Analysis
-
max time kernel
49s -
max time network
6s -
platform
windows7_x64 -
resource
win7v200722 -
submitted
23/08/2020, 18:33
General
-
Target
59316fc8224622a24b95b621828b5704481d6ea5001e00a108f60716210d9881.bin.exe
-
Size
465KB
-
MD5
b48c54150f2366dd29504dbef0600ab3
-
SHA1
0d8190ac6b0235d881217e8e7e2df8f5426464c3
-
SHA256
59316fc8224622a24b95b621828b5704481d6ea5001e00a108f60716210d9881
-
SHA512
3d548670df6e9c229a8bcb29093f04d92496dcd01526e3c97e2b74cd683f4b653d9e2a6dd990ce9b62e33ef8899c2e29d979cb3e46dd6c493bdad3e81c1396b6
Score
10/10
Malware Config
Extracted
Path
C:\$Recycle.Bin\S-1-5-21-403932158-3302036622-1224131197-1000\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dNvc/NOlYuk+Zm3r8lOf7uV8p6msGOsqi+8Vr4S5d2Zc2BxDmSwl683gJ35mL3+x/kzjc+9wNpfVH
q3AMcN72L5pvXM6XNqEKvHa8uvd23DYMIkYDWAwJ2/Fnz3D9VIkqBaQW/57ViN1Htc97ptHB6MfC
EGXhrDgzKSFCrzyl2SlpVQV9ZCpn8oJLhGzLZX4vvrG34foQ+wz/1NQr2XW7/7sM0WdR3caHPwwx
FZhI9c9pXLHY9LvRlgYanMG3g2XAyxwfY7Yn5wMgts2mlem83nY8GBXe8OYzYAxzOxvdWjhagcPp
y5+YdN/wBVnxoeaoQriU82C5xjr/XUvN3S/8iY8VUey6rz/kkyraIjbCW4B1l4PmCY9hLx2MghV4
/uKxSm1PBAc98ZuVrZscVXvZzs0RAgeIMMZCckTc5OqOz4GzwsTNA4tnSBr0gXz9r5N4H7d/xrkx
eubk8hGMT9R61qGLyn5g4fX42V3+OczSYs4WGjjvQj5CWuKe1PgTavLEJQd/zFk4U62yXCXkIFwf
DOddULi+RICMQ5+gTmxbZxhwq8n5BQx28+046A56kZInJbz0aOPJg3EpfzHYc294+4+v8o/YyxeT
OpsKBLxgh32R34d10bZF8wr7od2gqqnJj4Yg6BHKhZqu1NBO4AljS9LKo0vPzsmLPsHkGV8ATQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\$Recycle.Bin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BKvv5kZksQOdtvKipwegD/6WCQ2l0EwPmIXWIiX/HmUXsACKDjQBYBD/MwrWByxBw5tThL8jvWBmw
ydvlHTnx4YkuW0AkwnwklUO/v2qeAEuwZHUJlFtpD3uTdM9zKDHFD8A7iOvUx6I87itm/6JTInAQ
mvm2xB33fA+lfYtkuYEuPIi14nZ/yG211ney8eO507VwJZgvO7+DjQzqZ58M8cYLgWxxrwVbmUvx
PfZ4XqtXZ8KQ1sYez8duHu9A8IuqKU36sz+UEtmAJSQdWc7nd7lFU5TBbmfyi9KUEfw7XmSFDlmD
leniIfsBF24pohXfDfLSTCN8jeWXLWL6qLIRVTB/tujL+RQptj0L2vJCIRSX8yGgumKM656tfImB
APKoAPS5Nm3R3j5DFR7kLZhn6E4kafK91NFXYt7fNnKDvj6av43jEcF2lXteUdxJ8VUUh+bhSUrr
e6VAzhtTICiGPHEnZkJd/A6Qk92lzEb2weKUMOJGImlN1dsSAO+AoK/eNgxjY9e9YN+6Y9R3uCiE
GuiWM8xMMHnnrR0Tp37/v4AwmzxhPlRC2TDRH/VKaGW3/keydlBtmU3ubWdLB6/KF/D/4igPbMSw
YMwFKvshrsYUIWaEVRLQyjCDZ6Jp6fqq3wxGoSQ6Zc3935oi577Gv1h654FtcUtm6At3Ep73js=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Program Files (x86)\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ny+Cob+fEUjlm8SwSot2a9PeMlkv1hsudFjeGKSQb/RD8qM37q4F1DJ1raDuwiMdK+Cbdm/g2JakA
aB0jntIwzrz5zRJ6ddbyOv2eWBPcigXvRjpz47eBQkWbq5Mtvuj189dGHMt2oUghWL0F6WUbgnqD
6/ibcEeACAxcTFbA8ha6mI2LsZ8RHL2GDmKFQm/P85NvozVmhCmeRQ7fttlRdSA6SQwzNMyDaGJt
6kvbFP+IA+0BU0UQn4bEViqYSyptCUzc49Q4hbuCHQXnJaS8KKWwunDscP3CjNISBBnJdSfhTkXZ
5gO5vyoaTWT3GCF5OxHjgG4C2/CHXSi4Y6lpOfsCbFFqGawUJEKdEfhAe8YoKT/TK4fTPwlmslp0
enPBAlMZoVoQjcQlkvOGRdJzALZx30GTKoOfv2H2rlofDxYiWJBh1Xm1nKTnRepmbLqdkmTMW0uQ
/6ss0giTfP9+s+M8B826hfmwj7zWktCMqY4vOcDl+kBQP5sk9geutVyxyH5dyaP0q1IXRul2+Mqh
/4f4CU1mOaaPR1BAWyBSHuf3YOzgNJ9IL2HJVWT3Keu7SsrXYaD2PD2w8cXUUOZ1qw1fg7t4v1jo
jC5EOy8h8HAn2qJ39WXn3qB138/J0uLeasUfC46Zl2B5MzpgkZx3ylqFFN3ulIh2hWN7FkH9j0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\ProgramData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
d0aaShlLLQts0c4+yMeuYVizuLaNSITmrofpN1hWCz13nPg7yK6CQTq1jt3sncaTqFeiVpz99l4B7
lVV0+d86XBtoonAGfcgOBdFmIrcxGYoJU5mPEbxzHHVFMospVu0TWfkbtW8U7QFuIeusMgZ8KMmn
v+yf3Uk7Hb+A4rwOuKdJKbPVvouyEdvuXKkOnR3E05X1fUf+r8C/kNJJEfxMnUFZTiu7MNGDudDz
Vp9ps2W06Ca0+ORKvMsibrOfUQsVEHIfhssFISpn+nlWjpuNoCKSVXqclhRcoeKDVcsjb6mznz1V
KwNxO8dyijN++Nm3HLN+nuB0ccijVwL5zlqhoDvyS03E0UOhjfOgsVxtLwTnTM9PwhEItyOvD5of
zn3Yz2IVat2R3K97ThwSoY+7+ZjBZEk8bKz6/IShn4qA8Xf14N5adeSzzR7SLRDQXc4TJ12q+H+3
IPP4Yx0C6hUEw8m4m8HYgMgBa/Zd5OKJk02V5me7+Xdd1vKtIOjVCfotIRuXRsChforcioOPY361
uvi5hCS+50QKW5cwpyFVJDE7GOZKINzTbftSQvV0Vd0XIyeR5bbMmCoZ8YM1WRlcM85mgStSAp/D
NC3zdb7acsKaqYMInmu5BfcWltuOImXznYk7108w/VKnRIADIsVYqQNLL8XoNiDSt6HvECVs1g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Q25dSyy16vlOQOYwDYYFONWX+qvDXdk/bEuDuV4euEqR0JUeXd3EAkaK3OKtFVoS+kGzwSCLlKomD
zckla6mAjTF7VOpudeOqTsnAarGkyiw+lm3qxuGLw/ZuvZqWhLtpStV078D2LDz2tyRR4eLBFoGF
XDAoxBihqdvkoxvGk9cIzrnxArjki1Y1kxLoaEZv3gHUbHUIl7XO3QpuXNdjVKTHoQAp+cuM/iBP
1n9Q6W187Mx/uxl3P2gjlU0Bph0407bYvPTlh3jWxsGSMuY5vt+JQk5jFkKxomGYBiUIzpAi49dE
tHYnCZMd8Ua+S2rJrxp0LrSJKOxrXv/+KQENNVOrF3XbRuejqXwDQlgjkNjn5YY+gbHJm2mEs53A
YIotMxDd3mNQI+d+N/flbD6SiDutxojKaAo1Hc7TDtyq4LWONyplR2LD/OhDrsXj/o6WG7HWz/cq
oUbpnJyOMQI6PT/SdfLCLnGQ12CRKwgxykC3XduaHYon6qNLVbQ1engvabqEznsYq7b+ckXA738K
ssEI49sBVm2j4vgf5XgC7ybbhlcz1nj79HGpQB8ki05OGUl6UB6Hz2r/wKTgY5ko6IiEaBHRyTC9
81DH1vogkHhJ15qb9gTRcYK1ZStJoALQ53xxGTc/EqArLrq1alPrumkSP17GL8E1AKfPI5zeBM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
E/Kvh7NbOcmUeT4o46XWeUs2ZiphG2OF3r6JIY17wqXR7wNT1LrMwLcN4uvTG3Ezl0fHgy2L+zYC8
WO2BWoBOi9iKMGV0WH+FD903c6KpdKAdiMRPfoZHzn+v58TycCbrpiAqHQWrlAvC5pqoTXqshMbZ
1Q3suNv/0uKHWXfQDQOH46IhoO7dYCoBSfGeqtB6M+9Sp/KcnDozFHTQEaP4ynNKtfBe0ugiZUhh
UYy4bcKF+xxHtTC3692oCliSHXUBIT200UGfUEjWe2Lx4BQLp/F+rlD/5Cuzl0hXANzhBdSEbCKj
tNm5jIhA4eyXcJZCIOz0a0jbjBnBpUSHnN1zpgbVfZr6IfZuPmJJ84+Q+CYItcdJhbojhtr4q3dK
sMxt2JEgBMQ9zYqf+SjxlPgflDlxuB1mAQoDAtCyU56LamYeYLJ0fnMOHpISQYZAss3kUm04IoVA
DdXwuXluy++agkYKsbTEY5Qfyzh9+CwEzEWxU44k23VJPwkcULpByNC83nfMmR34hR9aw9oQXzFx
4HYBQf43YXBw4xKywCFHb8EaNv2IXaR9T7yHTLha7gXm+B3H/mH79ZIoNrz/4e7YdyYXonnjQ7Q9
aAe+WilGyAAqvpKf6iLU4NbWbz4rJzgP2Q4tEgdE0HhjoZnkMQasvhzVkTQr7nLrmhUg7IRJCs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WVqcBKxtO4C+Xlet/O0EvnxfAYT8dXilJDtR1V3cFhJOnXFJEmXiMySrPWjiU3Ud34wYP+IxTg1fW
79GPY4iGf/delYwe9KKR6EfE+yrTuYdaIlvQUu0hmMWG2PUZyNV0CqClRDTu4R9jdiShyGqRKZeg
N5zfotaSYtpMy9ckE3X8wF6BowVpn0j8LeNxNoBchZ9Rnne0VMei4YICjJmathb9amRp+qJCV/C5
+RtSqqjuZYllH4ti/4ky7PtmJs3YwmIurNHYhfiEF7Rn1uspGDbfw3i1qZc+p+CwklqijO7Yinl8
ugPThIxwSV8ezqKJp1cwzQeTLZUhR4K/3tF10gYOtAYjCAl6cuteaCwAz9BwPPKlORLtBaAZSSD8
LWO6uQapeTkfDvxKX6mESPLX7s2My/iN/SuPZmIyAcFP01++QZsARwvJwFHsskjTAZZiGatWRaBw
