Shut down, then hold Shift immediately upon starting up until you see the login window.

Step 3: Recovery & Prevention

Once the virus is removed, you must secure your data.

1. Password Security (Critical Update)

Do not use LastPass. Recent breaches have made it less secure.

Recommendation: Use Bitwarden (Free/Open Source) or 1Password. Alternatively, the built-in password managers in Apple/Google ecosystems are better than using the same password everywhere.

⚠️ Crucial Step: "Sign Out All Sessions"

Changing your password might not kick the hacker out immediately. Look for a button in your Google/Facebook/Microsoft security settings that says "Sign out of all devices."

2. Check Email Forwarding

Hackers often set up "Rules" to forward a copy of your emails to them. Check your Email Settings > Forwarding/Filters and delete anything you didn't create.

3. When to seek Pro Help

If files are encrypted (Ransomware) or you feel overwhelmed, take the device to a reputable shop (e.g., Geek Squad, Apple Genius Bar). Avoid online "remote tech support" ads.

📝 Knowledge Check

Test what you've learned. Click the option you think is correct.


Q1: A pop-up appears in the corner of your screen saying "Virus Detected! Click here to fix." What is the most likely cause?

Q2: You suspect you are hacked. What is the very first physical step you should take?

Q3: After removing malware and changing your email password, what else must you check in your email settings?

Q4: Your browser suddenly freezes, a siren noise plays, and a big screen tells you to call "Apple/Microsoft Support". What do you do?

Q5: You discover your files are encrypted (Ransomware) and a note demands $500. What is the expert advice?