I have two questions for all you big strong geeksters out there:)

I recently removed a bunch of malware (ERNEL32.DLL, NIELPRT.SYS, XGUKXZRVUX.EXE, among others).

Lingering after effects are certain domains are not resolving correctly - see #1, and my PC seems to load a very busy

svchost process often at will along with a rundll32.

GMER scan shows it clean -

TDDKILLER shows it clean  -

PREVX 3.0 shows it clean.

But I know it isn't cleean:)

I think I am on to the problems which leads me to these 2 questions

1) How can I tell if my TCPIP.SYS has been modified to in some way affect DNS resolution of certain domains?

I have been unable to access malwarebytes.org from various applications, among others.

Or, to wit, can i download a new clean tcpip.sys somewhere to be sure?

Are there any other ways DNS results can be affected for all programs I may have missed?

2) More importantly:

I have an odd entry in the registry in several places for something called YIIFLK - it is registered as a BOOT EXTENDER.

I've searched all the internet and there is NO MENTION of this anywhere.

SHOULD I REMOVE THESE REGISTRY ITEMS?  That's all i want to know.

I'm almost positive that if there is a demon in my machine - these YIIFLK things are the source - I watched PROCESS MONITOR CAREFULLY, and i traced everything thru GMER, and this is the one rogue odd thing listed.

Unless of course something totally hidden is at play.

I should mention that my machine has 2 separate hard drives, and they are both bootable.

i can press F12 at the start to bring up a lil boot menu that lets me pick the clean one or the infected one.

I just want to be sure the YIIFLK thing isnt related to me having multiple bootable drives - i really don't think it is, but i need to hear from an expert that i should remove it.

Many thanks - solve my problem and I'll hug a porpoise for you!