I asked my friendly windows expert for tips, and here is what he said:
If you haven't already done so, try opening up the "task manager" and view the "Processes" tab. This is like 'top' where you can sort by CPU or memory usage to get a clue for where a problem might be. Sometimes you can right-click on a process and choose "end task" to kill them, but you notice that many of them just come right back after killing them. Windows uses "services", which is like systemd, and processes that run as a service will automatically relaunch if they get killed manually. You can open up the windows "services" panel (Start Button -> type "services") and manually stop them from that GUI. I usually do this sort of thing as I'm troubleshooting slowness issues.
If you do determine it to be Sophos, you'll need to uninstall it from the Windows add/remove programs GUI to fully clear out all of the system services and registry entries.
I run Windows 10 at home and Windows 11 at the office. If your computer is more than a year or two old, I'd stick with Windows 10 and not upgrade to 11. If you end up starting fresh with a new hard drive and CPU someday, that'd be a good time to do the Windows 11 move.
(My note on the above -- I asked him about Windows 11. But after asking him, I remembered that there was this crazy business about only being able to install Windows 11 on a machine that had a CPU with certain security/encryption extensions. Mine is an i7 3770 and entirely predates that sort of thing. This is a horrible tangle I have no interest in diving into.
I just use Windows Defender and nothing else. Search for "Windows Security" in your Start menu and you should get to the settings from there. You don't need to set up OneDrive, but click the first shield icon (virus & threat protection), then "manage settings" (middle), then be sure at least that first option is selected. See my settings attached below.
(I don't duplicate his screen shots here. The first was labeled "Security at a glance" up top. The top left entry was the shield that said "Virus and threat protection". That led to a second page, labeled as such. In that page were a bunch of switches that you could slide to the right to turn on. Dallan had them all on. The first was labeled "Real time protection".
I may ditch Sophos and do as Dallan does and just rely on the Windows Defender stuff that we just covered.
Tom's Computer Info / tom@mmto.org