Daniel3618

Hello, I have a Kyocera Hydro Icon C6730 smart phone running Android 4.4.2 and several months ago, I believe one of the app's updates made it so that it no longer works on my phone. The big rectangular button to update now is unclickable. I can tap it with my finger as much as I want but nothing happens. I can force an update but only once. If the database is out of date a second time, I have to open my phone's settings and click clear MalwareByte's data and cache before selecting force update again but that makes it so the app thinks that I've never run a full scan. Thanks, Daniel

I first noticed this problem when the version 2 scanner was beta. It doesn't happen very often but it will get stuck on a random file and refuse to move on to the next one. I started a scan and then I took a nap so as you can see, it's been scanning 125 GB used space for nearly 3 hours! rather than minutes.

Addition.txt FRST.txt RKreport0_S_10052013_130624.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013Ran by Owner at 2013-10-05 12:57:58Running from C:\Users\Owner\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}==================== Installed Programs ======================7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)AutoHotkey 1.1.13.00 (Version: 1.1.13.00)CCleaner (Version: 4.05)Defraggler (Version: 2.15)eReg (x32 Version: 1.20.138.34)GIMP 2.8.6 (Version: 2.8.6)ImgBurn (x32 Version: 2.5.8.0)Java 7 Update 40 (64-bit) (Version: 7.0.400)Java 7 Update 40 (x32 Version: 7.0.400)Java Auto Updater (x32 Version: 2.1.9.8)Logitech SetPoint 6.61 (Version: 6.61.15)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Microsoft Security Client (Version: 4.3.0216.0)Microsoft Security Essentials (Version: 4.3.216.0)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)Mozilla Maintenance Service (x32 Version: 24.0)Roadkil's Unstoppable Copier Version 5.2 (x32)Spotify (HKCU Version: 0.9.4.178.g259772ba)Unlocker 1.9.2 (Version: 1.9.2)VLC media player 2.0.8 (x32 Version: 2.0.8)==================== Restore Points =========================26-09-2013 08:15:11 Tweaking.com - Windows Repair==================== Hosts content: ==========================2013-09-25 20:55 - 2013-09-25 20:54 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 google-analytics.com==================== Scheduled Tasks (whitelisted) =============Task: {2218B8F3-5143-4F5C-B662-A6EEC4D7A500} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2846198479-2662733381-2614574030-1000Task: {2D0F4152-49A6-4727-8FE3-F9518469CD9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-25] (Piriform Ltd)Task: {66604569-A719-4C1D-9221-C3E42AA677C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-25] (Adobe Systems Incorporated)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe==================== Loaded Modules (whitelisted) =============2010-07-14 23:44 - 2010-07-14 23:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll2013-09-25 20:54 - 2013-09-25 20:54 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll2013-09-25 20:54 - 2013-09-25 20:54 - 01019904 _____ () C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2irzh7ly.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll2013-09-26 23:49 - 2013-10-02 14:36 - 34604032 _____ () C:\Users\Owner\AppData\Roaming\Spotify\Data\libcef.dll2013-09-26 23:49 - 2013-10-02 14:36 - 00747008 _____ () C:\Users\Owner\AppData\Roaming\Spotify\Data\libglesv2.dll2013-09-26 23:49 - 2013-10-02 14:36 - 00137216 _____ () C:\Users\Owner\AppData\Roaming\Spotify\Data\libegl.dll==================== Safe Mode (whitelisted) ======================================= Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================System errors:=============Error: (10/04/2013 07:27:32 PM) (Source: Microsoft Antimalware) (User: )Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.159.733.0 Update Source: %NT AUTHORITY59 Update Stage: 4.3.0216.00 Source Path: 4.3.0216.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608Microsoft Office Sessions:============================================= Memory info =========================== Percentage of memory in use: 48%Total physical RAM: 4094.49 MBAvailable physical RAM: 2110.04 MBTotal Pagefile: 8187.17 MBAvailable Pagefile: 6140.07 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.81 MB==================== Drives ================================Drive c: () (Fixed) (Total:151.27 GB) (Free:134.25 GB) NTFSDrive d: () (Fixed) (Total:780.14 GB) (Free:140.79 GB) NTFSDrive e: (BartPE) (CDROM) (Total:0.15 GB) (Free:0 GB) CDFSDrive f: (WINDOWS 7) (Removable) (Total:3.93 GB) (Free:0.82 GB) FAT32==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E2C3B021)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=780 GB) - (Type=07 NTFS)========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)Partition 1: (Active) - (Size=4 GB) - (Type=0B)==================== End Of Log ============================RogueKiller V8.7.1 _x64_ [Oct 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 10/05/2013 13:06:24| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 7 ¤¤¤[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Users\Owner\Desktop\dds.scr [x]) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤¤¤¤ External Hives: ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 google-analytics.com¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST31000528AS ATA Device +++++--- User ---[MBR] dcc8f8d866d3caf4c54e9e340736b7c2[BSP] 68cb4271eea695d6519b0e29581b5c9f : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 154900 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 317442048 | Size: 798867 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_10052013_130624.txt >>

dds.txt attach.txt I'm have a reoccurnace of: C:\Users\Owner\AppData\Roaming\Microsoft\Credentials\Credentials.exe (Trojan.Agent)C:\Users\Owner\AppData\Roaming\Microsoft\Credentials\firstrun.png (Stolen.Data)Even after reinstalling Windows 7, included deleting partitions and a quick format of C:\ and Sysem Reserved. I left D:\ intact. The folder uses some sort of steatlh technology. It deletes itself why I try to mess with it.

I ran a full scan on my computer. A file named "C:\ ... firstrun.png (stolen.data)" appeared in the log file. Rather than show me what was stolen so I could specifically deal with those things, Mbam deleted the file. I changed all the passwords to my email and all accounts involving money. I would have done that either way, but there are a number of things that are in the I kind of care if it gets stolen but not enough to spend another hour changing passwords, like a gaming or forum account. It would be an inconvience to have that taken but I'd just submit a lost account request and get it back within a day or two. If that firstrun.png file was just placed on my desktop instead of deleted, I could have used it as a list of what was comprised and what I should change specifically. That is all.