Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I got SPORA ransomware on a 'new' machine - is there hope?

03 Mar 2017   #1
joolzred

Windows 7 Professional 64 bit
 
 
I got SPORA ransomware on a 'new' machine - is there hope?

Thank you for reading this folks!

I have purchased a really nice refurbished laptop for my husband, HP Windows 7 Prof 64bit, 8gb RAM etc. Was just setting it up last night and...

I have a BIG problem that is partly [mostly?] my own fault. Being a fairly experienced PC user & using the Internet for almost 20 years I thought I'd never get hoodwinked into clicking an unsafe page/link but today it happened as I was setting up the laptop with my preferred programmes & settings.

I haven't used Chrome for a while & when I went to get an app I like called 'cleanup!' [Stephen Gould's freeware 4.5.2] The Chrome page prompted me to restore/download a Chrome font. Hoefler font and it really looked like a standard Chrome page

Long story short, I fell victim to SPORA ransomware like a silly sod. Spora Ransomware Works Offline, Has the Most Sophisticated Payment Site as of Yet


I found & deleted the actual malware with HitmanPro Alert when even Malwarebytes couldn't find it, & the only files encrypted as far as I can tell are the 'sample' pictures as it was a 'new' machine with no .doc files etc. at all yet. On every restart Chrome &/or IE are displaying the Spora ransomware page.

So it's done its work and encrypted a few files I don't even need. I don't really want to pay to get rid of these scumbags' webpage. Would anything work to delete their encrypted files which I don't even need, and stop their ransom demand page?

Many thanks in advance, Jools



My System SpecsSystem Spec
.
03 Mar 2017   #2
torchwood

W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
 
 

Hi Jools,
On the bright side you wont have to pay a ransom to get your data back.

We just need to re-install the OS, AFTER cleaning it.

Follow the instructions here
Disk - Clean and Clean All with Diskpart Command

Have you got a w7 pro disk.

Roy
My System SpecsSystem Spec
03 Mar 2017   #3
samuria

win 8 32 bit
 
 

Welcome to the forum this is new and targeting Russia it can jump to PC's on the network so it's important to keep it off the network. I wouldn't take any chances and do a clean install deleting all partition it does do damage to the system.
My System SpecsSystem Spec
.

03 Mar 2017   #4
torchwood

W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
 
 

Note

IF your still getting those pages its still on your system

Hence clean it

Roy
My System SpecsSystem Spec
03 Mar 2017   #5
joolzred

Windows 7 Professional 64 bit
 
 

Hi there Roy & samuria. Thanks for replying. I will go to disconnect the laptop from the home wifi promptly!

The laptop was a refurb with Windows 7 OS preinstalled, I don't have a disc.
My System SpecsSystem Spec
03 Mar 2017   #6
torchwood

W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
 
 

Hi Joolz,

Whats on the COA sticker please, just the description NOT the key.
AGAIN DO NOT POST THE KEY.


Roy
My System SpecsSystem Spec
03 Mar 2017   #7
joolzred

Windows 7 Professional 64 bit
 
 

Quote   Quote: Originally Posted by torchwood View Post
Hi Joolz,

Whats on the COA sticker please, just the description NOT the key.
AGAIN DO NOT POST THE KEY.


Roy
Hi Roy, many thanks for your help.

There is no COA sticker, just a 'Windows 7' sticker & Intel sticker. It's a refurb ex-business laptop.

Edited to add: I am in touch with the (reputable) Ebay seller so he may be able to send me a disc. But I am wondering if I might just have to chalk it up to experience and bin the machine! 170 is a blow but not too much to get peace of mind?
My System SpecsSystem Spec
03 Mar 2017   #8
torchwood

W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
 
 

Hi Joolz,
someone got lazy by the sounds of it, Its only been serviced, Refurbs have thier own sticker, and are marked as such, try looking in the battery compartment.

Doesn't matter thou it was to point me in the right direction for the correct link, OEM or Retail.

Right Download then burn to CD

W7 Pro Sp1 X64 OEM

https://software-download.microsoft....365b9e75b94050

Link is only valid for 24Hrs


Once youv'e installed head over to the homepage for that make/model
install ONLY the updater, it'll be in the utilities section. It will then check it for driver updates.


Roy
My System SpecsSystem Spec
03 Mar 2017   #9
joolzred

Windows 7 Professional 64 bit
 
 

Quote   Quote: Originally Posted by torchwood View Post
Hi Joolz,
someone got lazy by the sounds of it, Its only been serviced, Refurbs have thier own sticker, and are marked as such, try looking in the battery compartment.//
Found it in the battery compartment!

It says [from top to bottom]:

Windows 7 Pro OA
HP
<BARCODE> 584048-001
<product key>
<BARCODE> <more numbers>
<more numbers>

I am also downloading the .iso you linked to as you advised. Many thanks.
My System SpecsSystem Spec
03 Mar 2017   #10
torchwood

W7 home premium 32bit/W7HP 64bit/w10 tp insider ring
 
 

Thought So,

Do the diskpart then install from the ISO,
you MAY have to validate it via phone, 0800 0188354.


Roy
My System SpecsSystem Spec
Reply

 I got SPORA ransomware on a 'new' machine - is there hope?




Thread Tools




Similar help and support threads
Thread Forum
Is there any hope ????
bought a 4gb HDD months ago. Finally got around to plugging it in. Disaster. It is split into 2 drives 1x2gb 1x1.6 gb The 2TB partition initialized fine. The 1.6Tb unallocated space is faded out. Cannot touch it. The simple solution is send it back. Ebay order istoo old. No...
Hardware & Devices
Hope everyone has been doing well.
With my new job along with the extensive travel I've been subject to lately I've lost contact with the board the last few months. I would like to wish all the best to everyone and say I hope all is well with you. Once things slow down I will be back in full swing, but until then take care and...
Chillout Room
hope you all can help
About a week ago I started having issues with Chrome Crashing. Over the past few days I have come back to my computer & found that it has re-booted. Now today I have had a few BSD's wile in the middle of working in Chrome, Gmail, or Word, etc. I have attached a copy of the latest of 3 minidump...
BSOD Help and Support
Hi im new here hope you can help
Hi Everyone my name is Steve, I have a problem with my start menu appearing after i hit any key to return to my desktop after my monitor has gone off after the screen saver has been on then monitor goes off after. apart from periodical reboots for windows updates I never shut down down pc. im...
General Discussion
I hope anyone can tell me this.....?
I am looking where i can change this image file, or where i can change the color. I have seen it in other colors but i never found out how.:mad: I hope anyone knows cause i am getting annoyed by that little blue *****.
Customization


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:42.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App