Robin Bignall wrote:
On Tue, 24 Nov 2009 14:42:04 +0000, Robin Bignall
wrote:

On Tue, 24 Nov 2009 08:53:29 -0500, "Daave"
wrote:


Robin Bignall wrote:
On Mon, 23 Nov 2009 18:40:34 -0500, "Daave"
wrote:

Robin Bignall wrote:

The message is:
infection:documents and settings\robin bignall\cookies\index.dat
could not be removed. file is no longer existent.

Googling the above didn't turn up many hits, which already points
to malware. I did manage to find a very similar message (with
"available" replacing "existent") he

http://translate.google.com/translat...tent%26hl%3Den

Another possibly relevant hit:

http://forums.techguy.org/malware-re...lp-please.html

I'm 99.9999999999999% sure you have malware. :-(

This page should help:

http://www.elephantboycomputers.com/...moving_Malware

(also cross-posting to microsoft.public.security.virus )

Thanks for your help. I spent lots of time last night doing
full/deep scans using Kaspersky 9, SAS, Asquared and Activescan2.
Nothing found. Am now starting MBAM...
Will look at your links after breakfast.

Sounds like you're on the right track. MBAM is quite good.

Sometimes, one needs to boot off a rescue CD. Check out these links
for more info:

http://www.free-av.com/en/tools/12/a...ue_system.html

http://www.techmixer.com/free-bootab...download-list/

(This way, the OS is entirely bypassed. Another method is to
physically remove your hard drive and slave it to another PC and
use the uncompromised PC to perform the scan.)

MBAM was clean. I'm now going to run everything in safe mode to
check.

Just ran MBAM, SAS and Kaspersky full scans in safe mode. Nothing
reported. On reboot all "infection" messages had vanished. Weird,
huh?

Yes.

I still smell something rotten. I would still boot off a rescue CD and
scan or use another PC to scan. An alternative to removing the drive and
slaving it is to use a device like this one:

http://www.newegg.com/Product/Produc...82E16812161002