Avatar of frankbustos
Flag for United States of America asked on

My XP computer was infected with spyware and malware

after I cleaned it with malwarebytes, it worked ok for 2days and now what it does is the internet explorer doesn't open but after I reboot if works fine for a day and then the next day it stops responding again. I tried to run malwarebytes again and I get a pop up that says this:

c:\program files\malwabytes' anti-malware\mbam.exe
windows cannot access the specific device, path or file. you may not have the appropiate permissions to access the item

i'm logged in as admin.

please help me

Avatar of undefined
Last Comment

8/22/2022 - Mon

Have you tried running Malwarebytes from safe mode?  That is what I would try next.
Sudeep Sharma

Go to :

c:\program files\malwabytes' anti-malware

and check if you could find it there (mbam.exe)

If not then probably you would have uninstalled it accidentally or it might have be removed or disabled by some nasty malware or virus.

Further you should not run the program and tools in safe mode, you should run them in Normal Mode

I also suggest to go through the following articles before cleanup

Run Rogue Killer before MalwareBytes without any reboot in between.

https://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
https://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
https://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.


View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Thomas Zucker-Scharff

A couple of questions first:

Is your computer running an Award BIOS?  If so, you may have the nasty BIOS rootkit that pretty much means replacing the BIOS chip.  Also take a gander at my article on rootkits and reviews of the tools to treat them (https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_2245-Anti-rootkit-software.html).  SSharma's suggestions are sound, especially about RogueKiller.  

But before you go crazy, have you tried doing a system restore.  I ran into a similar problem and found that the user had not tried System Restore yet.  Once they did they back up and running in no time.

Check out these articles on System Restore:


It is important you DO NOT remove your system restore files until you have your machine back up and running properly.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes

Appears that you still have the TDSS root kit. Download and run TDSSKiller.

After removing TDSS, post back if you are still having problems opening programs -- including MBAM.


  I ran TDSSKiller and it let me install re-install malwarebytes and i'm running a scan now but it didn't allow my system to get an ip address from dhcp, I had to put in a static manually???? so far malwarebytes have found 8 threats and still scanning.

Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.

I ran rogue and same problem. I can browse Internet but can't get to any map drives on the network. If I select dhcp to get an ip, it jut spins and spins.
Thomas Zucker-Scharff

Did you check your hosts file? (windows/system32/drivers/etc)

yes, I did and the host file looks ok. I'm about to format this thing, i've spent way too much time on it. I can't believe there is nothing out there to clean this and avoid formatting!! this spyware/malware/trojan, virus crap stinks!!
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Thomas Zucker-Scharff

Have backed up?  Have you tried using Ubuntu?  If you tried everything, including all the suggestions on this page, a clean install may be in order.  Do make sure you are not using an Award Bios first though.  If you are you can reinstall Windows and if you have the BIOS rootkit it will reinfect the new install.  In that case you need a new BIOS chip.

no, I haven't tried abuntu...what is that and where do I find it? yes, I have backup the data and i'm not using award bios.
Julian Hernandez

Ubuntu is Just another Operating System Like XP
for more info go here
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Thomas Zucker-Scharff

I use SARDU to create a bootable USB or DVD with all the necessary tools.  It is easy to use and has all the links you need with the click of a button.  Try it here:http://www.sarducd.it/downloads.html.  You can also read my article about it here: https://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html

Note that the article refers to the previous version of SARDU, so everything is actually easier.

Before nuking the disk, run ComboFix. If it doesn't clear the problem(s), then best option is probably a clean install. We've apparently gotten it relatively clean but something is still present. ComboFix will remove malware and root kits that MBAM will not. Follow instructions in link.

thanks everyone for your help, but at the end a clean install was my only option. Not even combofix helped or anything. I just formatted the drive and installed XP and restore my data.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.