Jump to content

MBAM does unpublished, unexpected "good" things to corrupt system.


Recommended Posts

This is more of a puzzle than a problem, but my troubled mind is hungry for the solution.  Ultimately, restoring from a backup is the only 100%  "solution" to this problem, but understanding the puzzle seems more important right now.


The problem started with 3 consecutive power outages at a customer site, but only 1 of 9 computers were corrupted.  That particular hot-rod Windows 8 host machine is using VMWare to provide XP, where some critical applications live.  XP was presenting the not-uncommon "no taskbar, no desktop icons" symptom.  After scratching my head for awhile, and seeing evidence online that it could be caused by viruses or other nastyware, I launched Malwarebytes via Task Manager which was set to show processes.  After about 30 seconds, both the icons and the taskbar appeared, and our startup script ran (visibly).  After that it seemed 100% after a variety of tests.  


Logged off the account, logged back in, all symptoms return.  Tested multiple applications to see if they would have an effect similar to Malwarebytes, but MBAM was the only one that would stimulate the desktop to appear and be fully functional.  Consistently.


There were 4 user accounts on that machine, and all were affected by the malady except for the original administrator account, which seemed 100%.  Created a new user account and it was also identically affected.


My question, for posterity, would be "what is MBAM doing to whatever, that causes the problem to go away"?  I thought that Task Manager might illuminate the culprit, but I haven't been able to figure it out.  


Tried to attach 7 mb mp4 vid to this post, but apparently it's not allowed.  It's only :47 long though, and gets right to the point.


Thanks for pondering,


H Nolan


Link to post
Share on other sites

  • Root Admin

Please try the following.

Please visit the following site and run the fixit tool from Microsoft.
Fix Windows Desktop Search when it crashes or not showing results

Then run a disk check. From a command prompt and press the Y key when asked if you want to run it after a restart.


Don't restart just yet. Now reinstall the VMware Tools and do the restart and let the disk check run.

Then let us know how it goes.

Link to post
Share on other sites

  • Root Admin

Please shut down the computer and create a new Snapshot of the system. Then start it back up and run the following


Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.




Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

  • Root Admin

The logs indicate that the Window Search fix was not run properly or was unable to correct all damage.

Please try running it again.

It also has this error which could certainly cause issues

Error: (10/21/2014 04:14:24 AM) (Source: EventLog) (User: )

Description: A driver packet received from the I/O subsystem was invalid. The data is the


With the symptoms you're having and no immediate fix at hand we can try the following to see if it helps. If it does not help then you may need to backup your data and do a Factory Reinstall of Windows.

Download Portable Windows Repair (all in one) from one of the following:




Unzip the contents into a newly created folder on your desktop.

Open the folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"


From the main GUI do the following:

Select Tab 5 and Create System Restore Point


Select Start Repairs tab => Click the Start


The repairs window will open, Check the boxes as indicated, also the "Restart" option, then select Start...


DON'T use the computer while each scan is in progress.

Post the log, to access select "settings" tab > "open log folder" tab, log will be named _Windows_Repair_Log


Let me see that log, any improvement?

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.