Windows 10: repair of windows after a viral attack

Discus and support repair of windows after a viral attack in Windows 10 Installation and Upgrade to solve the problem; Having issues re-installing windows after a viral attack, i keep getting the error code 0x8007042B - 0x000D the installation failed in the SECOND_BOOT... Discussion in 'Windows 10 Installation and Upgrade' started by morganfarrant, Feb 29, 2020.

  1. repair of windows after a viral attack

    Having issues re-installing windows after a viral attack, i keep getting the error code 0x8007042B - 0x000D the installation failed in the SECOND_BOOT phase with an error during MIGRATE_DATA operation.

    I am running Windows 10 Pro, version 1909, and it has an OS build of 18363.657

    I also run 2x solid state drives and one standard hard drive

    It is set up as a drawing and design computer, it is not a gaming machine.

    Can anybody advise me on what to do, i am currently making a boot disk to try and repair from that maybe in safe mode if it is still available to use.


    morganfarrant, Feb 29, 2020

  2. viral attack

    hi there guys.i need some assistance with my using nokia6600 and it has been attacked by some virus called comswiss warrior.can anybody out there tell me where to find freedownloadable software for this?
    natmos2001, Feb 29, 2020
  3. Kursah Win User
    Repair Windows 7/8/10

    Repairing Windows 8

    Further improving on previously deployed OS repair methods, Windows 8, 8.1, Server 2012 and 2012 R2 further allowed advanced repair where an in-place upgrade or total re-install would be required on previous operating systems. In all honesty, before Windows 10 implementation, this was arguably the easiest OS to repair for a couple of years by running more basic commands.

    This has since been advanced to more closely match Windows 10/Server 2016 repairs but with the below information I hope to guide you through performing these advanced tasks more easily!

    Spoiler: Windows 8/8.1 Repair DISM

    If CHKDSK and SFC fail to repair the issues with the system, then it this is your next option and besides restoring from a previous backup might be the second-to-last option before re-installing the operating system. We will utilize DISMfor this next repair option.
    • In some instances, you won't need the OS ISO to perform the DISM image cleanup. You can attempt this on any OS from 8-10 by using the following command in elevated CLI: DISM /Online /Cleanup-Image /RestoreHealth
    • In many cases now due to some changes Microsoft made, you'll need to have a copy of the OS ISO available. The ISO will need to be a standard deployment variety that contains Install.WIM in the Sources directory, otherwise the process will fail. Once you have the correct ISO, mount it in Explorer (can do this natively on Microsoft Windows 8.0+), verify the drive letter, verify Image.WIM in the Sources directory.
      • To download a Windows 8.1 ISO from Microsoft, click here.
    • Enter the following in elevated CLI: DISM /Online /Cleanup-Image /RestoreHealth /source:WIM:X:\Sources\Install.wim:1 /LimitAccess
      • X = drive letter of mounted ISO. Change to match the appropriate drive letter.
      • Say I had the Install.WIM located in C:\Images, I would type the following command: DISM /Online /Cleanup-Image /RestoreHealth /source:WIM:C:\Images\Install.WIM:1 /LimitAccess
    The DISM scan can take a while, often times longer than an CHKDSK or SFC scan. To speed up the process, have the Image.WIM on a faster flash media or on local storage rather than disc media. This will help greatly. In many cases one or two runs of this command will repair most issues I've found with Windows 8/8.1.

    Once the DISM repair process has been found successful, or not, I will perform a reboot. If the repair was unsuccessful, this will be when I attempt a second pass. If the second pass fails, it is time to move onto the next solution.

    However, if the DISM repair passes at any point, reboot the system and then perform an SFC to confirm no further issues are found or need resolved. This step is likely overkill for those not seeking to do optional steps.

    Operating System Refresh

    It should be noted that in the event DISM fails to repair the system, then an OS refresh would be the next suggestion if the deployed that could save the user's files and OS deployment.

    This feature has been an available feature since Windows 8 launched in 2012. The biggest benefit with this option over Windows 7's in-place-upgrade is not necessarily requiring the OS installation media to perform the repair.

    If the system is an OEM, an OS refresh from the OEM partition may mean a reinstall of the OS and loss of user data but the restoration of OEM software and bloatware. But you can still choose a manual OS-only refresh without the bloatware if you take the correct steps.

    The best choice in my opinion is to run an OS refresh procedure from the advanced boot menu or you can run the installation media while in Windows to perform and Upgrade installation, this will keep your files and settings but replace Windows files and components.

    To access the advanced boot menu for Windows 8, there are a several options.
    • When choosing restart from the OS GUI, hold down SHIFT and click restart. This method will work even if you cannot log into a profile on the system which makes it very useful in some situations.
    • If logged in, access PC Settings, and click Restart Now under Advanced Startup.
    • If logged in, open a command prompt window and type shutdown /r /o /t 0 which will initiate a reboot into the advanced menu right with no delay. Without /t 0, there will be a 60-second delay. The number value after the /t is delay seconds.
    Once you've reached the advanced boot menu, choose Troubleshoot. From there you can choose to Refresh your PC, Reset your PC and Advanced Options. For this repair, we want to choose Refresh your PC. It's description reads "If your PC isn't running well, you can refresh it without losing our files." That is exactly what we want to accomplish here!

    Follow the prompts and processes, and after the refresh installation and rebooting, you should be greeted with a login screen back to your profile in your stable OS environment. At this point you should be able to use the system as intended, if in doubt then re-run the SFC and DISM scans.

