@Ivgandhi
As you told you did test this two steps:
1).Run last known good configuration by hitting f8 key while ur system boots.
2)Do system Restore.....from safe mode...start>programs>accessories>sytemtools>syste mrestore.
you do what you plan or you use the following tools as next steps:
RKill - What it does and What it Doesn't - A brief introduction to the program
Started by Grinler , Apr 09 2010 10:05 AM
This topic was created to provide a very brief introduction as to what RKill does and to provide a way for people to report false positives of processes that are terminated. Even though false positives may occur, this should not be considered a problem as you can always launch the programs again or reboot your computer as no files are removed by running RKill. This topic is not to be used as a support topic for removing malware. If you need help removing specific malware you can follow the steps here or ask in the Am I Infected? forum.
RKill is a program developed at BleepingComputer.com that was originally designed for the use in our virus removal guides. It was created so that we could have an easy to use tool that kills known processes and remove Windows Registry entries that stop a user from using their normal security applications. Simple as that. Nothing fancy. Just kill known malware processes and clean up some Registry keys so that your security programs can do their job.
So in summary, RKill just kills 32-bit and 64-bit malware processes and scans the registry for entries that would not allow you to run various legitimate programs. When scanning the Registry, Rkill will search for malicious Image File Execution Objects, DisallowRuns entries, executable hijacks, and policies that restrict your use of various Windows utilities. When changing Windows Registry entries it will create a backup of these entries and save them in the rkill folder on your desktop. Each registry backup will contain a time stamp so that the backups are not overwritten on subsequent runs of Rkill. For a list of changes in Rkill, please see the change log at the bottom of this post.
Since RKill only terminates processes and does not remove the offending files, when it is finished you should not reboot your computer. If you do, these malware processes that are set to start automatically, will just start up again. Instead, after running RKill you should scan your computer using your malware removal tool of choice. If there is a problem after running RKill, just reboot your computer and you will be back to where you started before running the program. Some great free tools that you can use to scan your computer after running RKill include MalwareBytes' Anti-Malware, SuperAntiSpyware, and Dr.Web CureIt.
http://www.bleepingcomputer.com/for...t-doesnt-a-brief-introduction-to-the-program/
http://www.bleepingcomputer.com/download/rkill/
Edit: After every run of rkill you will get a report which tells you about the following things:
- Checking for Windows services to stop
- Checking for processes to terminate
- Checking Registry for malware related settings
- Performing miscellaneous checks
- Checking Windows Service Integrity
- Searching for Missing Digital Signatures
- Checking HOSTS File
Having all the above information can be very helpful in case you have a software problem. It can give you a hint what files in your system are broken or damaged.
Run also once the following malware program:
http://www.malwarebytes.org/ It is easy to install and cleans deeply.
That's it for the moment / DanPickUp