KIF3/N29U+HKrkL1AAnTolUYsRT71xMudqYYthy70mmnRr8M2MU5csbYvw5Q9dgvEaDIstgixFFr
HST1wU3+9NLr72OkA1ivN//HhTahMnYcFAJcYsUE8uZqH6A5DU+MomwUjzQf8CtHeiFme7oinjtH
QeZ+jXV7w5WQ9A9HiRXyKYauvxAjZ31QRmAjB2xd2Gs0REkMQZp2PDzTNByoDiaDkymVhrtSDM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KlcG999nifHcsDZwrLPNZ5Ef1SyNZg2/+Q/+xBEMt9VsdXDsSwiw/H7R3FVniA4eKqRnIe8rSUYy7
Y1dQ8+nC78LDwo64a0SWAabKXQmz4FPeFVYhrUGumgK5Bof1VTp/9KnG9PgH6S+057NmTXX9WWKn
gCVG2juksTOxQnqlE67+iH3yaPID2PVATKGciY01y6PCQJOHg1wlODZtEfUTsKDLSURbEwWJH5gD
TYSxmgLSRxP79NuH2eBVDThCk8S2pE1lWWSvqsL1Wxqza8ek7q1UqMJQXsmB9HRcKcLlwXhO5AD5
bSWmQ08y63hbA6FeG6wlwavgaDcsYh5yF0PLOV61dAJnlumn9f3ccKVWZaxs2B1i3JEk56oDMUAW
QY3WfPiHu5j6ZAFHyOpmx8k2NUbc965PBkttfG43WP8jxMT7XxFn2aDfFf3zDQKVy9UW9mAgw1fU
D+kwrujbkSvU7xmo7BhjECgMY2Qn9pVnhVa+CtCt2KJ14gjE7mWJTYVtmbjnnHe0wFKRyrPF/3JB
Daou3g9/QG1oIOM+/e6dfG2kz6JGxOewJ0GDahZuS0OJM+VbelMiu08nNAyiJf8FesJtZXwME6PO
0BoouaJCvwhGl7HtPnTtalyPGHS6dWzKxMDVqBasx7S5qyYcZTV4KsfjJ08dRKchu9lx55hrRI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HUA2LCSdarZW7GCxsRGQ2MUkRW3NK9EmOYwD8lRULsQhP3V2ojyOkcIHDYWmyFEf6sXgRznMtPnEZ
/+qABAh+2DDyKrWzEsHNNuGXiX2v7gXuCtHv11VzRGOM+b3dELtw6L6mxFuX66G2ffha5yeCPL59
hUnaMsFEdpvppxZ8GEHrWvLwdVW1WS4UmOxAM+REuLKPB4D+MlX85ZurkofbbNcnF+0BzBeQLjW8
7R4OFU16pvL0I6WjcHTOzU2lKasL9M9ZT161QNRddt+gmPYJSynVl2IR+Y4oN7sZoKwLpC5zJPOr
gNzi41ZABoMBMbhVSRk4z65h4j3g834SDUczmmsS2GMnLD2CwAvmBx7QLqIyQbBAmgKeFhArRZIV
WrH58ir7s5lqGw7e9dIR0ZFIOsWXU4r1KHHQt+IF0SkWCq1DknsFFWvh8rI5EP1aXfJ6ql7p2oLT
WtAFOA/vyT2vja4XPXfIa4yTYYx4WFWjAOIQMieoPtVsp6h52Aa5bTCQvAQptBC7WemLIhtLYIPL
npdOFl2MqBD1eqGMQFLMI0g1aajMiQ/Bci53CswHm/7hBfQd6mt1+VkVjWW9ocONhSCk5I9RBUkw
PPPewb73zAkuS1pZW/g3lyQEGbS6uEV6X4LWfPqnEBoU8FvuRxk9Ug2qgdLYeZ3zAf69fWbBY0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lfpKBdggBXnF32QtnnFnWjtl10aS42Ry1WAQWVzt1KYNIwaUotQoqP/omXV95cxmElXfQCiPKx2en
s7UXJOxsc3R5ZKQzDZKbWHVKvQHy4jz1hnPeGXFjHgS1LZBXVhlTlLyuVPI8fvqR1oDJ08NQ6UgO
WYEMVxyuHPgPtmENetXxLLqStI55wJOmxxQCwkEOVpWCng+0udRYbF8BFdf3SO8UfMpR6uymjHyK
/5gztrpuHokrwFLnPwEhLivLkXxXO6Tw7sdnKHIFZYbdjdfNPylY/DL9VvORrrz+mczHwuqhxOZS
h2vcMADRa0w5tr9npLfI0Tfvt0UFVF4NTvrQwmx91L/H3oTUtd5sUonGoWHiETRgkhxWUvWT/7ft
p2R2PlK6JMLD0dOH61CN7L5rtJrekPHZVSvmGAThJ3y7RBQFpaXYsL1FROSCV4dPwY1oCmBAE7Ls
0M52JE1DfF2NE0EthGC7+Tx3Llbpb3p7nXj7hZzfEyreDPhCRwLH0tzYhy9xtdCZPKzJlUqX3ftm
t17QqYDBK1+FPt/qzSWrJ4sehWsFVnIyMsN0vQy9pmN8+5+ObWV+vS6baXr3vnXu4GzQbOqphwhZ
PdWuijVwYuM688Fge9vhdag6WR9JtUoiyuPqCQrwILAz8ZTGNMvvNVtZ55biVpMmKzed+hEPyo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\PerfLogs\Admin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SuHc3rxrPx+VcBIWBzhz98XGaDAHFr3yYGXsNMfEVHPsv15hS7HuZRP8b0xLZID7WSnHtIwRwIC4B
Zk16zBEh0oJHQW35ekdHqFhmE8R9eUqGTqTmumgd6pTBeNQ2kucuQFRQqq1ahP0lyk9QN8+Eq0Gk
Wxm79jj5oQwuDB2QekCsHBkARCWgwr0zpnmCiUQ/fDHTEx5XkzVBn1XNMZd6YMXCt6eBtFbUtNFF
BtCiM8pQre253CVmjoV2XUl809KEgfdp9sed9QuELeWMuTKzWanT+GTYuqe8SOYRd9NCbffzFj+M
TZhI7gz1d0UGfl/gi0ijdYtKnPsfukzpgX36cYUmPYFQasB8e/W/ojrcbnOFVeci99CxV83x486l
UQhV7x1QnHdmMWAmjzBPt9detJZT/etWwre20WU59f/iOgZy8j9/Q+smm5A5jZPSpdwd4uOqHQi1
tpTUQyGy+A3X5kk1YAOr4Id1R3QykJCFX1TXULGsxQOdz4TR4zssNgkUZpRKbULwSf+VuJk+d4Pw
kv9FjDmbn+Vc3owCSRxhdYtKNA0URC7Pf2l89ptF0dkKwAjbt3qUwE/6eziLN92KMvnd6+TW98Ch
0iVCriAL4CXDDihwRsR1ThjesW33vMwQIEKS4wrErp7mS3rqeDXksiemrQtABYb/EnOoms/WHM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\PerfLogs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
R6sK9ybu6hTrqg8BWEPIS55pip52lcctrgN4qjYAAQ1adTPEF3m4l9XuoApFZ8Ma1VtEKX/aZ1AqI
AlMMEKq/0Gi5kBEWLNiHX4FIeXwas44Pu9rRbgZ5C14tZ9iQDynzEmpsj6jSjx50JS6nI2c2jcVY
JcEn2gFvXTq9kz27zQDzeUBCqfoJh+aNmwZkWb5E9lPZ/qWL08iaHIq1u+4D1/RQiFHIhuTOESOv
U8QzK6pkLtKYh5J09VEbO3tC+DDPQxLmCbec0DX+qMvbIdpUSAS7rQW8FihfP2K30DE/PEzaQH7o
XW2/FpGjJ9WW3SGERB3DzMueKuLK7eQy4dP997ayrKW44pr+ZIWNjE8PixbTuX+iudO89rkUprXs
iJqdRTtenmcohXiROKWjLaC1kvD4cUI/CLUYYsjOa4fPNYE2Mzo0I8/v7voJjJElP7fwCpS2k33w
q337tfeuygA1vBNJFtzWazbJT4+ocIkbD9k0bF/9tQuGZKnc6veHkmbcedK4ZGuyau7DIGjAzpoJ
yi4wORrq0XKuqoQLOruQs9YXnuuRKtu/gHGbgo6mhX/B1O8+EX7UBz6z2c0ouDipFLrhShn3LFUR
/n5Uv9ou/C73jBH7vvLbiUw8wZiwjal0dzvBuMeI30fW2OPSKZXm38fa7XyHcMrGyJrmHLwGTs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Program Files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MWF6NCiNOMmvzvB1bxpn/WK+jQrT6u7wGM9GwrWJDnnIiWnPkaPlfmNtBG4w/cfKnBCE5qNHtWoVh
qpYI9uAafuY9tpibTSL+7W1DMGWsxmc48M3cDRjWCQD3n1EpsvKMP4uskA9l/J6FgaNSsmN//rIG
Y3g+j6jqa1tLhZn9OrEcDQPy1qtqDhhKQ9slvrLW/npzzoHBhOZpiD5jh8xu8CrhuM7aU48kXqoH
hngtcMIXixMxloFODxmei7SmalZiorKJtt1IW9EMvlmHkWR1ksKVg8pwPanAoalzVTgwu7sJWiCS
WI5u1KH6cKBETKr0m+SHi7TY4gA7//mV0cpgo6Y2/9Pv5XjuSYmT8T+IVM9FEqAC1hMBaHFtfXWq
tuFzdMnw7OwnHfeBEDjbDnTbbC/P4cMNOqIBRsxyYCNJhOjFjJfS7LyKFiM0bK3arPY1kgQ/hvYf
yCwsVDvpANCL3+GSsp0U7wcCOPwSUPU3Fm2N3P6mClxym6Em2a2HX1z6NhsiODHtGm0eRITjaBFk
jPbFF3Cu8DMkBuFAnnR0cxDrAqlx/3lQOecMTUshFeT/XIm/q1ZGjmILqv4Ae6UgzKx6P9ehlCy9
6Z9GdiHaoYW4mZzGvdRy1dfuJsdDxmUUNiUlVf7dUuHfu/uR7TorXwy7KQ00zUkpnlv4pbnxn0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gXZKukBOMmH3o62AVHXcSa3QuJy/HBhF5gxkp64LwiLin4j6IZ2EcNGxLkJzIusOZWRl6f9NmQc6b
qp5Ine+NhLwqsmQ/E/R3I/GuFJ2g68Y9OYg7c5070WQ755MKchiCmHQuCjaGwdhH06S6LC7ntvfi
ld13qfOr65KvVQbjDlV+a4KYgC5yowtt5BLxZwn62RUR3DKw0CUnBYeYlqpvsEI7ZjU0UoevMmu9
M+CkDd6MQIjXbByLeW21MdBVCVNXWR289GlQ6x1szvCJ3+vUJFWpk7mS51FhvxcPcqHCQv0PbJ2a
XdYT5Mv897ndQnTglWov9s3WY8FkhvACED8CS/mg3em3x3JzoMTl1k6RoTgmDJ2pXGFccOEDu34d
VDQSFycGzmEjZica2XzQFyltMOQEO0lqUPUsmrKWHMXlEKoVpLrbk66s/x0vfLKcL/YHgy3l4Ud8
dtsk5wjSkord+0zvlqf6xM8UGdMWITFshv1Y89fNldimR3+fC628XSOWjb9BaMEtIyy/uKAJs2LI
ILZ6GzAi0jtCAyEw9V/1SOUQkwgYduP3gcj5basYsdsN1iFEPo66b6AFPGmFf6sr6PSjKDBfaLQ5
peY2VgCHph1mo2aUSEVNkDOr7K427iMVtPpCvwN6Z4VdOKGkJlwaON6NsgjYJo0uy1WWo/sxVc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\Acrobat\9.0\Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NrTTkMfFesBIzNCDA8RbFmTFG908FVHAuokqjtVCPoKCluZmZMBgBi5sprxrSC61zxTZD9VQ7JjdR
