The past few days - perhaps a week - a win10 laptop that is used only for internet, some research collation, hangouts/drive/project management, entertainment (music/video) simple photoshop / illustrator or after effects tasks, VM / kali, occasional offsite for projection, some casual games (standalone or through Steam platform) and comic / epub reader... it has been displaying some strange behaviour.
Due to some .exes being quarantined, I do often not use live protection on this device. Instead choose to run if needed, MWB / FSRT / GMER (which notices rootkit like behaviour in sector 0 of HDD at startup, appears normal, but BSOD, driver IRQ not less than or equal issue during any scan).
The behaviour mostly extends to Firefox (default), in which I will return to the machine to discover a search has been made (or two, often the first has a typo and the second is corrected with safesearch off) and grinds to a halt if it uses more than one or two tabs, but also there have been instances where a character or string of characters has appeared while typing and I know I didn't make that typo.
Chrome and Edge appear fine.
Cursor has moved, windows (esp of images - inside win10 photo display - I am using as study for painting) have suddenly closed without warning.
More alarmingly,over the past few days, there has been some download (does not appear in any browser's download list) of easily available, script-kiddie destructive virus or bloatware / trojan installers.
Luckily, defender has caught these (eg, ..\Downloads\win32.EvilClusterbleep.exe - which is strange, as my browser's default download location is the desktop...) and/or I have spotted the download in progress and disconnected from 'net.
Additionally, the default for MSpaint (to save screenshot to show) is usually desktop - just now, it was system32 directory.
Several scans with various software have detected no virus or spyware active on the machine.
There are no unrecognised processes nor start-ups listed.
I am unsure what to do - I have not been in this situation before.
Any advice or suggestions would be greatly appreciated.
/* additionally, I have been at war with a guy from a BBS or USENET (I forget where, even why...) since the 1990's - attacks trailed off over past several years, but still every year at least one around Christmas time (like a greetings card). We are both alone, no family or reliable friends or partners - I understand perhaps it is difficult for some people at this time of year. Maybe it is a tradition for us now..? But... To use "brickurPC" virus - especially one that is not hand-made - it is not his MO. Therefore, I do not believe it is him. But I do make a lot "friends" like this online... even moreso now the internet is more than bad poetry, messageboards, warez and ascii pron */