Hi everyone,

As you know I run NIS09 quite regularly, both full system scans --scheduled and on demand--and quick ones. I also run MBAM on Demand and SAS-PRO, as well as TF4 scans.  The last scans I run were yesterday were:

 NIS09 Full system Scan-----some tracking cookies found

 MBAM Quick Scan---Nothing  found

 SAS: Full System Scan---Nothing Found

Once a month I also run Microsoft One Live Care-On Line Scan.  Well this month, and specifically tonight, I decided to run Kaspersky 7.0 On line Scan, and imagine my surpise when these results came out:

KASPERSKY ONLINE SCANNER 7.0 REPORT
 Sunday, April 26, 2009
 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
 Kaspersky Online Scanner  version: 7.0.26.13
 Program database last update: Saturday, April 25, 2009 23:55:45
 Records in database: 2078966
--------------------------------------------------------------------------------

Scan settings:
 Scan using the following database: extended
 Scan archives: yes
 Scan mail databases: yes

Scan area - My Computer:
 A:\
 C:\
 D:\
 E:\

Scan statistics:
 Files scanned: 261761
 Threat name: 8
 Infected objects: 23
 Suspicious objects: 16
 Duration of the scan: 02:38:38

File name / Threat name / Threats count
C:\3D Online Pool\Update100.exe Infected: Trojan-Dropper.Win32.Agent.zqo 1
C:\3D Online Pool\WebTalk.exe Infected: HackTool.Win32.Delf.io 1
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0b815ea7\Report.cab Infected: Hoax.Win32.Renos.bqq 2
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0e013daf\Report.cab Infected: Hoax.Win32.Renos.bqq 2
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report23da627e\Report.cab Infected: Trojan-Dropper.Win32.Agent.zdq 2
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report4dffd138\Report.cab Infected: Trojan.Win32.DNSChanger.kpn 1
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report4dffd138\Report.cab Infected: Worm.Win32.AutoRun.sub 2
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Report0b815ea7\Report.cab Infected: Hoax.Win32.Renos.bqq 2
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Report0e013daf\Report.cab Infected: Hoax.Win32.Renos.bqq 2
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Report23da627e\Report.cab Infected: Trojan-Dropper.Win32.Agent.zdq 2
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Report4dffd138\Report.cab Infected: Trojan.Win32.DNSChanger.kpn 1
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Report4dffd138\Report.cab Infected: Worm.Win32.AutoRun.sub 2

AND for Drive E, which is my Back up Drive:

E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14PASVVL\wbk2A76.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14PASVVL\wbk7C7C.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14PASVVL\wbkBAE9.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14PASVVL\wbkF657.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbk19A1.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbk2358.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbk333D.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbk61F9.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbkA7D7.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbkB9B6.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DNHXQ450\wbkFE57.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHI3B573\wbk18D6.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHI3B573\wbk4134.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHI3B573\wbk5D7F.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHI3B573\wbkA204.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHI3B573\wbkF819.tmp Suspicious: Trojan-Spy.HTML.Fraud.gen 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3G39II1Z\global.etc[1].js Infected: Trojan-Clicker.HTML.IFrame.acr 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4P724LTW\config[1].js Infected: Trojan-Clicker.HTML.IFrame.acr 1
E:\Manual Back-up\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KKTDF3Z3\global[1].js Infected: Trojan-Clicker.HTML.IFrame.acr 1

The scan was stopped by the user.

At this point I stopped the scan because I got p...off with the results and in any case the scan was already running for 3 hours.

I would really appreciate anyones help in assessing the above results.  Am I really infected? How can NIS 09 miss all that??

Thanks.

TrDo.