70aZ6KuUbVmw+BlNpg1iRIW88zr7xqPraYDPvuxg58pH7i4yiF9e7/Rp4HgkhAp9H+g9tck39cAB
Dt4RSHUDbj/D7AtQyk307rXdZVbli9brzP5wqWcdzCgn7OqBuNCE3Iq3FT2kLaKnMb7p1ElWUFrb
AD7vetQJD15tVroI/Km/sbM9+ne1ZafO4NjQIJeBqKM0g+RYWWU/h82Selfrp73Fz3/URMN2kimv
OEntHZk1hVtd3RH+ylOFbXvu8YmRNtKiWCvNQN9aqsmdzLFxgmbGxBik2+BGgS+gIiBRbo2Jn8Z7
JDuhVV2tUYpl291A0LZ5pySSDfxxkL2+Xx2js6IKvlBbZGeMwR1U2uYlHuW78+AjJH8jG827AMxT
8yzln0SG/eGRs7KZtoceVPs2s3LvReZa2hF9YP65Wp3qfQ0JG5J3JaKW9noiX+/8S7JOq1qInrve
zXq/ehsDLhlpBirFYKKCn/ar9Neh25IU4haEft5fqVd3+PZ3iAxDCiWunxxedofBtxr9WrbGmK5q
4VmtNNxtGnoDx5M0tgan7f3An0DoR/Q8sQ/ugls1+LYnKf+b4U6p1IEs8BkVuRLijwQ5SpKSS4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\Acrobat\9.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lHr9pg9/X9N2YW+7Fwa9gZD035IypbN0XjUZnnbZAt2J/ycwlxqaJ1qcUp/eNtPrTPoOAGqDAVs93
nDTktS0hLKj7DRRckaFVc4LXUh5NdRUodkzdJGX8nEDh+CAY6m+XAJwkU+Wz2nUlxPsUBkZMkCb2
9shitbA1GhVr6ZfEQwekHgjdj1vKwCjHJX+iZLHTLiJqjjWJOuTiRREdIKi+OxpTUJzNATOmnwHI
A5aSgzWrTX7Ben8rFITK8BMJXcSOphUejp87gFEYNBuUYl/lTj32rgIUk+BYKHPu68uD+x89eLv6
GiEZARO1dGLS9qwWL3YGW677qtQ7edAdDMhG0TNXjn9eCWJ9wa0iGjvJKy1JbQx6hOj/dAYtic2S
85LyU1p22hodYnZHWbrm8vf33TaHPp2v3CoX6NQPqAMImYIiNHZ9pwI3ozcOez7xd/s1WGYn4/O+
SNpAxBHC7En8UzGXs11SQBdNot8mtqd5iN19ZaM9TiHTqiZhZiktddUGfCoRpanXxcXBHTUncvHO
SYTeoGhYpCW7nXHmcVvyatsQWmaJ+fjNbW2HuZTs8D8pLVQNezMs+NT5kWJ6QJONGYuSoraIW6Mg
yzDZeh9iGWF0+nFkrjqOWdeOfq8WrjG7Yxt9aMRyz+7OB12EUymXbxwytyVsoYQNZEg/KP7uK4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\Acrobat\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aOfgi/NKJ+TlyHCDY3OSs6PPhGTig9hGI0VAckNIjom6Wxu3A5ttKPdGne7P8GsUKdvggWnHEvaJX
xJqNVII+lqE9D4vAb6dsAcIQ3+3MGiFD4I6fIZBACZ8iuH6IgDji2PdgujMM0G48GivEZ+Oq3JLS
C/BzQApwA8zPfhqHIcJbDskUn6eVt2LYCsgUHUuN6Dd9uHOwm3KKQ7F7Ql+3laX0CDQCWVyjdjvT
sk/eA+PKVxxLdaEz5MZJtrtdfO7d0WlthA5GY7eJUBWkTdpg0aiNtC7qB/Er/DbOE6gZbwfUUdGy
Z7RdZUI/14QOrWyqeGZ3SmjsNS9QgD1uU+11HYmPXhqU2B5jMsyrWV+TB8yHD4wkWEEwcmgFJ5L6
EhI4Kw6ioFvLcS/i1z09LQ7EQrdeQURfwqkc/mchb9KH3zmYSRSoaO/4YA/BrFP9a41HpbzdfFu5
/I98e2p02HRg7hef145kIabSZfX7GgV3Bmp4Y7aW8Mr74FyVrkFYd+xjRjbX/JeQ5J+DQB6Lf0FX
56B439dybRyk6Yrt+XBIGoFeaH5Fj9v+yrGFsOwNAZi2fL7PHKUXlB0bgpSsvVE8r+2mc3iHpt09
nnShqk7KCnKpiMY5D+mU9OgCb3sg0Hh0jaMMDov9432+En0edlm0oxcu29xCNdBxwHPW/1OBX4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\Color\Profiles\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
R0kMPXNbo5Xo3wgHxovq7ohbXv0Iv3/IenH48L/VMxNS71gyCVsDAta4lXcOBwLJecK8Tgw56jTUj
ZAxS9Htmx2IkmnwMIZ2bac3tLFRnlWqW1Iy21Hw08iO21rona910OLnupsERqXrNpFlf/HL7Wc7L
7M4U0iaijTPm1oc6RnJzPED3G/j2T3B9ocaLq2KGsfL7x4L7EkVLg30eeimHAhVnXxNSpOCCElHZ
/vxhs1Zg1hyOZZWM4wFpYxa1FGPgwuLGU3r3yrG8V47/xEljNX7WQtV+4pn5BMhluMhuvL1ShoIc
BXu8rqFYz2tCnZRrH+15OKhFjdjXAe49SC8WyegXE10tY62jMwUW7hmfdhmDn2Xl3K2lUJFRNgte
ycQOg4KVL4yZ12aIz0CXKP7mHBR2pUlWntGkYnezb7DBvFFfk2xax1GPJkdaYvMH8C0gDf6vh8Kc
0oT2K8YepqpivsJ8cq0zTRscAR3MuyU/FZmSiNDh4EBMDQwNLlQ8HCshvoCxPlYb/Djx/1LYJbQN
aTiQpKpJGpjP+c79TdIfgGwOAHwFkTthIe849lkjmNFjdxSALvulooNLSQM/aa5NyucCn4YQW3Gg
dV7qdZ/KS1OesE/wUw4Z959AT/XwYQQvWnvkJK9DqAEIuZAW4JShGt/L0x+GRlXDQnRjWzoKIk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\Color\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YymIVtkRqS2anmk2tF3KogRkrMKuiXwRqQPb4o2wSBrfFrobvj0ljV/gbrkhDsHVMgrs6AM45S9zw
CQ3p/7LmxXjlocbb7OCBmRr8EooJso4twngOf//45tEQhanUb2Uvlj1/CwAsfjQX8bnypr3lJg4f
vrqr1YIPr1a1TIR4hsHfy4MoErBNTdnfBOFWQVs/kXZFiCTcM/VCYjtOaIZyWnOMFu5RRXP8BchJ
LHeryvWBl3J2M+OyeVqElXd1M89NqU70Zan4nC4kqcepUAwSz16X9arIH7M6A/tOvnshX43vct4Z
8hceRUhgCjBMRoPwXxNpx/SUQb63tFjbtSDAfZPvu3IfXc2rx5ZPQLtMCFJUbYux+V6gfDhs6hE6
0oYdwHTJVP5DPE7GRNXmSEw3T87mWk88WBPsMVtEp2xq7FhtU4rpo+zoCmvgewJkeWWiqSqsbn2g
6/mPnqbVPf+vudcqzgm0+J/fyrTpq0A8rPyihWoQMxDq0xpOjLrjj6K6UuaJzHT5aOc1gLwob8Dk
j6dKIC4IfUbbzA+Nt7yd6nXzM/gjscR/bi9j99k8Osqm+Be1OAGCwA2LVCVyJpquAIjGeEJFTt2Q
AsWhURIKZN+bUIHONQbeTzcltq2urQ/zv0Pjw1xrERe2Bnh0JixqdICjCN0EV+CPFrQF1YpQ3o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Adobe\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c9i1ODQ4O5IJfTMGnrnHgeFPRWySrtqvPYnkQH62UvY3Qo4NPOsCwMzzZyn8TIaL0piVayHQhzd60
T1K/vaVd4coMuvLElCQc+WxUCgwg0jXezRJjiSf3jKdpamQjd/OHlhEgvVC2TOqBuiADvVjY1waF
1JFXkAc5DFymoUMYRw6Ry6siOtLNj14ZN+tma3OGRozhlCI43P9wqkyITdoWME/N34pmtYKjbeBI
Gs1swhy6m7mpBxe28+zDrMIdTUXKkEZHC53mMpeJdFKf/fACv0iDw+K2KhSzBiXd3YN/aZEMtOBi
6LvKq5CGQVXfw9g7zoLlFbicqMdJSxlJDK4JujWS+cCnPt0Hf3SZSB19v1f5WhTVqFvLQcIziTrB
c3sec19LNXl8g4fFPura6FzqW0x2XWnAB3CRJ/9IgHpSnelhvJCzD5QSXDLb2E4X6psNB/9m7B7G
h/FaaEUEuFhMX2ZA/ElW9xQedhZOSv3D3lHyt3ltKF4cyXeyIC5uEG14HFC6VeQE338tRYapdO2S
QBe4slYiKdE8omG5wvqYEhAdVXO5y37mc7sFLCaa+G3l7LGxLIjXLRP8ozuhBn/f0/nglo4usayR
4472zl/FedF/SRZ3yL+btadnOxw+/XWL9pqcz7rfoNEXwR8+RICOPQHVuInKNA/WRurGo/znKI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
h8xPOd4xk2rMXk2lE5RHlz++ZyPTo+RjiVeUTphne64BPBzPZSHU2597ozbbOJtp1id8Xydey1cfz
VWSiudDJ6O0jPxWFVBy6JXnTtfAoBUjZpd0cMg+WB+ovfzNFy6LmEO2MRxYMOpMOM/kaT3sr8UeV
9EaxuZKzCmiCGPdsZ2k8kY82oQjvGcFN+ONHMi2q1WjFRg+sJsRgZj5pCJo6g6fYOF0pkn8KaOI5
lRqh19PlC4lmhxZaWyWsur1tHdEsHjswcibji2zIHOXwMkFxW0qHi00b49P0nSbjt8Q83/c8aoiD
gYlFwF0GQGuy1t6YPfaqq2+e4U7skml0mH3utlAGvb/eOKR8nUlzh4Itv0C+JQjVQBmGFs7wGfiu
4V4QeL11ilx9IgztQTH2SllNu0amh13KgJ1gkqWFgIXWKiU4ln1TzoCU9KXfvth0eG8NHNPqdawg
MOEq+FocBJqgck857kA34mZLWHGVFVBAOo2HHZ9deZ4VgPEnKuiCoLVUs/uMovyF0sRTCVD2sySl
6L9xgShBcFV7Y0jBFbcDlMfdxIq+nvGI/5oexHWrmDnQ4xt8u9MADxscwqvbe+03jg5rokypKEfj
4p4f5UwDNs29Teka4RpW8AJvLI8DnKC0ksbLAeYdh2dxZP4xJpD5Z4XlEJ+c/H3akdjNq0uilM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CertificateRevocation\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fjGg2zd6xgaWwpfAZUVPJdNtL+UGpKAlkJpVFsdEnZ+79juRAjW4Gq/eATUXu8NJ14TBYdvZZYsrs
PwanYaWpHLw6oeR23jV4nAL2+bekkKDYDvXe4LIkh2nefKQz40UK/FxeeMzCwCxhtlBlq80fvi8R
QXv1DOhh+10msYKfKsjgihg3DJHg7rxfnBQdkIstTPmFb28B5Il3PnQA8caEuMZVn1X4EDDNp3cv
