Working on the Kaspersky Scans.. Will log back in when that is done

OK...do u recognize this?

 (Nalpeiron Ltd.) -- C:\WINDOWS\System32\nlssrv32.exe

No.. I'll look it up and make sure it wasn't installed with my new scanner

part of Nitro PDF Professional 6.0.1.8

I have no idea what that is.. I have Adobe CS5 package on my system

I'm not sure if it's part of that software

Should i remove it for u?

Please go here:

C:\WINDOWS\System32\nlssrv32.exe

Upload this file here:

www.virustotal.com

Tell me if it gets detected my any scanners....

Warning This fix is only relevant for this system and no other, using on another computer may cause problems 

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot 

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
MOD - [2012/01/10 18:40:30 | 000,079,872 | ---- | M] () -- C:\Users\Lori Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y9qkjaw0.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko10.dll
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.myheritage.com/
O15 - HKCU\..Trusted Domains: scouting.org ([scoutnet] https in Trusted sites)
[2012/02/10 00:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2012/02/02 19:08:16 | 000,300,078 | ---- | M] () -- C:\Windows\System32\sdtn
[2012/02/10 00:11:36 | 000,008,354 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012/01/06 00:46:05 | 000,155,648 | ---- | C] () -- C:\Windows\agent.exe
[2011/06/27 17:05:43 | 000,001,650 | -HS- | C] () -- C:\ProgramData\7d23l3abdp2i5u1jej48
[2012/01/05 20:51:09 | 000,046,592 | ---- | C] () -- C:\Windows\System32\sdtnpm.dll
[2011/07/06 09:31:27 | 001,439,949 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2009/07/11 18:41:51 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/07/11 18:41:51 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\932B1FE7C5.sys
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8DAF83BD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:B6AC352B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C895616B
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2AEBCB5B
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:5CB1E0D3
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:89EAFAFC

ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Attach the log produced after the fix.

Hi Malwarekiller

Don't close this conversation on me! I was in the middle of a huge project when this nightmare started - I was working on a huge scrapbook project so I have a ton of graphics files on my system right now.

I started the KVP scan - was on day 2 (1 day & 6+ hours) of the scan somewhere around 56% and Microsoft installed an update and rebooted me.. I don't know how far it got before it rebooted.

I do know at 56% it found 12 threats. I am afraid to restart KVP before talking to you. Will it loose the info you wanted if I do that?

I do know all the threats were found right at the beginning. At 56% it was scanning my document files and none of them were affected. I can also tell you that it only took a few seconds to login here with my user name and password and that has been taking about 5 min after I input the information before the screen flips to logged in.

If u rebooted:

Just login and open AVPTool again and go to detected threats menu and save the log and attach it here.

Next u may start with a fresh AVP scan.And similarly attach the log[this scan shouldnt be long]

If u didnt reboot:

Allow the scan to continue

Apparently when the system shuts down properly and reboots it uninstalls AVP so I lost the first scan with 12 threats detected.

I'm rescanning now.. and I selected only My Computer instead of adding C:\ and My Documents - that scan is estimated to take 20 hours

So is scanning C:\ and My Documents overkill? Aren't I going to be rescanning the same files

3 times. If I add those this scan is going to take the entire weekend.

What do you think?

So far it has found no threats.. but it has found a couple toolbars I didn't know where on my computer.