Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Please help virus destroyed BCD - no error message

09 Feb 2011   #1

Windows 7 Ultimate x64
[Solved] Please help virus destroyed BCD - no error message

Hi, I'm writing this from a KNOPPIX Live CD as my computer cannot boot.
I have a triple boot system (7, vista, XP) and Windows 7 is my main OS. I was using it to surf the web only a few hours ago and suddenly my anti virus software which is Avast! (free) started popping windows about a program being blocked, I did not have enough time to read it but the title of the window was vid<something>.info , the "<something>" is the part I don't remember. Also, there was the name of the executable of the program and it was 4 letters, something like vwfv.exe , again I hadn't much time to look because after a few seconds a window popped up in the top left corner and immediately the screen went black for two seconds and then showed a BSOD but this was not a regular BSOD, it only had a few words in the top left part of the screen. I pressed the reset button and the computer passed POST but did not show the Windows 7 boot manager. There was no error message, only a blinking cursor in the top left corner.

I inserted the Win7 DVD and chose to repair windows. It said it found problems and restored the BCD and that the old BCD is backed up. I rebooted but nothing was changed - still only a blinking cursor. I booted the W7 DVD again and this time it let me to the advance repair options. I chose Command Prompt and verified that my files were still there - they are, so I believe the MBR and HDD data are OK it's just the boot process files that got sabotaged by the virus.
I tried to run SFC /SCANNOW but it won't let me do that from the DVD.
I'm stumped, any help would be REALLY greatly appreciated!

Some more useful info:
My main OS is Windows 7 Ultimate x64. My motherboard is ASUS M4N68T-M and my CPU is Athlon x3 435.
I'm using the onboard RAID in RAID 0 configuration (2 500GiB HDDs as one 1TiB drive).
I have several partitions on this drive, NTFS, FAT and FAT32 but the bulk of my data is in a one 500 GiB exFAT partition.
All of the 3 OSs are on NTFS partitions.

If I left out something important please be patient, it's very late at night here.

Thanks in advance,

My System SpecsSystem Spec
10 Feb 2011   #2

Windows 7 Ultimate x64

Using BOOTREC /FIXMBR got me my boot manager back. I logged on to XP and now downloading the trial version of NIS 2011 that I hope to use to get rid of the virus. Apparently, Avast! sucks.

If I'll manage to get my W7 working again I will come back and flag this as solved.
My System SpecsSystem Spec
10 Feb 2011   #3
Microsoft MVP

Windows 7 Ult. x64


In addition in NIS, I recommend you also try MalwareBytes - it has a very good reputation here.

My System SpecsSystem Spec

10 Feb 2011   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

This forum has a great section on tutorials on how to repair your system. This is the link to a startup repair. Also, at the bottom of that page there are related links (restoring your system, clean install, etc) which may help you out. Peruse those and I think you will find something there that can help you out. I hope this helps and you get it sorted.

Startup Repair[2]=Performance%20Maintenance

You could also try using a boot rescue disk to clear out infections, which may still be remaining in the background. You have a choice of these
My System SpecsSystem Spec
10 Feb 2011   #5

Windows 7 Ultimate x64

Golden: I always do use MBAM in conjunction with my AV software, it has saved my behind numerous times before. MBAM has been running for the last 3 hours now and still going strong (I do have A LOT of files).

Borg 386: I think I already solved the startup problem, I'll be 100% sure when MalwareBytes finishes.
Ironically, it actually was the tutorials here that helped me to get it fixed.
My System SpecsSystem Spec
10 Feb 2011   #6

Windows 7 Ultimate x64

OK, MBAM finished, I am the proud owner of one Rootkit.TDSS.
I haven't heard about it until about an hour ago when this thread was just above mine:
salvaging a TDL3 infected HDD

Then I googled this TDSS/TDL3 and it turns out it's the Rootkit from hell... Whole systems have been destroyed, or so I understand. Now I'm really scared
I'll try TDSSKiller and Hitman Pro which turned up while reading some posts about this Rootkit. If anyone has another free tool which specializes in TDSS please tell me about it, I have 10 years of unbackedup data on this computer and it would really suck if everything will be lost because of this malware
My System SpecsSystem Spec
10 Feb 2011   #7
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

Got a couple other possibilities....


GMER - Rootkit Detector and Remover

Norton Power Eraser
Eliminates deeply embedded and difficult to remove crimeware that traditional virus scanning doesn't always detect.
My System SpecsSystem Spec
10 Feb 2011   #8

Windows 7 Ultimate x64

Thanks Borg, I will try them out.
My System SpecsSystem Spec
10 Feb 2011   #9

Windows 7 Ultimate x64

I booted Windows 7 and ran all the malware/antirootkit software from there but nothing was found. It seems like MBAM got rid of it all. I think I was lucky to catch it before it had the chance to wreak havoc and root itself deep within my system.
Thanks to everyone that helped, I really love your forums
My System SpecsSystem Spec
10 Feb 2011   #10

Windows 7 Pro x64 SP1

of course you got a free ride and NOW is the time to:



My System SpecsSystem Spec

 Please help virus destroyed BCD - no error message

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
"RPC Virus virus" message in action center?
I've had no problem with my computer in the past two days, yet I see an action center message today, supposedly from yesterday, warning me that "This problem was caused by the RPC virus, a known computer virus" and no further information. Since I've gotten no notification from my usual...
System Security
Is this a virus or a legit error message? HELP!
I have had my PC for 3 years now and it has a legit copy of Win 7 Home Premium 64bit on it. I do not have any other pcs and no one else uses mine because I live alone. I was on Wikipedia and went to go to Youtube when I got a message from the web stating that I may be the victim of software...
System Security
ESET popup some message about virus detection
Hello, i have BIG problem with my win 7... yesterday ESET popup some message about virus detecion and put some files into carantena... After that, when i try to run some applications i allways get error message : the program cant start because COMCTL32.dll is missing from Your computer... i...
System Security
RPC Virus message in Action Center, though the virus seems to be gone?
So I was managing my Laptop (Compaq Presario CQ57 with Windows Home Premium SP1) after a long time away from it, I left it in the care of a friend of mine, I noticed a few strange things. 1) I couldn't update Windows. 2) I couldn't turn ON my firewall 3) Windows Security Center was missing....
System Security
Got A Virus, Did A Windows Reinstall, Now Have An Error Message
Hello Everyone, I'm new to the board and I just want to start off by saying thank you to any help you can give in advance. Here are my computer stats: Acer Aspire One 7741Z 17.3" Display 3GB of DDR3 Memory 250GB Hard Drive Windows 7 64 bit My issues started with me getting a...
Installation & Setup
"Bad directsound" error destroyed my audio
Hello, I usually use headphones, but today I changed the input and put on the speakers cable. When I sat back on the PC, I tried to play some music on Winamp put it displayed "bad directsound input" . I switched back to speakers and it kept displaying it. I rebooted -> no change. So I started...
Sound & Audio

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:30.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App