A scan found a file in my system32 folder called rlls.dll and it is a virus that records keystrokes and sends the info to two companies that are reported to collect and sell personal data (user names, passwords, credit card numbers, etc.). I found some info that explains that the file was created by two dirty internet research companies called RelevantKnowledge and Marketscore, but I have never taken part in any online polls or internet research on this system so I am at a loss as to where I picked it up.
The rlls.dll notonly is a keystroke recorder but it also seems to set all communications through a remote proxy server.
I tried to delete it and got the "access denied" error.
I tried to use the NSCheck /uninstall command as recommended by symantec and got the "no such internal or exteral command" error.
I then pulled it out of my system32 folder onto my desktop and then tried to do a search for other methods to safely remove it and when I opened IE I got the "page cannot be displayed" error and I also could not access anyone's shared docs on my home network and they could not access my shared docs.
I placed the rlls.dll back into my system32 folder and everything was working fine again.
All of the other systems on my home network are exactly the same and bought at the same time so they should be identical for the most part, but none of the other systems have this rlls.dll.
I have a feeling that it setting all communications through a remote proxy server has something to do with why I can't access the internet and my home network when I remove it from my system32 folder.

Any ideas as to how I can remove this rlls.dll and still access the internet and my network?
There has to be a way to remove it then set things back to the way they were working before I picked up the virus.

A BIG Thanks to anyone who can help.

Hi Jsa

You are right about rlls.dll (http://www.spywaredata.com/spyware/malware/rlls.dll.php)

RelevantKnowledge (http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453097949)

For all malware always follow the following steps.
1)Get firefox (http://securitynewsfromthenet.blogspot.com/) (if you already havent)
2) scan your computer with spybot search and destroy (http://www.safer-networking.org/en/download/)
3) If you still have any malware infection get your computer checked by a hijack this expert (http://www.bleepingcomputer.com/forums/forum22.html)

Yea, I guess I should have provided a little more info about my system.

I have not tried Firefox yet and I am weary abut new stuff. I will read about it and when I understand it well I will get it. It seems so far like a helpful brouser.

I have:
Hijack this,
Security Task manager,
Spyware Blaster,
Spybot S&D,
Adaware SE personal
Windows Defender,
Freedome Anti-virus/Anti_spyware/Firewall/Pop-up Blocker,
Windows Pop-up Blocker activated,
Windows Firewall,
A hardware firewall in my router,(I know, but I have all of my firewalls configured to work together without problem and so far they have never given me any trouble other than I sometimes have to turn off windows firewall to play some online games)
All the tests I run show my system and all of my ports to be in stealth mode.
I keep all of my security updated daily and do regular scans and clean up operations.
I am running XP SP2 IE6

I know it seem to suggest that this rlls.dll maleware comes from interaction with the responsible companies in internet research, but I figured out that this virus was bundled with a holiday screensaver I downloaded. So that would meant they they had provided no "agreement" to install this stuff on my system. So they have reverted to sneaking unwanted software onto peoples systems.

Anyway I ran all of my security software above and non of them either detected the rlls.dll or they could not remove it.

Like I said I can pull the rlls.dll out of my system32 folder and onto the desktop and then from my desktop to the recycle bin and then delete it, but then my internet and home network are no longer accessible.

After deleteing it what settings do I need to reset to get my internet and home network back under the origonal setting that allowed them to work properly before this rlls.dll got in there and screwed everything up?

Thanks again.

The reason it is disables your internet connection is due to it being a Layered Service Provider and messes with the winsock .
Hijackthis would show
O10 - Unknown file in Winsock LSP: c:\windows\system32\rlls.dll
You could try the LSP Fix (http://www.cexx.org/lspfix.htm) .If this does not work do a system restore and post the hijackthis log on the sites already provided .

Thanks a load!

The LSP fix worked perfectly!

I pulled the rlls.dll out mf my system32 folder and the internet and home networt were not accessible again. I ran the LSP fix and restarted and everything was working again so I deleted the rlls.dll for good.

Thanks again.