+KvnaQscpu8pBefFSu5G2jjPjaECIVYDIpLsYLLmjc7P6f0AffnQX8k0OdU4TFHgqCdmcnph4Dpa
j3zPWotiJJHemvENHL3tjtaesTh+g6NMZPsizGjMt8qs7t+el8LZFbwsUQLHGuB/8EOsC1CzsO3J
KBM371IHvPENuCy0bMz3pltMWo7eVBoS02vEpxR+LOjltIBEIICFvI2WGARHotHJQn4GCVC1V6I8
4v/7rTRxhi6QhT8C34sgeDwqckuzWObsyw6MGRdW22zlAiYOXYkEzv8jLAehFAZ9QwxBG2ElvlIO
XstOA0u458tXef4CcEIZetnaI/Ot6Uyz2ADhILad3iQAO9QKuMAqV4BaSf0jA8zuYmpGlN2dX6Cl
LdzDhZAaf4rmUmYh/Sn/ulbSYnfMEtX9nFpjxRD1sSczu8/AENqYtM3bblolbyfbNCCOGMDRoQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\reports\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NOUCisrX04DYaFlplRlOrQe+RDytok3dd5ce9LAEFNqE1t0+OYJWF6AAGiDr/Xpd1snsJpKE3k883
FZKWE1MrdiUdgBQsz/Zl1VvPFpahTNtsZ1by8ueFoGtjPxxsjvNf1YDhqnV5nzfQgv02Zm2eQARw
9s24gXxtocEEgo1V0+fbCADzsYXYDkkcTtesfdpKD7dVlNYx/Wis5hMr3nrxr54UMgNGtxAL8XdW
DRNfZqtmk4+sctSi8R5rzvZ04kKmsLUHhAACIXfMhJXJG+jTzOss1f3qx0UO4BLMOILfXHyMUGNe
r3MJICFa/gfwE+3OQVKqPIdcVjwao0BN1IX+cDmi6EywXmRGz5tlntrbS9GtWw+SctemhiO8h8rb
UhN78RdCQDgYq+OAq48+6wY1mOycxJeqgr6Zl+OhPdPYnfd3P7fIkaxAp654QW4qi4uyqTQvTFdo
xnq1KRjJcLek1qm34Ja09d2iAwAyLl/ZOVHzB0CqGlvI+Y/IpxRWo/ZTMYgi9CpJ79TjKa7sVsCK
9SGSNdnFJiVGzHNliVS7N9R4ySJFHtxuZbM0kHTqfqI1uCz8sDZQkCaSApGz3OdcrdAzxCOiDJd+
HljKchtyjZooXZ2o+hOmyuz/JhSXBiFIkXlH3OhpK52Km9xHRO0oSCRxNW1z2QXh0gbZGGKTls=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c42ElYoyPabOKyfZ/sLbPZAyFdnltssJQvExQS/TLh+/uZqD2atzHl0NNlFoX+ndAtLjETG/gHFBY
Qps8alo3nYTFNL1/bqVwUdONIyYp08A6W7YvailLxnIKPUgPNmtk/9nwGjVtRdqo7uwAtHk/p5Q+
CVaQqWTHaY9nW3qFXcC9HMlzY0vV6HrPuTrnaoysIPdsQqQfnwQdjucoHzJA1o6daldjo8lu8Rmx
Mp9LyclqBHfWn3rgfVHAvu46LmOrY5mIX/GZyeozLvJGyeOHNrTwOVxgXad3RzgpheLOjDLMZIVJ
48CMP0akSX6AmCZmR4+RkC26OjdT53glCUi+EGQdUOz3wQyD9k6Tai8gCTUgARmWFbnzC68TQ/wo
jSmGSIN1S3tJRPMZw/nt0Bn6+y6ZeoSFuaNnb8fgkPw0ormL2Ng4V94TNyVyTu68msFI1TYxATwo
fWky1XNvm5EDhbP6RxJGiIV2YmmRR+4A2UEa31/BUD8lcXyoRqVDRr/Q4WZmWeihQXuVM/iS/Bov
QdT6ODshH1l4QgWpgJqtcENzU8JhIExr0XcMbrjB55oG1FgkBIqm4UMDdSNYK6dqZpV7bMJt755x
wF283xro6RM2Z2AohPREmOm91VoMkwARkrjQaKQFUYDgUo+hKw1Q87g30oP+KxZY26rk+h0UD8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crowd Deny\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Qi6VqOuDn5/R0hOKsmMcFsLOkvMefTff/0EtRsTn+dI09pmikvW7xNg+VVAQ/4UbTbRqCe1OeZO+K
q40s8CS47YKLUowtLAHEZbfJkk7+hocN43olK8+uspkzZEbzXftFgFWOde69OH2GzNV1ueBIlB83
aD0/sJ4y2SvDszZRkn5ox/PyZPNHUdet6I8YHZPN0d8QTx3K4sfiBTaKejbCfLv1vMRYm1hQAHB1
l2ZMtkaREKlKCAOXnLhOSGis+IZ1Ti8xHD5PitjDxx1B8+nTjWZMi63BlYabT8msg6QXqTXeDNvD
EVl/DEv1YhexGeqR/9MEKW3VWj/EVQlEcsv+MPB2cngFl5oO0Tuask8ndtE15tpqLpGixl8oUlKO
GvQYZpGTKjMGl/uyvS65lctQaKtrLb0UfDkWwNzuo8e+2drkCTbW7Tg9diTH4/k+jgH2UKm9xC3F
DbxobGdE8r6yWbtaBoG7wQ56Hrh2gbSRZjh7iCWw4Oh0bXV7lkvvt3wW79v3ZgoBhGMV6ANCFgPW
4WgVdvuHcgMag713QOZGSM/XfYEmFQTIdQiylSqGtR/xzdzT2cz37/m64PYAzY83tyHZ8wtg+hUB
69uoytkhPSwEON9GiGzxF23ZXsNhFC7Fqmb33sIR4JBGJdeVrVomoV5lOS4ryW3bs0+j0tD7Ko=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
E+4IJcf7KeZTuoWIViDZcK4/nydSiLOBaNDKEif2SpntOzWp3ro85HLshongThhDzdGBcBYfA9yFh
/KJRceHFX855zk9b0btqeUqg9M+HJ7FG6jAMKO2lh2EtGBoZpS/HnMQ+6Q4Rcc9pQrr6jIzUZ7JJ
C6F8dEJEHePmToGtJG1rm3STIpQDe8Zb39G5JY2JG1vR0xOLs17Gqzyg/p6YwCPFq1y/WTE8YvQW
CcougcME3ezKH2iZiNYiRPAgCbXqcQ85Oe5MsOZT91jCZCXwai14Ir78v+HxCjmDJ4ChBPJtC0Eq
KCuHMiM3Vqp1fN3p1wQx9YmnMJWsp5aFn5aPHf+uLdkQoXe8GZy2GoE8CYsABPUX7BpSj5Q+nG69
oCw+j+VpP7M0JFn57F2iV6NLChq3RZK0I3uZmZMHz6Ph1KDlDEWK+5cO6vWRVaQkltfigRQgWv26
9SWoGisJQRHbkn7uV9PgneTga/f6VBbQrJVqfW3g4syKz3KIDyQa+28qk3KCxj4ko6c/vZNkYx49
nUdjmTOcL6KiVuF96938+XpH1cJSVsnlL0838Jfm5Pg8nVh3Y6QBkKMzCSLzuOxt2GXdX07bu/gF
I26Vv4/8OFdbdiuVWj4B7eLg80aaIkmk8OGlq7Tjr+BgbCYZ+wcQ44VfpjauRA3kOJOuHkqaJE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Jkr/cyB3Cmd9vyM5wrQTh08L4rRZTv/jioE76KTuxkYpZxr7InJ+v4M0OE397zmU+bu5VLdXA1GWL
4JoOlfsKKpPb9zDzj4xxanaI8Kdv775voxBoc14P1ojcq2R03d5EYVzl6E2YQl9yslOsC3XaHeem
pEUV6bW7j9U3Aow+pHXF6NybvzI6ZphKz9oxlaNjzXa51Sqf5GkxI4TKqrdyyLxRnfNwnr9Mtup9
icUD/irw14nuHIsRQ+rVli7FZ/m5D61AZjH5XY3y5x1HD0SOk5cvVlU5XHmJat337u/lgZ+x6F5c
xyPi9flnhjnYhFS+/VR1zJDOVHf6NgwqFv7hlHQBU5+DVtJ4XjofxIeChn2Pz2MUKvZM184nC8UH
LWhCGZVy/Ercq2W+DXgYaCeKFUtGdB2slSTGB9jMKfE5wq9MjRcMmVGj6rnRbbg0HCKrmnd5dAnv
nBtzrlwbsa0mjS/d+nkRvBlTPIkt2LsiiEGuwU7BSBcMzUSRkZgSFrLI+Fie4mC7PXerNyti2YkC
bcvqd+zrymsJoKuezbEYQRGEgZYckoVqZltJAb5PpEf2uxrFVdmg0rrDjknMKhVi8opkbKqpH6zi
+3Ve66CIdiX4CSuioQqMaeyyGaBrgS0aBCJGQgA4z0cO18vJi/wLgSkxYxxcMHYxHk0oF7/1Z0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jAJPGXsup1aPLbnvs0SNNLoHQ0wlbZ1iSGR8IvQlNsHwDvZnY0c6jpmgthpAz/warQA/j/3sWL8eW
z1VrgCMwWXPgdHgPb2LC+TScT/GhCyjW+nO2wpTTBbT+pqTtNBAGW79vk3bfJbp9lrmKO3pcI5Dz
5qvNTGjrhBOya3YA9ca9z1gz+/X6ACJrN331trud+zKrqW6jFdcFt7AG/QMzMDRa1Ixo0zNX8L7k
kGm19iJikGahdHGGaIljg6oIvkh4RpSj0UgSHa+zAVYkKBKTw5SE58JhM+EyjnDng+6Ao6tGElO/
Z6q/5kaZxj2LP4ti6VSkqaciv8cl0lNv0DypewQPO24bpEqBy/8rgQ3+KcppUOhKfKrM+f1LNRnP
DuTtHBHfvmTMKv77wofDJOI+ebXT1b7jxTOqKD6RBWjW2MDt5gTQyJsyuUJ3Q3Iruoje6Gmab3mr
4o9CyAnzHlEsUG72bt48T/NisJHLYjaLxSp+LpL4XoE/q3STpCkdKPbWVfHyyJYdW4PHNRZD2byl
LVjtII+N3/JISL6Na6dqohVPRhUsdpwT2apjJttQeXP/q0+Ws2KZ5a9P6Thc0azptZ6sME46R9mx
cRPfiunX6CUnbzmR0SHI3OJDNvxQwEq4l3cZwP4vCpYqUjcFH7QlKLyAb71jfw+UgHJO8TlhXs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OI5dxm19+V3+zjjlAi2QKXUcbViOdzJO4XSeB8LbgsQ1MsBq445/EFHYYW+Bs9k83AZDFrbqusNeR
DjArjdTlS1EEa1rLXotlNTyhBHLyoRqVYLMqK5J0LAz71OOZUN6dR5Zsixwv0e+GGGzpJV8Mwqkn
ho0FvfnnFGqJadGEiiRHzqB74tIGsJy9W1S4o8mITvyRE9np7DZNM5tYtw6vrNRxH0xoOl19nexB
uRFw029BSE15QcPx9KK599aCEIKvQmzkidSlsWX2n9yRz5nOGPqCAYYnBqz3hWTie0A2oGXtpOSZ
vBETVOhIpQAGQwIZgIpavGwTBkrV92WwQsgipnNEZEenyVVTSs2X2blih30UdeRCuRVlJGUDnTE9
nNL1uC64ZHg/DEOimEigMKQrvhUFGDwnjzYU0pXkUBY64Q3DBj8WcSbGaZlJ3nRfSoVaG77c0xgB
XlfkG71dVNlXSVV+wCO/89zaZhA887/EccS4O+8CZaNLzA+bv1cWaxNRmfn4ghUHjhnLzOovlMrk
BkPyCVan/RxNgwxB8KVQGvSqxuIpl8/RqSjPAxQWmRJ8H68ulGI/Z8d6sZVOJbuFXpzMf13hBLFn
