If you need my pc spec:
Pentium D 2.8GHz
1.5 GB RAM
80GB hard disk
This unknown virus/ malware/ worm basically stop all my reformatting functions (only removable hard disk such as pen drive and floppy disc can be reformat), commands, task manager, services program (especially related to antivirus and anything under administrative tools). Besides, it manages to corrupt my safe mode.
Reinstalling windows do not work as old files from previous are left untouch leaving the virus loafting around. Reboot menu always freezes when I tried reboot from there, the "thing" also prevent my usb mouse and keyboard to work rendering me helplessly hanging in the reboot menu.
Therefore, I would like advise and help to restore my pc.
Here is the log from hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:28:36 PM, on 10/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\l\LOCALS~1\Temp\svchost.com
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\fdisk.com
F3 - REG:win.ini: load=C:\DOCUME~1\l\LOCALS~1\Temp\svchost.com
F3 - REG:win.ini: run=C:\DOCUME~1\l\LOCALS~1\Temp\svchost.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\fdisk.com
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HotKey] C:\Documents and Settings\l\Templates\cache\SFCsrvc.pif
O4 - HKLM\..\Run: [User Agent] C:\WINDOWS\system32\fdisk.com
O4 - HKCU\..\Run: [HotKey] C:\Documents and Settings\l\Templates\cache\SFCsrvc.pif
O4 - HKCU\..\Run: [User Agent] C:\DOCUME~1\l\LOCALS~1\Temp\svchost.com
O4 - Startup: sndvol32.exe
O4 - Global Startup: sndvol32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{96534A61-D8BE-479F-B0BA-4A368C86F8E5}: NameServer = 202.188.0.133 202.188.1.5
--
End of file - 2162 bytes