    In-Place Upgrade

    If CHKDSK, SFC and DISM fail to repair the issues with the system, yet you can still boot to the Windows desktop, then the next option is to perform an in-place upgrade. This is more in-depth than an Operating System Refresh. It re-installs most of the operating system's core image and critical files without losing your profiles, data or programs, but do expect to lose some settings. In many cases this process can fix some major issues and refresh an otherwise corrupt and issue-ridden OS installation back to something stable and usable.

    Time to close the CLI windows and get back into the GUI, unless you want to deploy Windows through CLI. You'll have to source a different guide for that process!

    Requirements to perform an in-place upgrade:
    • Must have installation media that matches the installed OS version and type. This applies to both Windows and Windows Server.
    • Must be able to get to the desktop on the affected system to correctly initiate this process, booting to the media will not allow an upgrade to be performed.
    That last rule is the frustrating part of this repair process if you cannot get that far, backup what you can and do a fresh installation. Otherwise proceed.
    • Start the process by using autorun or manually running setup.exe from the installation media.
    • Windows 8/Server 2012+ can mount ISO's in Windows Explorer, you can use that instead of physical media options to perform this task.
    • You'll come to the installation window, the options will be Upgrade or Custom. Choose Upgrade. This is critical as choosing custom will force you to overwrite, append or wipe out the current install rather than performing any kind of repair.
    • Follow the on-screen prompts, which should be very few for you to interact with. The overall process looks and is the Windows install GUI. Once it is completed, the system will automatically reboot (may need to more than once).
    • After the reboot(s) after the in-place upgrade you should have a fully functional Windows without issues or corruptions.
    Performing an in-place upgrade makes sense, and gives you a stable and clean running operating system when there's an issue or corruption you just can't fix but things aren't broken enough to warrant a fresh installation. The point of this process is to refresh the Windows OS files but retain your data, programs, and settings. That is precisely what the in-place upgrade procedure accomplishes.

    I should also add that this process can be accomplished remotely as well, from start to finish. I have done so with persistent LogMeIn, ScreenConnect and Teamviewer installations on various remote systems I have performed this task on, RDP should work as well. Being able to do this level of repair remotely is a huge benefit to any sysadmins out there looking to keep a client happy and perform that "remote magic" IT guys are known for.

    **If at this point your issues are not fixed, then there is something else occurring that is causing the issue be it Malware, hardware, drivers, etc. Please refer to the OP in this thread to run through some of those tests and diagnostics, or create a new thread seeking help and stating what you've tried.**
    Kursah, Feb 29, 2020
  4. DaveM121 Win User

    repair of windows after a viral attack

    About Ransomware attack

    Here is Microsoft's Customer Guidance on the Ransomware Attack:

    • In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the
      security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.

    • For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt.
      As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.

    • This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers
      should consider blocking legacy protocols on their networks).

    For the full article,
    Click HERE
    DaveM121, Feb 29, 2020

repair of windows after a viral attack

  1. repair of windows after a viral attack - Similar Threads - repair viral attack

  2. Windows 10's viral updates

    in Windows 10 Installation and Upgrade
    Windows 10's viral updates: I have a laptop. I run windows 10 1809. I don't want Windows to update. Ever again. Period. No scans for new patches, no hidden updates, no side stepping MY GOD DAMN SETTINGS. I have been patient, waiting for things on Microsoft's end to improve. I've used McAfee Firewall,...
  3. Phishing Attack?

    in AntiVirus, Firewalls and System Security
    Phishing Attack?: I keep getting this message, should I be worried? It started while I was working and checking hospital websites. I have checked svchost.exe with VirusTotal which came up negative. [img] 150293
  4. Virus ATTACK

    in AntiVirus, Firewalls and System Security
    Virus ATTACK: ATTACK???? what should I do??? @McAfee_Help caught it and quarantined it BUT...…. [ATTACH]
  5. firewall disabled after malware attack

    in AntiVirus, Firewalls and System Security
    firewall disabled after malware attack: i cleaned all the malware from my system and fixed a lot of stuff but the one i can't fix ,is the firewall, i get error 0x8007042c, and can't start any service, everything is grayed out. i don't know what to do, reinstalling windows is not an option i have a lot of software...
  6. Malware attack

    in AntiVirus, Firewalls and System Security
    Malware attack: I had turned off windows defender. I was attacked by malware on my desktop computer. It has an .seto extension name. I had formatted my compter but no change. Windows defender is not turning on also. my all files became unusable. How can i recover my files....
  7. Londec Attack

    in AntiVirus, Firewalls and System Security
    Londec Attack: My files have been encrypted by the londrec ransomware attack. any idea on how to decrypt them"
  8. Ransomware attack

    in AntiVirus, Firewalls and System Security
    Ransomware attack: Hello guys, i have a problem and i need help. to cut the long story short, my computer is infected with a ransomware (with ''nelasod'' extension on all docx, xlx, ppt and videos files). This has made it difficult to open any of my document in my external hard drive. It seems...
  9. Phishing attacks

    in AntiVirus, Firewalls and System Security
    Phishing attacks: Since purchasing a new Windows 10 / Edge PC less than a month ago, it has undergone two phishing / malware attacks. The perpetrators would like you to think that their messages are Microsoft generated (I have screenshots if anyone is interested). Note that both Windows...
  10. Windows 10 gets attacked with a disk repair in a multi-boot setup.

    in Windows 10 Support
    Windows 10 gets attacked with a disk repair in a multi-boot setup.: Before installing Win 10 preview onto an HDD I disconnect the other bootable drives lest they be molested by the Windows 10 install process. After installing the preview and updating everything I shutdown the PC and re-attach the other HDDs. My default boot drive has Windows...