I have :
Win XP SP2
Avast Home 4.8
Latest virus definitions
My problem :
I caught a virus (though avast couldn’t detect the exe file as a virus)
Upon rebooting (I still wasn’t aware that I was infected), avast told me it had detected a rootkit and asked me to plan a scan on reboot. I did so.
Now, whenever Windows boot, I get a blue screen with message : session5_initialization_failed and I must turn off the computer…
When I got BSOD SESSION5_INITIALIZATION_FAILURE 0x71 (0 0 0 0) due to some NTFS problems I loaded successfully only uning ‘Last Known Good’ configuration.
thanks…I tried your method but I also get the blue screen
Yesterday, I could still boot in safe mode, and I tried to launch a chkdsk on reboot…
Since then, it won’t even boot in safe mode or in command line…I now get a blinking white ‘-’ on black screen lasting forever
Hopefully I have Ubuntu installed on dual boot (I knew it could be useful someday :))
anything you think I can do from there ??
or maybe from a recovery cd ?
EDIT :
tried ntfsfix from ubuntu and no success
tried chkdsk from recovery cd…finds errors and corrects them but in the end, nothing changes…
Use Recovery Console from your Windows XP installation CD (or recovery cd).
Check these files and replace them from your CD if they are different:
\Windows\System32\ntdll.dll
\Windows\System32\ntoskrnl.exe
\Windows\System32\smss.exe
I actually don’t have a real recovery cd (laptop computer) so I took the files from another computer
and it changes nothing…
what I don’t get is that my startup screen (wich is a customized one) is still the same even when I replace those 3 files… ???
shouldn’t it be replaced by the original windows loading screen ?
(if you have skills in virus analyzing, I can provide you with the malicious program ::))
EDIT :
Well, I did an online scan of the damn file. Bitdefender tells me it’s Dropped:Trojan.Agent.AHZT while NOD32 and VBA32 tell me it’s Win32/Rootkit.Agent.NFI.
It seems that it’s a pretty new virus and that’s probably why major antivirus softwares like avast! can’t detect it yet…
As I can’t find any info about it anywhere, I guess you professionals could give me a piece of advice ?
I’m not giving up !