I am not entirely sure I have one but want to be absolutely positive!
I run a VM a lot, it has some PUP/crapware on it but nothing malware or too terrible. It's just something I mess around with sometimes. When I shut it down a few days ago, everything a few minutes later flashed on my taskbar as if a new program had been installed. Every time I install a program, I have a kinda slow hard drive, so my computer will always make every icon in my taskbar disappear or suddenly turn into a piece of paper icon, then they all go back slowly to original icon (as well as desktop icons). It's normal but this time it happened after shutting my VM off, which is VirtualBox. This happened after a LogMeIn session on the VM with an untrustworthy source that was reported for abuse shortly after. I have no shared folders between the VM and my host computer.
My computer ever since then has had some little problems, such as when in Discord I cannot scroll up and it gets locked down as if its being held down, but the kicker today is I checked task manager and saw these strange consoles open that I had never opened. When trying to end them it gave me an error of denied access. The entire computer then froze for about 30 seconds. When I clicked OK they were still there, and then suddenly all disappeared. I have a picture of them I took while they were there because I freaked out.
I would love a walk through of some stuff I can do just in case to be absolutely positive there isn't anything there if that's ok and not taking up anyones time. But if anything is suspected, I am fine with taking any measure to protect my data.
I would like to mention that I switched from my router's normal DNS to cloudflare's quad1 today because the normal DNS was behaving awfully. A friend of mine who works in PC repair said that my location is an easy target for people and I should be wary. I don't know if this helps, but I just want to give as much info as I can. Also, I may get something wrong here in computer terms as I know little about networking, I apologize.
The only thing I've installed today is a jar file for a Minecraft mod by a well-known modder called DrZhark, which was on a "riskware" site called Zipansion - I had to add it to exclusions, so could this perhaps be it? I was told it was a false positive by the developer and several other people, but I would like to be sure. They said it's associated with Adfly which MBAM doesn't like, but I don't know anything about this stuff.
Sorry for the novel, I hope it's not too much of a mess. Thanks in advance to anyone who replies, you guys are amazing.