HELP Please, have I got a trojan?

ih8stress

Hi. Me again!
Was having problems with Amazon yesterday saying I'd had too many OTP's, so couldn't sign in.
I did a malware bytes scan later, which was fine. I decided to do a Windows Defender full scan too.
After 6 hours it still had some to check but I needed to go to bed and it was showing no threats found, so I finished it.
Unfortunately it then said threats found.
HackTool:Win64/ProducKey.G!MSR
Trojan:Win32/Ymacco.AAAB

And to start the recommended actions.

I didn't know which one to pick, so went with the Microsoft Defender offline scan.
This came back with 'remediation incomplete on both.
I couldn't see any option of fixing this so ran a full malware scan but had to stop it after 3 hours as I needed to sleep and daren't leave my computer on and running.

Done a malware scan today, which was fine.
Didn't want to try another defender scan until I found out if I need to do something else first.
Oh, and still can't get a OTP from Amazon.

On a Windows 10 pc, 64 Pro

All advice welcome please but in very easy, step by step detail as I STILL don't get it!
Thanks 🙂

DE_612183

Microsoft Defender should remove that threat itself.

booneruk

Also, I guess anyone can trigger OTP if they have your username and password, so changing these would be one of the first things I try to do (which may be hard if you can't get an OTP). Maybe going to Amazon support would get you through a password change.

ih8stress

DE_612183 said:

Microsoft Defender should remove that threat itself.



I did the offline scan but the 'remediation incomplete ' message appeared afterwards with no indication of how to sort it, so I'm not sure if had gone?

I'm going to try another offline scan but can't find out if it's better to do this in Safe Mode or if Windows Defender works better in normal mode?

Oops, put my reply in the box by mistake

ih8stress

booneruk said:

Also, I guess anyone can trigger OTP if they have your username and password, so changing these would be one of the first things I try to do (which may be hard if you can't get an OTP). Maybe going to Amazon support would get you through a password change.

I tried a different account and got the same result. Googling it seems others have had this happening at times?

ih8stress

Just gone into safe mode with networking to try and do another Windows Defender offline scan but it won't proceed, keeps 

Loopng back to admin sign in page.
Going into Security and Maintenance it says that Windows Security Centre Service is turned off.
When I tried to turn it on, it said it couldn't be started.  
Is this because it's in Safe Mode with networking?
I daren't try too much in case I make things worse.
Did another malware bytes scan - not in Safe Mode as read it needs to be in normal mode.

Starting to tear my hair out here, totally out of my comfort zone with it all 😥

HillStreetBlues

If malware bytes didn't pick it up and you haven't downloads anything of late most likely a false positive and just a coincidence with the OTP.
 

forgotmyname

Windows inbuilt AV detects MS's own key checker as malware...

Worried to leave your PC on overnight?   Mines been running 24/7 for the last 18 months....
NAS boxes uptime over 4 years with zero power down time, just 20 minutes downtime whilst they installed fibre
broadband.

ih8stress

FInally managed to get Windows Defender to scan and quarantine the Trojan threat.

Have been unsuccessful with the HackTool one though.  Done 2 scans now (over 6 hours each time).
It finds the threat and 'takes action' but doesn't quarantine it and shows as 'remediation incomplete '.

I've tried doing a malware bytes scan on the affected drive but was taking too long (over 8 hours) and hadn't found anything when I stopped it.  

I've looked at a couple of YouTube videos which suggest downloading Spy Hunter OR trying to remove it manually.
Not clear if I'd have to download anything in normal mode, safe mode, or safe mode with network?I
Would Spy Hunter OR any other program be worth trying?

Thanks

Vitor

Having two AV solutions on the PC is hindering rather than helping, that's probably why the scans are taking so long as they are fighting each other and one may be detecting the malware file that the other has quarantined. 

NB Amazon OTP should be to your mobile.

ih8stress

Thanks for the quick reply @Vitor.
I forgot to mention that I've got the Amazon OTP back again. Yes, it goes to my mobile.
I'm more worried about getting rid of this virus threat asap.
Malwarebytes doesn't mention it in the quick scans and I've not successfully completed a custom scan with it.

It is Windows Defender that found them both but it doesn't quarantine this one for some reason?  So I am trying to find out how to get rid - within my very limited techie range.

I am reluctant to check emails or online banking until I know it is safe and am struggling on a fire tablet to do general surfing - not great at this time of year