F0CY9zJw/qn/e9iGwKW2KdEWwG83K3f8wNOg6zSNyzgE8l9v2FCDgTeMueYOVmzZkAP7y+12e4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\index-dir\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dk04iL5ZmF9wfTZPP+CCSrZdLTQCe2N/UMOiEAgOu6Qm5Gaz9/8k8H5uNoGjs0PEnj8ON2NOlanRu
vxftXIcp6ScMFsLQCgOyCq7+azo591HCgL2XymYnlhqoOKHcUJu1i691RyxYFT70Ki6ekEh3NZjx
IBfxVBzeZv+dVdICV1ubl9XroqwmBb7rYuRvrVfq5kejGyHUOHL3LI2PRI5Z1zCo0PLp9dgL+bfZ
V0yzQtME5TBmVMwnRTb7DbunJlWUV/7iOLu4/wLkKHv6lOk6zEZdRrvIttwzRGRnTpiLsJVNXWBI
mf03aad6EhJrEOXINiv8Do+a8984ItMXeVKRsUaDPjuEXP3TSOZGYXbAHvgKUym6ZrXMhfluTVQS
Oe+C9qQcH91A9Sy2E+UVlfrTvPlG0o2I818AypeX3AB4J/5kcHEjUqk7kuyJmA6sQaJ0FS0Yzh/R
zF6zHgidRl+BsOpZITQ9yXinaAf9xzoz7p+SPwxat/dN6rG6S9L1z0PKtRK1FgWxbFB8U/bfzhCK
Kipn0wUnQ2Jo0LhIbmaDFRBG/tQL26p4POcQ0PAHMPsoDbLO6huB+1Zmh2K/K/FhevWeDWBaYOZ9
jj8QqziUfj8T/EzrAWgoOuJ5aadwVAderGy6K+MieOG1j/nc5msEfhBdZr5sJno2Kz1Pud9uHI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
APxfhO+J7vTq1oghpgnF0Uybu6jDPrIuL5Kn9zQLlveP2gXO68mISUucp1OrG524vhZfjZFL6naJF
SkZ5h1rBCW266H8Amwu0Da2RyuJNH3vII2yOqR4MRDKC5kpxvRTzlysChXgZd5npi9W7g2vR9m2v
3k7Wle7yR0vVMwfCk9pFb/DHiVhvMVVuUYsWj+/agUJMLjh0PhPt7CGOj0tpA+ul+C3yn1AHTfBV
NaCVBm6KqSCM3KcyBwLq56lryPHhQbmNtwJcgOwTxSDNi836fbKx0W/w7amg8xfQ/Qai49KtMU/l
LUiemP2nqKhu36+cFVWuxkdPN7Uqc9WTcgOmBgxUPX544DfD0Vsf8B+vqcMAt6iwtbpjrS26uafU
ow9StXz09g93fJ7PiLuo4ek6cyutkhoNdl5zPCNn22c3suVGql4Aq8XJCCA7AqSNow8zxoJS8utF
uRzx3AbPJH0xaPNkCyl/d+JGbnBy1CTy7BZwYFz8i+Gk3rkYlIrWFJcbHP8p1EaonDbUwKLQokZB
DWAltZPsnwVIDbsvuuCyQ+nHeUpF6nmyDn+fW/SxQiNOl+/N6kgUTlQlsYPuu5U92qjQrqri8XW4
VDrL4HuPbavgQ+5tjVBNm3J5uCi3WyiWccWoap7vpwthGda5H9S7HtgRmubnR/xcM0ipZwxg9s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ldwWW8CTyeHNm7aIkbB5zROxOFtdOJ2eP4Dh+s6vELItaDFj/IoYjvr/jv24DlD5H9gXXkGzpxExU
hNzjdqx9923iuMii6rPMSkH26LvqXIpgj9hjL0RR5ENX8ht224LgY8EDnHG9Hx0B6x4eoFIlwxh9
Fo1HjfcMMdPryInkHoxeVaU0+uw09DS2rycGJoNKEeefpogFxaMptMNKh4P4KoXtC8JPwLK5orpO
Bad94Ya59BYVsf1L8qIoj2ZDPp3Zn3eoSu+P9+CpfIsxyysk6ZiNzqOvEp42wRr4QzBX0Yaj/G7n
ZCOb0LcrvR4zEZfrr2DqrGInj+bZTFc70sEp1LwsVjqVOSvXUcDIINsLqJzmk4rotEjDHk03qXcB
uegEwZopYRk1Zji/17yU7YU4O9ca3zpxRnAsYTo3OqnZgm2BXhAdz/QJccIwqrA3iXTdutz6CUmB
xJodhPg5p9Xy8Wjmf6uZa6omZUZbKva+WpZHBdZEBETtbfvGRBndq/anH/oj11TKq7Fleyyy1BfD
Cu557qA46CEwsVT0Nk6c5mrLMsQCqPUoI9wDf1SuzV82DXrxbNhPzegD834d+caM9USqjLNUghER
cPbw/36bAa/GOrqR0/lQRxuo3TlTateMyjxmgzr4iJ9zVKyD7VsaApiOvwU8u9LK/l8BVC/kbU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LXwmgTh/1BPpMwGDNc7AYVXJYcey+OQZunOc3GEd56FvBHoXanyCOX0xhd+rQVKJBTlnSQkNvXcP0
ykwswr/ck7ylxeVF5SNW3n4gATLKG6s1Pl8TyN6/DzdLEOIyWOYFdybp2wlmxszQAYCs04RocLi2
Oqqxt3lSoPKhzD15aELHTh9oxsS/c7vhwVhb+6Uf+3OwQ0xqhytBne4bU6Se5gJsQ4n2LWUvFDgh
Nn+2sorz9ssuk9bLrlTfk2ATecRmMtk9QHMuIpA499/SoJn9191j5Ylpc30o+ZUYLzBf2+aCFwal
E7VEmhHhYFj3FyYHProPS6FKjJzqHMj643uhtQKlXnuFrWZVjn1eUKGhcpOYc/9uYK8xLWUwNDIi
N0m6GbFzeS9zYNuj3FZGmhQQmcf2Yoji+7mJ/qlVnMcrbxptkY2WVIw0qDSiqWGLFLRCfmboUSEF
ET0+TG2X5R7tPtlTMxRRxDWKVjVPvq1ReyVN7hE5zUvekRQmHqaJ2NcAMctmPAbbB0lTFBO8uISt
ytw71j6n1xObzEHmWDVyivYgcF7R9l3qhoid++2VCFB/GGXh24xNZ/jvrc+5q7BfyhJVxVIdLLfg
2ZOEQeK+lQLsExoczPitxdf22J0Kzh1wpT6QceAoB/JgtTdtBSdxrkvQX8PA7exX/xrGkjnHsU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TJmRjKy8lAaXqSNuiJvLOp9FGyTZdFtJTt/EOa3ond9ZhOzoK/nZy0we6V93iteOPu9AzIsaFPQCX
PpK8hZgx6Tkj6yh1AGmvhazzkhnp+W6t3UOEUu8ayazQBMe1gP4JZwVRcmS1SpMSyo8IgWPE4Gb3
Fp+5zkcgJ9GZ+amKajz4Nzm4iu6kZ4mlLeEYSk80hvTjZaf6T7OuyVlTmnVjjclCnFZ4Jh8RWgaq
3BgqqfxZ9KOTukyUDn0+jS5JzD74HLzLSWZkJmnQNJ7wwD4GpdJ+7Z65iZ6R/ltRXj5cIvusWNle
wwt6QmEszVzpE7EIMR6b4L8DIyklR99nSF04rK+cqN+Cnxj7PefRsnhIzpiea92OgfW3lgyOqo/0
anuVJyk2Db840m7eTJfw0wAeHj3d5aPKYJoJZ6WcY99t3euWZQtvcbGDtUSwetCqBghzPYuf72go
SfsdQA/kKn1rDxagGjJBQg/7eYbS9vubSjVCR27KOVwLt6gZu4LAyrWXxlHpYsHYjd1mI252nqpk
WhgGZrpKbpcxpuy80JDy62oSv7+Plau4KHwO/KjP2/7xHCZH/gGZ2ufLRgkt3Kbz8/JHNYsRGdO8
Jo1KBKPwlSDOfgYsJ8aOq9r3Znksn+Mt5LNx9biR6s6b2zbXXCN9C8agUr7bLgdLgJviBQEZec=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Recovery\19050942-cd11-11ea-8b14-46f8a7600ebe\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ks8a00M9F0ERF5AhTTQld2YLNSNAplkgU2qkC4G5Gl6b44cW9i6SeZTGB67vrBBzEIb+pa3aBObCJ
WzuVTwaiqgxuKcl48ePU1Yv2V/Skv3J55v6DdyOYOnzDmoFQvo7SOvD7CeBEgJr1CnBW8ynIaC07
0DW+d/HYkgQMkwA3Q3Fzs5CDXZ4m5bGVLZS7M0g4DbhImSwUKJUh6zbl3KtAPfw4LaElVetPK6PP
+O8pz2DeaOimlTQr3gL4nbz0hXM+VEH57gZTRLamFwk33yj/6d6Kcec8LfxWVyWnw/mjAKxbtTt+
fCUFHcu4RgX1YR5Dmi+Ev5SwLu3r4aBqMMhkrEL1usL9JZQjW8Az7hNPbof69AAmOnqs4PR748zG
hlbH0kPnkj6Rh8XF8oMqFcCuiWOwa8yJ4VLypbLUMuUi0h1qpVqEVRGC/Xloe2QPC9FRjsDO2KJF
X/pCrb1W6UNSfrlKG9a7pU/uPC0tPwGTp9k8rykEEBMaDUd4hAr5+XfkbWU0eAan+QlTAcKtNf4h
cyl28eMIN/0+MC73+GvzDONG1fZVmn7PA1NFGKccUJTAuUhtFrWN3Zx0Irh5zZLymP6j9VmTYv3S
BakNc3MoQledhf4Z59Zmx/BBLHEhV75dqQ4gqS7tleYYYQeNvrKsdfF3JyyFTWuC8zdlALsh5Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Recovery\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lMplJvUypaG5mx4oFeEr7feQz+GHLcWXGLe3at5gdHOM7dlKNi0EFOWM30O8FB4Pukp/bE+n0wijp
yTj7JbPlCCCWeewxNXrOdspw9LfioQgt8EUrhBP8Sba+hyjs5cIgEVfU0FZnjBPzZVytNEd7lWIP
EwwVFh/+u0PMuKsendq0v+uqGcm7X4j/2r/2+XlzSvVRPYEFGo2gMpEz1HVK0pHKZsuVtbKcGiR7
oHJdhc5f1hxkRbd4+Q3JQobGJlXT0f2dbVUVD/d4rXMlZ0PZ5F3e0ll8cD0wlMgaJY7kbMlMHi22
GKNutWrF3teGdzK/dGqPITZhMBXmRLl0ekA/y6Y+Ip4dR00iIkUeOYoOf0gfAlMAPZK+iZdO+bLd
NppJJWft11eqSBzLeX7+3V8DWoWe7dfbM7nL4rWNrOO2j90LB6+E9xN2nTy9Pgsqr0gWCcWXCo4J
oENchBjOoLmYHDRlETCESBlV6CB0N+7xhIbZqmeAIiHFi7AWptsJ1qAgw8L8Y2iOiAoG7Fg9SNLM
ZMpDW9QukbaiMC7mjJspiNS3AszBIuWTcrOOSbeEOFXhWtL8BLiU4YjUvKF/XeY72QnuvXUQ+3U9
dBPeXhF2KDzbcQc/HgtBosn0kCgIIBklbs4P2LPf7TXJ1t64fsDNKZFnvT9gd9p7U66DmKNxe8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lb/u+mkIoGu9iqxCmwwRWApwu9UVtFMZcY9XnygHlfyAkhwjNMs8jyRjwEPVxbGxtRk8FrjNagAhq
4ZEbEBJmCMK65eWqqqifOl6Ybx8LEguAbemN/TvRs3+rSc95nwbrCOG4CVFbDAfCDzWNCYpk6o6X
o0evpsT8OZh2wvYgiiSVBHKGIUI5Ozri3o7ZQEp99yriRvX8qm6PRwbmCySxVsZRSTz5HkKeIsJw
HiJp0XcUHCfNcbt8TG3vYHt+GYuLKch2YBEC4jusGQTMUWlPVpJgDC2izRQIWxdXtMjeejn76Dw7
