I have a concern for something that has just happened with my system. I recently just came back from a two month holiday so I have not used my home desktop for these past two months. However, when I booted it up for the first time right now, I noticed a warning from Windows Defender notifying me about a security threat that is Trojan:JS/Malgent!MSR. When I tried to look into it further, the notification tray disappeared and it seemed like the threat disappeared. I went into my protection history and found that it was a Severe threat that was quarantined affecting the following items:
file: C:\Users\Anthony Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\llimhhconnjiflfimocjggfjdlmlhblm\1.5.7_0\javascripts\background.js
file: C:\Users\Anthony Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\llimhhconnjiflfimocjggfjdlmlhblm\1.5.7_0\javascripts\libs\safe-browsing.js
What should I do to make sure that my system is safe and nothing has been compromised? There is an action button to remove or restore so I assume I should remove. I also downloaded Malwarebytes to run a full system scan but I have not gotten the results back as of yet. Any help and steps towards cleaning my system will be appreciated as I get easily anxious about security and privacy.
Update:
I did some research regarding my chrome extensions and this might be something to do with a Reader Mode extension. This is odd as I don't remember installing this chrome extension and apparently it was involved in a phishing incident so now I am not sure what to do to fully secure all of my accounts. Is there a way to see install history so I can backtrack what happened? I'm not really too sure what to do so would like some help.
Update 2:
Looked through my my google account history and found that at 1:44am on March 18 2024 I visited Miro, reader mode, Miro, then this website https://offer.shoppermeet.net/monetizex?queryid=iqg2c7aw4nmzhndrvahv72nrym&b=miro (did not open the website to inspect), then "Used Chrome". Not sure what this means but reading the history before that it looks like I was working on a uni assignment but the activity I just listed does not seem normal. Other times I visited reader mode after this was Nov 23, 2024 where I visited Visited Reader Mode - Updated! and the following day Nov 24, 2024 where I visited Visited Reader Mode - Updated! and then searched for reader mode after this. I am not sure how this happened but now I am very concerned about my account security.