Jump to content

FBI Moneypak virus Windows XP

Recommended Posts


I have windows XP and have the FBI Moneypak virus. I can't go into any mode on windows without it coming up. I tried downloading that OTLPE tool and it installed to my desktop but when opening it, it says "Targes is now windows 2000 or later". It can't find my windows installation I'm guessing. Help!

Link to post
Share on other sites

OK, if you can boot up using OTLPE, here's what I want you to do:

Please download Farbar Recovery Scan Tool and save it to a flash drive. (32 bit version)

Plug the flash drive into the sick computer

Boot it up using OTLPE

Navigate to the flash drive and run FRST and click scan

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Link to post
Share on other sites

Here ya go:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-04-2013 01

Ran by SYSTEM on 29-04-2013 17:27:33

Running from E:\virus

WIN_XP (X86) OS Language: English(US)

Boot Mode: RecoveryAttention: Could not load system hive.

Attention: System hive is missing.

==================== Registry (Whitelisted) ==================

Attention: Software hive is missing.

ATTENTION: Software hive is not loaded.


========================== Services (Whitelisted) =================

==================== Drivers (Whitelisted) ====================

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

==================== One Month Modified Files and Folders ========

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe IS MISSING <==== ATTENTION!.

C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.

C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.

C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.

C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.

C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.

C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: <===== ATTENTION!

HKLM\...\exefile\DefaultIcon: <===== ATTENTION!

HKLM\...\exefile\open\command: <===== ATTENTION!

==================== Restore Points (XP) =====================

==================== Memory info ===========================

Percentage of memory in use: 5%

Total physical RAM: 3571.86 MB

Available physical RAM: 3362.54 MB

Total Pagefile: 3393.66 MB

Available Pagefile: 3346.48 MB

Total Virtual: 2047.88 MB

Available Virtual: 2003.94 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS

Drive d: () (Fixed) (Total:116.44 GB) (Free:16.19 GB) NTFS

Drive e: (KINGSTON) (Removable) (Total:14.41 GB) (Free:9.22 GB) FAT32

Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 233 GB 0 B

Partitions of Disk 0:


Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 116 GB 32 KB

Partition 2 Primary 116 GB 116 GB


Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y Partition 116 GB Healthy


Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 D NTFS Partition 116 GB Healthy


============================== MBR & Partition Table ==================


Disk: 0 (Size: 233 GB) (Disk ID: 3D3BAD6B)

Partition 1: (Active) - (Size=116 GB) - (Type=07) (NTFS)

Partition 2: (Not Active) - (Size=116 GB) - (Type=07) (NTFS)


Disk: 1 (MBR Code: Windows XP) (Size: 14 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=14 GB) - (Type=0C)

==================== End Of Log ============================

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.