Fw2jlPlyej1Q80H/1UV/fboODIM77kd28qhDXxTZWs0oi7nZ3OSOIo1GWplMQ2Gx7TBUvEiiZVVB
MD9b5hiw9BzyXKhCWQ4yYi2yhcUBtOjpKZvR2h7LU06BvuI1CrJa8mNJQq7kFD2oxKWu1Rcjczh0
ji2OUTtUeMeN90BaiPNqZgePe+Zm+0RkjQ5FnjkMPzh/wU1fp4QwNPwB3u+Ar0rGHEzlRxZmWbUI
mdRGwKiM/dhGMYub1iMcQzdNQmuLZ/yJ6tugEaykZNwyClY9HIuzs+U1ubT9+0oOjOnN4VlQ0nWS
ZpNs8lfSzSbrCFCqTQiqcEFp+9uZIuwAZvaMRTx+43bTCEIwsU+MUg9YrEknSBnjBpNSrGlkdw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aWkE+EZw1tSmfM7877ZbmZcQFU4measJMh5HULPIW0kNLPkVtGi8hlkfENlo7pFGTG4AGXbdcX28j
RgE/dXKjEQg8wLwMwUGZL3VagZVeBEDPTFt94527lMa+YetFtHmQswGO0f0iVkRX1tfNROoAHlAr
YMp7tgNK37IoavfhaWl5KcUVWjyREOxaaXSVEbNUdqf7v3USch4jBc65iS1CV+tN0qOUdSkA5GLM
kIJxBn8iaN4I2AUQOcPjWrN9CWMyh/u3wHA/9AAC1qu/BuXigW2a63aYnlvKcqq4IkBFPi5b/ZHv
fmG62p6L/S1D7hHxzFUbzlJQFIawJeGPcEWkGBSvIhJua0VwfeqY3fsI2mMwpRumdx6QINBKXzws
yCOBHRojVx+I2cHXQOxIDS/7guuKtmshRqEkebla/Y1HlFNjn0XSzMgt2hIzn0qCLUZhi1zYq0UT
KMLj414h9myd+HgOb5h0fnpAE2KyEmXwmASD3P5dEGgj3hwgqD+D5vvKps5Cg1rHI2OX/gtPWqcJ
aufgwTBRoE/LmET90i6xJRwpKy1tKwAa42Ki359V2g49APSjz4f648tJbuY+SqRr7m61MGvZh+Gs
uHup8HKg7k9l7kWDsmBE4koV86ZiDp7Aalz/IkZyLkcwhP98PYeAQOnirshQ0wY37yg4ljrHhA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KnNXlxZ65vJzbcn7DxIwDV6AVFU7fURXK0xYMaF3wXuhYl1hQWSgiGW4gyCn71Ytwd4s51VjqR1Fp
2PRY3cAVgyZ4NPtcOTThAynm6rwGHRaCyJeiVUOduqPXu9IDApShrB09wkxEwPDyOJDNVY44JBDe
6DudV05g2AG6xMI1+5h4zZWdWBwO3i74lG9vOa+UxK8NkL2x3v3Z9WJ2k68UKR2xwjVl3zFGdoXe
7t0NvgEpU/SGHi2MyS9EkcUEgLn10FBLsGMHJjaKoa2wrCt6aLvkkw/dwGSna8RPat+csfLlRF8J
nc0iQymU6kQv3xi5w178gvYYiJDIcmotmmINatuXWNrY9sklY1jgQ3DhogewY5/+DVGZKSqYidIB
8OHBDeHn2v3dr37bm+EEMM8ezGUtA4uF/NGSpfJIMEvhz8GcVk07j8a3yTEsh63UfomieVeDAO6a
jzrOZt9qA1DlDtAHmoifu7/Ds/QNI4azL3q0BBm5KqPuTnFmJbgAt3G3JvXgKmGohvr6RVUSoTI6
pR+sarbbjfjQ3ot7tHJeafDDIS6yhPUTtbX7leRcH7D4BED4qYC0hogPU2uhiRoLLGb/MOwibSf9
BbxaZMvPmJeSxdomEfzlmX5mezN3QfgH3SCq3AHARJa25lYSUlozuAP4x5myIoEL9K6LAo91m0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EbYK11keTveHjCItC5uBRmB1bZsp7DV66uNyWY2rrcfgBCQmHsTBqo94ipqLrJzSxq0IziYQNGXqO
BUDGJfz5SYz5jx/dzYSZD/kZhpHa5oSWKG1hJsTPXzjIfVmGK/XvqnxWI6dcf2nmQWltKkajE4Rt
z5ihdd/bRMEs5UvdWjLvJStiytmccsShDm1VduvpDzdUQd8grEMHbhVg7q5BUWlLVWVUEiqzhdal
STQDLpIy5/doEuL0u3udoXsfFej4wbJT/dy1XTFHZcPsZOSKd1CoM1DWMLYmhOVt7pBhfIw1pB4g
erFnPtO18D1afJndtRunVtAgj7JtuNOPTwWLFIjZqJSqTZ83FkgENQOVo59yej4DuQ10jQRtCCxT
H2IWIrkiPIWc/n8nCv0EQVYAZp5vaGokHL5IKSYzSbTonb8/WDnQirglhi/vm8M//v43VPgS+6L9
c5x3KHp+BNglIEcTDQqyyoYEhpm95EZQgQrhXScHng6wSHd8kB8yHwL1V8IYoI7gcjio/vnoIOYX
n65BvrFlk7TMW36bYWwQl4YwTagQsABjbErE17hAPIlXNbAat14b5va6bMRK93YaCrd+z0ME+sjy
DWWkUsBBHrvbbn2GIMXtyq0MG+H0YqthlgEc8TciR8LMiv9y8gj12n7miTjYXSdF+k1uMXKP+o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RDKKdsisHeqf1pXGeylLPc9uSgYk2aDksSpUCP0H/u0XQMKTBjASLinHo7UbwL9kx3OV1ill9xjNY
5zugJdgp5Y4PEV3hnyFKkDbEEDbJ1UTIGitdOxx16vVOfeIcrODDbgWPNsKJ8r+ELtKrh72uQ6WD
ZJ8GoM+KS+sLV3pvSBnel02rdkjQY9JxpLnBYPeD5CmYzRNgo/nKuQKrZjoBq0WnrnBMklsfdRrV
ocpUABtAp9htc6knpL8uvGjn5L5IJnL+CgjwWLFoY7su4Yym8mvIsog6U0kkgHv4939jLdonfTRn
hztNuLoeQqgdKvcs+vUDwawhcjulfIF0flN3tKu8LVy1oc8E+3cqp66QajPH8CjHA9kp8FQycu6A
X+NG0AXZtipUpP33NcjWd87594Xr39kVK/a3gggTxZzqbby95W0ISaXjuYQR6fKPX5BZ+O9bVyRV
QIb3Ln+rcd7KM0EzZP88er9NHVmM8suxAv2HCgirC08OU522ThAgtZq52bu6e5XmWxV/WVwUt6Nw
JVLHoDiRWSWDNgoenuuZ1yGcCgddUvcLH+xg4ncHktat1tQTk/exqM45ro0irsQHb5LmvvArL2JW
6BCHdkrHRr5oRwQl0P7/+F8Qs5pN1tVmM9BgRk5fEgtVucqpihutsDbotfBTwWuTKCfXWth+rQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
H2FTf7d0kV27SfFiKhTZoevTod4NLH2Y7pBTs8pE6Oj8vbVOV5rKb2vKFsOCq9YRKbTntfSGXhCWG
dNzTUzfg4hpHADDF2fwTFNXjDBR+HAFM+8t3nj1BbcHmdebhTO8a21HT1bHJosLkJhn/kCFO8EVN
Q9qT+uuQ9KGy/WT9Bd04SAX2iPOgJGO/TZ/RMEjxC7OCYEABLO0lnGng9EZ3i42LUxf3K5U9fhgV
l4CO5PyRa+gxgkiGIwIFMIri+y9UEOvIHQnQT65M/7eRi8cOgM01ST/KWUr910/GTD9azE5xJ8zc
Ngos58GffXIVFjcMNjkVF743iOCzLRVMQfGtreGGaKZkGLnmCTHD9svju7ohzcY0pVC7xMG0o14b
EbqZb5u8z6aUrQaiSH9rtntnSetkbwqUxatWL725A1J6RkITOZX8HDH1MMfDzelMVx+yY1mGlqQw
sod9UD4y9UsWcxFkcYb56v93OhLpeE+zpNqAtuj1Q0cZ4LsXQVKcl6X4dJMei+WT5dQYqj3nDqP0
44xuCJx9neaqoNekNxxa65x2+HD76wegSKg+evJ+wm967Et0oNCVSLb+byqTEtNmYSiVJn731461
QZdfWg6EYZfyeisgmcBmbO68QWUV2anIif86BUWhBo53NaZPZPhBFKZ3fK5AuRkC5VgamAlEq8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CIb5gXcZ3SLE5G6YE1/tJKKWvQxSWCaIywCN31xUyY1DwExuGas+d+Pn1RnKRLM8AkbPXI7Nr8Fl7
zor1enNFkt6bkPuXAcOJUecstcMSeVuXlxf8ZXKpEEVLbcZDuKruedZT1rQywEyhy0/eiM9WGMLd
k6wJHFHaLMjG4uwV5Q6bzPYUCQm/L7RhEoa1ZVKphov07sGGc7YNjB1BwKrzUXFkxmMRZHGqeX7N
kAhXezyxFdWJn5I+F96YdzrWt7nVXdlazYuxDWA9bpk5EJk8r5r+7+iG1kQm5sW2sL7VMSatDwh2
vL6LIvfUjPzELLzLicSOyopfyaxo/4JOaRmAjQ8ocbsHeSWKiwTbiZyfeJ6hjil263zVqj7CpRKw
8CrnqRsrSn9Bl5DeoYO6v8KSR5GtO3DxBVF0WoB4LoBkPOOsx4uAViARF7fjfCTYZGUl8nZkIEyF
/J7l3nXlZ9xcapQsXNx8HPLzs2VbawXbNWzWaEWcxtqi5HSKEgPwjS1xSbwB5D3ac2lW0gioGkA0
eHJhyLOFI8I9+GG6XrAhPcnoOW7Ha8RRdbS2LYjhVAlE+DBNEhWOFy/5ZQHTr1xiT76waozoOtpt
WjYp90EL5ueO+ijyEoio/N687QZp/Jt3jz/Ga4It9+VVcf4p4/UL8toa16y1fBx5iL05cJE9rk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
E0W6Io7p4vUkb1lEb3v9puqEjDKW3BNLCljkJcR/OOeCRTe4lhOMhuZOYsK4iz5te9EWD0Mvu5wqN
9YohmwBellX5S3i8dZ0grD1iNSuHXrojqSMjWK84OdO52E+GsRuwVkpzPmTu6loHEuBG8uPsvb0v
gSybVXW8uD/4jMpEG1HZuJIEUxybnmLLN0AZNvmgWUubZxPcaypzFexxEhBzuTbQSMYHba9m0D2y
zssJ7t1xXR9NF0rp00vfMb+ApDV154E0M6p+HbNPHnskALEkyQIL3FHEgpJjF2SxfAMbNrOCGSR0
CesPxhsLHP4eLbrYVvSGQAgesYjv8GUoqlndeeVpi3mLqSt+Tojp1fOzoPAL1DWd0gE5xi0TIpo8
gFd76KeeBzCRXkgCSS95jdmWkurmL9o+H/7FZ0NyFGACiHB2WXkT14gyJzJ6rblES4OMPTapUsoz
Cm44Sn4FfccEnv3LYuyjKmzRjVozVwIZs3xXFe5f6CcdpasusKCt7x0mMOII54rgdkBv5HuMapLp
R1hlAQsOjZ96bqB2trkR5vLF+EvCvk2nZ2zhA+EVcm56bVRadq8fPY5n9prpMHBPYUw61TZRNji9
EAJXOTFlxyi1Olpt3CVXiV5dX8DEf/iiUUYs+i3eNXVGhevzbgrr05LN9TyvtVyg3LyYmH/wqk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\1033\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WYEJjbzlNLt7+gvpAWbpYmPG2rpWGFh03cVON8ochLXbBmnrnJ/eOgcdXh2+JJeq+lQsIgkrB03Du
