I'm normally managing and monitoring my security very well. Today I decided to run a full scan using Windows Defender (I also run regular scans of Malware Bytes).
I got 1 threat found:
It was found in:
file: C:\Users\[me]\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\5675bcd41be1517f\120712-0049\Att\20007f71\RG910001293SIG.zip -> RG2083554235-SIG.js
I then cleared the file using Windows Defender's advice.
My question based on this, is how did it get there, and did downloading the zip automatically trigger the js contents? I know that websites can download stuff in the background, but as far as I know, unless someone opens that zip then nothing will happen. I have never and would never open an unknown zip, and especially wouldn't run a rogue JS file within one, so I'm 99% sure I'm safe, but I thought I'd ask the professionals!!
I've since run a full Windows Defender scan, a RogueKiller scan, and Malware Bytes (although that didn't even report it this morning), and have no issues found, but I'm interested in if I should be changing passwords etc...
Any advice on how it got there, information on what can and can't run, and even an opinion on if I should be concerned etc.. would be much appreciated!
Thank you all for any help!