STOP:c0000135 error msg after removing Sirefef rootkit

Hi

This damned rootkit has prevented the windows from starting up for the last 3 days and it has been really frustrating searching for solutions and getting no results.

The exact problem is I think I was infected with Sirefef rootkit ( as Avast alerts said ) but I never had url redirections and search engine redirections and such because Avast would block the actions every time, but after a boot time scan & removal of malicious files the computer won't start up; even in safe mode I get the error msg: STOP:c0000135 The program can't start because %hs is missing from your computer.
Things I have done so far:

• Correcting the registry key and changing consrv to winsrv but no luck.
• Using SFC command successfully as it said some files were repaired but still no success in getting past the BSOD. I even ran it for 4 more times but there were no more deviations found in files.
• I also tried renaming winsrv.dll to consrv.dll and changed the registry value to consrv.dll to get windows to load but no luck there either.

And as of now I have access to KDE linux through Kaspersky rescue disk and also the options windows startup repair offers (command prompt and such)
On the same note, I can browse my harddrive freely and even execute SOME executable files using the Open file dialogue through Notepad.

And needless to say windows startup repair hasn't been able to do anything.

If you guys could help me out find what the missing file is and how I could logon to windows I would really appreciate it, these past few days have been truly agonizing.

 

Not to be the bearer of bad news, but sometimes malware permanently wrecks a Windows installation. As far as I knew, sirefef was a Trojan, but maybe they've upgraded.

Any rate, your best hope at this point is to recover your data and start over. I would even frag the MBR just to be safe.