0IQ0Rk9KO3unHG96mPM4djNMX8xFcXP2SQBggoHBe5NQ8TgIa7ppz9WvlrMsunM+y2L2gzFUyQ7B
OlslC/Tgbw8xPaEqrFJzlox8xAR1UEpTZl7NTpu/d2mRRHUCvCGgnQa17W5SKakm5MMyJ3KgcssZ
TafU8zLpJ+ubZppl4Q6uaxfUn9RYLt5WcgphMB6m/gHXBr+BGWc/p6n5QTSrkABAZjRCSp1QwNhx
eGjbMfdcfLqu29SOxxmPQ101Cz2HQKEx3T8L9YHZHlrTKCzWwKSz5ZDAMiDH1vXWXegbFVaVHtMq
B3GqPiN+EqLWXRD3HU+XcdoKl6Mb/PtDGpXX8YmB3ucEqcHBtk7LY+RMm8VWAHQyhVSO9cOXNQjm
9j7V4NfUzYnVmEHPqQp88OiOx2WMQskUKKGtcR4y9NDYkPrkB2z1g4bEoC+XKlvv+OJrZ0+wGx4d
F+IOdfo4nifeyOinnaQUxSY0GSx/ABRrRMVRDCcIsveRm8g1+hoWbflw8gpVneVx3JdC272Y5J45
mV4WUzkeaYwojZk3vK0PeuNxymrRoN35rqZQ9cpNGrK33IVBkfrSDf0Hr+okfd8jRnJ/Z7k+gw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
h16BIt+jH0ELcVJPeO/Isig5dN1rcs70F/a9gdZHo88qEnAC9zCG6quYLgi/aeZhERp3D9OM/yc+d
9Uo+5dW2DMUaQ6SnL/JS2kS63y2T/P10oQ9eM4uOzlmyqJGVRJLwP5IDY0/5cRsloPU0heISqnOr
NDEJO7bvYGCXwO3S7D2vZcps57Cs3OkBF2QNDYhU6wc9vY/yguoVaP0oCxL/8jFoOL4gtlFT/Rx2
D3sGKxh+KolFxKhJlcLS4PrKunntHqcR9EpULUDhzGm8i+shyevNHOdlh7CPDoabjGtQq3HdqLiU
YZwQ/x5H3SnRI1z7wvQvnN64vkTGSrOnh3lTY0/zbVbHOmyKZBuwflnoF5VsMXdQD8QJit8RKEkr
0r3iNgGORZ1mSMc1mDehcb8lRu0NdDw4wJ8Be0xD1vGqXfwN8+Bb7XOd9uiCsnuJ+r5bmDDJGeD2
zS/Hq/bZNJsL+eAVm4dyhtDkTotg2fkNzOa6GSPUKIB1gx9PkjCxI+uWQeWTGPXBW5KhPB0crrMH
cngSs+cs2xwpGxcMiZvtL9hxPLUa+RDQy1s0M3lQmEkHVQRgQUcxAj/FzkwI6Mpylpd8paolJSoJ
jRKLYKhNYphrlEnKOPyYP1R4v6Twb1xru7q168EhWud0VR6LC0LbuxyH1yED9xs1l1deRoAFDs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dfUCND7zXXCb2pNDUDS1YwCvsfnlF4CEwr9+ycRPHWEOfZ9j3la7L4a8TUHACk3z2PlpnE7wTcdm1
G34Zob9Tgm2l+r/kGIDRQNODYQSbhtQp5OHtysKO6wn25rL+8i6sC0T4QqSO4wcsVu5LFLVaE7th
MNY85pGo5sK1DNZKRd7TluGppzKZZB/GzJE7ouF6vQGMmtHZfD9x0uOz/ENhO+p9A6ltH3aLAKiR
NoM1m95DODVsl14z4xXjuuMIoI+e0q0vAx3JnpyjuUMTaSLddvIpBJt77Uu9wQS7Ev2qBc6FsXR9
//53Ns+3VHmVVKio0P1WFdzGQAoaEhzCdPytGvIa5s11Np1fROT9BGTtPQX6QdMldTyc3hjVp0xV
45NN+8O8QzV0bTzIGtBrkS/l1Tut9Rb+SaVD0FbY9edv9FR282JhbdLSdViDkng8vbY4EMRxFtjn
LQJw/F2E+JWaxndO4Ugn0DBwM+hdvjsCHAn21cwdqhaYXdNsr82CUzYAOyVbBqf+haTw9ef+aVRN
Pd9+B+Rtfc6AJQQMhLT9N8N5Wj8nLLTn/4B1SjzTCJX1J5bSFm8m3x8Paj+wRJXo0JKWWzdhUG00
HS4yMeP3JlDqH6gk+diTw5ijU4NOPBmdhhnbnhPW7N2G6jP7UVAdNbXKqxzuEp1AbixiJKyqZc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
P1/5XNXMAGg95jrEOjKLxm2RYfsrQY3dlEkKQcNgGZN1XNrBA+aAYpl0JxqMuCeziHElMEGyF8Aa0
u7OgTF5t3QnCa8GAvSnuB8Ol5B/VPPAbNrrGrxIrkLiwXdTq5p1u00TD4vdhW1pwu7FjG0QzIUM6
36ODlacnTh/iVpWzpeGhELLMT9pw4DKTWEBswiQbgrZEeyuz/bpoUtZ8XerMMNmmVtRtrBUHtLwl
9dWuTHpNa4nSXYlm/jqNEDz6FibFFy8sW+J/tDUeylz2gY4mtcYUhXR+DVST4iw1Q1esrzjgZMyf
e2y83xtDPibbuR/+n6OJgLy3941hTbSA+slUA7iOi3roUKT8JhtqaU3yEk2hJ+hAoQZ151HgyICz
D6zOxB4X+N7sdQ0a+74ouUvUqx4LZump+a835Np4MRoGSo/A48Gvp0pudgi1nyXDHJYxgc2xhxIf
cEHWzL0FIaWCeWRBpZHoZramhaxWtFkjcNBLH/HDgIoWes7nput83nsM0gcxU1we8QELbJ64soTo
yw+W3rO5Dh/0l9h1Ee676T1g23a6hcMIedwWRuBlV+Lyfn2ucPKaEAeUV5ihKEkBr/GdT5EYRTQn
hlig/1n7OyepoLonR/nc23DXOSEaLuCvmZeiyhkSA3ftOm12K62wRIEt7dxmP1tIlLSdlEtLaY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ifk4RLlExPgpUi8tNjVQrE49YjtmMUsakBWYl0mHsAZn0lO91KlKbUCr12Xp+vawRxXAqQYEdH7MA
R0qM9yT9hVB8BxWGvQKAxIjHpjFrs1roy6lPpiVfW+WTnqgAs7FScHfdNpy9/eHoug0VJuacd+R6
pJa5Vnw7KovxouSzsTrfKTzbQaBcgKTdMtbOJqXlsM0KMff9tl9PAycA0goWDUAme6nL05G6WXq2
xSRgqpnFb8+u+yYGFlGfdHLjoTZMwdzg7KuuwzSAISPOsdgnWuy5WnLq06qhLsJDzc6jrTIZ2in1
wzG/o8bfcZa8E6IX+gw0qMmNYEzez1NL9Ee5ZBoH9I+nYqKTEmv793s4RK+bclYPijf22e3e5OwJ
koONAMytCp95m3DYalkLMipZAU047AfMBWsEBN1HhSYeEZeRH+UUtUQYfxK7lSf3DNSCvxeD2q4f
Ul5DW8fbowoqiop87EkWZ1Rg7d1CAP6V1nBfBTE7lk9Kf+IYrK0Wy917xfz/+ywzCSu+GSZVoawM
VFJFDQDExtW7KtIz36mWhwQF7Ykci03z9IpzHte/E88qsi1HoJLv6CKRgTqGwSDMe9ExNRiuQZ0S
5nNjoEbDoAtNoPDH6BXZh3IOX+fCUHmTEgGD12MJHZcw34EQfLprgdo0PYBGIZyyPfwACU3MMI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dwspvuG5vzhnz4HYURJvmCe1T2KNqmsbqYPNo5zeh85mMQdDSZRM0o09iI+p8FMhJbJWpQ5LDjaGk
9m9xZv+RI0vraXoO96Kx1TwriIYKUtGrur0vrBYAPQT4DXEGokCcerkqaZbubG0Fci0C9Ge2KjQd
Mew00MK/8x13oCJa1hdBRhq2dZooYNs259C/xLJCPyjqiXNKGQuAfxwo71awJivVrt6z//e82y6i
41jafEapNkZqKtSuXuWlLQ+SUMi8ZBfBZqJ42RG3cDaWS5g5mnb+AJTzAkWciU/Mb88qZqyaI7LW
1fgTuRhxrMRru7i2PtYdijaYbtboxiXL0N7k9P9p6qkGZLBMC4p9VPh6po7VtJoQb9uTqNQAsp3L
vNLkP/Ep8Vi6xuJntkFVGuksmBNWsjUnqMvSjS0/DsmeYrOhDhYvw8h9itRKJHd4hGQLTNwDxGXJ
jn4gZsnlcdo5bvPQJiF4rfeTrvg3Z+8qjQiCmAk9G4/NkPemnRMSMvUBjvhipz8SMLU0yWny2SYf
hNweUtMqScv415zskYsnsYhYh4kQ/kPGFCWIe7QDe+4loFeMsGE5B3R8R7FILhfgmKOmCR4d9eYq
rc/9WDqx92+ypMj/QpL7vvUKUON3InBmATT2wjUMVwpvA07wM40ptYSl8U6fElweGfRfTmSmnA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Microsoft\Windows\GameExplorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fJeEUpj1L1gR0KYFI8S+BkgyhNRQ/WoVnhQ+kIurKsA8TB1FUalZoYWni7TiuLHhtRLZBs/6zM06K
8bttSR+dXdK3E2Q8GNARYu2TWXfvN+a3WIqI9YcT/v9PX+mP/V2AHWBK+jcMBTAcVIebUH1ujMM8
VZTuzmV2FSf30t8vMBPLVaQE8qnftXCOIkDb0e53YbhGcEL87HU7emygcix2bqpwKKGEFJbbgwMN
/nZwesiXqWPincgXYHF/RVe4GITb2EytmCY/2GTRQQ+jl8+f3xnhruQ0+20bqjhB3cSGg2mpFjlR
j88wU20KKhQKt/sx803ETsUPO+hTPA40tCCYuZ4UlDk7w0xr9nml7Y+QZAM4RvFa5d1PkE48CH/Q
fgxbqAi3gaG5nN39QH+AUH9MfYlHwqj+MWNDbEB+XjbsQGnEuZwK4TLx4aPHJ/nwxDd7Ztv3CTsk
IhOvWnDseT+Vd9+Oph1U2vf1JaDNx9T5IQGJBFnKVsoLSMUlOCAFLP0D6qOWIF2o884orzr3lhgK
gsn9QmSFr2RimM4uNhxgZcUSceYZZSZsrE+nzgHcsar/C9IZi5ZLm/NCI8J/LZV5RKgSC9D7a6E2
UWcHX8jHkXB/1ZtKdun0QV8Tlhdv8zkSvwDmdHoaJ2KH4S4pT2gN04IQS1WpGOMyrpKCFEVjpw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Microsoft\Windows\History\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hIs5RGM3zilVy/fGLOStKnALLgvzjvxczGMskVWcAlTr8sfo2yCc4iu9aAypmi75TkwZGOpfUCrnO
+nirQ9Jeld8zMpuvwADzjelqQt37epFiDI32+EyZEOIsmFJ8d+1l55NGFXGry9AmzMeSPK79DRH/
5ziWGbF0fmCun65lRs2cQmJVyx0c2+a66ivN6O0m3Aq1a8lyJJKAb9hweT74qmABnK19e4zlv1fD
fbEfUOGef2yraoocgYskfsnL3v2Li6rPoFkcNLDFAwuUteVhMs7xYWe1P88ASFTunku142lzZ1xi
x0VXIrj5YEl/FhEeOcIvgHUNPKrA+mdiL24N7j2AWRx7QLlLbaDPGVZSD0/+7n8+eOARGlPnkJ6g
bixQtXvTMLVsbXvjH7mJNdZLIY0PHhM2UzNxtBSyUKpZQMTwRYSzxf0sFMQt+zwfpaxNFyZuSHS+
9DNMMh7SVyJJ8wFOE9UzSpTi7su2fhgxS1IIsToMdlipoh41ucfEBYrBcVrv95mKIvCgnzxUKoQD
yR/CWA7n9sBDGBkNFxIdgG3Sf68Hjp7C8JeJslpCq0lDwn+k4ccOzuseo1zWe5PTkvh5ajDGA+OY
/UJDlznhMBE//FwBWgS3e+PbzjV9bdW/bBfY+MMWkaJRsuIi/nlOaS8Qrc13GRwnzPeKeR5DA0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ROW/C8aEFXcHPulOz+Nt8RQf51Hx5VFotgPZFle9vLBzUiGwohLwCT+t4i8eEUYFFFMex/5oh1Khm
TiBcUEYP38EGBvpOzOskhdHLrTdmec9uM1mRYsB75U8EoHGLLkVuLTxk8bHow0MZ1BdSPwhwJfes
cKieuwT19eechYhJPyI2P9DCB3VtGox8AylxNbAfJimKZ004zA8Wiqg0mqAa1MfiSOZ/gjfws7Eb
qE/+CkPyCK8SMiTaGU7FsJ1XpHLELX8jX3E2aPNDyNco5gQxIaBPcGgJz0s/ddfDcOXQFaaOD9VG
5s6GtsdEUTi8Skm7hAVI1a9tmFSj6n6IGG/GcIjwat8q+NJj/Wned5AiEYW3mRykULhj8bIUkOxN
0YFMznUKI0v3mFIZwl9J1MgaXO+ltqhcRX5Z4hN40X1elfEFmTHSQQ3TNmMjhyRE6XlarX18ASzV
OYPI0LIWxzCGRmzp3HcbLHceAJnWlp2XTdCO738zrOUSgbSPXEQjN+/FsoHbGsYCsCeHL7M1Bzev
1Gq2DHfDEcC/qOeuxJSvtMXTgcM9bbFbVHQGe9cLq45pOXjneQLk4LKM6jQnKFmp9Hd65KzYXlT1
uqBZV+duJmUv04JfdNuNETDixwIDh1WoMHr8SZLyq0szQE7iNb5maiNBHKs/tpX96yT9PCBAzk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Microsoft\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kECryJlBWpb1ofGWdpoWZvq+jKF0Z8Ixo6+1wCYyNdakdktRt9NsSJ0fXi2gzwP8VzBEbQuNkxHx5
ma2FXQ4gVrGEsZSVs8+wZe7StQtSavoqoEwmeXdN3fRNaAmq/GP2LmFd6ms1dSEn0BJoj+9LqW9B
VxNJvK+YPLZD8F3TcI17lbejMyV+B8VauJipo51RGlQbuSFGpVtQUNYIKv5dh3tMe0PTklQrlx2w
YRZrFUrT28Tdc52fUz2uNNA7amy0D2KQdjXHrOcwr1XNe9DnS0g+LASWzBiB5GfdcDBGWp+gz4Ua
5USMN8TjoqGwi36qQLWROT/JhAt74J6VMef8TrO+rs/jzZeR9+9lhA/I2uuuB6AyFIYr0xZXmgI/
q3FRsN7KgcqK+zB5ZdBDRGDzHYPtRLfb3Hazk7SYpKke/c2pvQ4LwYLaAq8d9sqOi2NWbJD4pbWC
dWKRHCTsA9o/L1oEYxZsaHg4ZYrBEf4k2Jb++548nFTiQrRMLTg/xwsTC1oL51mdvxSklV2X6Y+6
6HCUcfUS1QgpJZChXEGnRwibJ2iG7pjvInGy1Kr8otZmuBNJvUN5oHUp+PRkpyeu/LU11aRv3coG
eOrItfd+uE7OlpunEE8xfXKHqxKjEEIv38mHKLnF0wKk0JGbHtMi9BoCq4Ab18EBRBuJtWrMEc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
adjBLXyrX5r+bidJBMv/PUiObZWufvYtjB+Tywfh44dX+veEDZ5AqBdlaE2z1+Aao92+YywXLPsAP
LxVaiQPkHqRA1DTu8ha/Zs80gxvH7Ic0jw22S36hSHowwjlK9Quha8qdh8XXvQYbPqJ4Dw/UD3yy
r8R0xV7pKcb+rzirwc1emt3P4XAYgg5FZDrtitkFyDkW84fo1Vad4kzwPbDPU6SifbQFsdYjKAh1
u5ZuX1QkZY7wwauvhf0WlfVUp3f4QLt+4jY79g4ZkKg9MU8WVhPIM+phswmV84YQjrRZ/DaPVhZA
p4mzZ9Hts9snx1ZhROuAlD45MmlJLQ0TN80jxISBmn/gtMGBJwRelCTSJndnHxwRbIvMQ37am9iA
/pz0mRhsL9tT/7cF+CKc4S3HZeH3mxMibNeujj0KPR+qf6Ahy/qTUuvC22uZR8OW/7Bd3QvUqfqI
9db5+ZJuGeOVkEyFhdGcbn6TPKPbRBscGDIdVFOpdcJEq6RodvLHh3NCZXjjEuv2i/l6Za6amL6x
i7Le+dF33cJXHvSlGA2sHap9AJYYl9aolA5GcsDZecHCPFX9RNm7w4xdR77LhYXbEdAjIEioGzcB
A2b9gFKSmzWxrL8at/PqnjNiZ3VqJ4r+raykhiE76EVLV+NUoUXC2brxQd4HMHXJhw2xda7U5Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\Temp\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XDBTHwZVb/qsWdBYFI5Jb8aYSjG6Rd+06rXcU3a0ZkmYE7ZLilizVMZ6hg2W2xUih5vIex21Iqh/J
wRA5/6vfbHrgsfUK3N3oQst8G/PYNvkSEVRR8baFPW24x0v9dHb1KscJRhHTT/TbeE9pxT5YXvFx
IpT0hqGLsduxU/W3vv+qrBiSLRYrMRANPKDgRguBXRzIl/DgycBDS/DagnV0WT8oTG/QOXzoTUml
o/RQXS4R5//DkGS7pN6wr2C772bO/4Ru50Z4GL8ieEV7kMhy6ft9yNT0MruvLUTEDLOfH5NaXYr6
LWC3f04amLbWgoTLhVVhlyaKZRuDNtO/SRETo2PjdRH0XBlbeSHHZaYfpdI0j/DFI0P8WgJbQXiI
EJGbLI07p9Fxt2jHkvpSRo5y1tUJGVaAXLpRuDdHvW9amK6E/AAWnyM62o6lXFZPUg9eA+1Qwdel
4qXy7Qg7gkUgGZmJve7QkbuVFtUaO1XTgCwr95DWDSaOlBPQbOEa2MYGIUyFZrpCl08bVAVXS+cT
UUTnjtIIsP1jMvRThqhDUyfKvzrvRhRT34TTJUOM75IKmDUiNYqi/wnVfywRwhR/3d9ZmPR8ydDL
UozDfbY3xsA/zQ1A9lfeu1AL9BKzsCdngcaxbug/b8y9eDSouR4CjbVAdh8BZMN/qLV4IEzUAc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Local\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DYE2+mN30dTj3msnur1CHMQElTelI8QL0GjMSN+licjHwA/Ie6/BU6l3oxrySqj6arumdsCoJpyf6
KRZiL27fu3kq7dlPMddSnwLNQ8cR9VdBeiV5xhrnaSfkH5SiHyJf+F+ovwDunZ5tbAi42ytLEkXt
hBZcQce5fOwZRMCbcbl1FhERU21qSESZ1dpYnDpFt8bKIOPyngqMG+tjXmhAkHtS8+DV7Co7I29d
Gv8NzzvEZvE0O6VjeyZG+vlIxaPx/2rTS4lOxNjaRjcH2bRatJGJucM7p8mJhDPJIEkVg5xqXTd5
epJY3YQU5MkpbbAlRdg/SfT5r0hp7bg7XLHgA2pRzb5eVk3LfkaE7ab6Ca2vdOQMrcgGYwPgXRHB
YdRJgNpFkK21rDVFWowGnWQLQrOgv5mRsZJ/Wd5U63Cn0fHvcTkvuFLoipg1x2xkcpAcoJKkLSUf
olMJ8pbY5KLquIyFfksZuKq/oRrCXCrSxb9h7gu3GJ2RWtZR8BShEC8M2CSiCLLE/5cUAG6jDH3H
ZCAW/AEXaD4IHq/9FkUUlL92bezrnHm/h9Vd9kJQIlV1B4suH/gjdc5IRtfjTGr1mcvL3s6RVuBA
16WTf06WQKd0OVJ4REKfYI2y+im4hyB2nKO4AYO7Anp6CRH1cOVkziBwGxWteEUy3pRZIDCVcA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Media Center Programs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
d9cb6MGVmnKybhqr5wksikzjAflRjaIVErgj5dWqfPSxtgQxefNgq6I3yteLvklElnUjAywPVNpKN
XGHH+gK4ln6gR1RnRrPh0YU1Fd/JmQTGBaC16bKYHWYxnCcOCTHpkRtUS8jAytAoX5GxFBQua30O
J8/tRTScXFLhJLBOcrzep321RI+yIPYIId+x4K11EYIdSUHEPTlEz81cGGaXSgux5ujDDzLo4tfb
GwtpWPFOE+0J8c6aqtwhM7IspLEH8w+2zXcTHnSSYVSZxLhJ3JNoZDIGDfi1jHMCUkpbWVxq8qpw
8PorZCyxrdDRZrqMLHLi/az1MF2Cb5s5KtekW9/N7LuingCNBFkc4ofMPKbsdl5lBteTtwbAeKkC
ON/KNdH3q3USa2BO0ReeHy63Q7hWG8bN1D3YkTD1403QvopxWiyed1iU6n7ZwoqmW0QRfbkY95LY
g/z3uRPdFGMy7laGOqUXIKCTwz29lYtpREzqymcIk3eXUxeEAt9O2syf1CeZo/vdtxPgeaDzkOg0
cml7I3zA5Q8Q0ekFWcusrTYsW1lSKax/jJZTJny1otWAm2H5OGkEYKmC7XUijo2kk16+Tpu60pml
imZf2flVSnI1Bozack24l2GpGmEmPrb8MjqEllBAWmZrvKOc+/9o3oySWec4Xfy/N65Xbw1bDs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GLE8c66S6psTIjRv87dEV/06vg2OBCkkG6HJH/QanMBO7rQucG/OR2h0CHw5UTxY1qO1NeDQldaLY
njFfcO2/oy8Fk7Ocrwq+VLpwHxfjiXy2k4S+M+vaS6ShAF9l6ErgextY7Ga8WFHy8u1wAMy9BJuf
m7tA2Zm2oLvS2lH2uSpDsZ2ArCkSXUiIpkb98l9Uw5nfe3M/t5NqzOq4nvxjBa+T3apCHYp6SPjw
zv8iASG7+FmSzMRIZ9PF/NbAMYzIKpItLLz2jxucT3N6+ExV+C8VO6sWUUCoKO9apVUnWJ9sZWzf
pLC7u1Y1JYY1zW9WcpFSqrz/a7xGbDvH+lkz+3dPGTrs/p8WXHRlUpF+bZn/avAOBV3rh/T7q3VM
zbBc+eG80Ozdadfnq/E01TntTuTlBN7/qroafe15QxhqKiDzm3kkrK5t+8RUXz3h/HJp3aLN/q5S
Ag/kpDPpq/smZoGaJvWk/BDtNkw8qDS7ryB4noyBYhPjIGWq7+1w6dgPL3xDwmLKVtoVxh2MtioR
W9UtY5ISMEdd6SsJ1rJxE/TgHL56GN9BD5NUdFOAfFmLIJBDbxFWpnnJlqhDexlyeUmqOM4itA5+
jy8BRZtpb0x1PCzyML9v+2eIZkqIpXnBlPU3RZ0hpR0TE/ZbOal5ujLfcpsCWpk35zKaN09vIs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UGfyiLDYAJ+pzMvfVVviBKLKEK0VTsG/o9EurJu/BhVI49tbocqG8i/7kUIES67cMjWbZm1Kl8Ecn
ojtjTxT5ir5ZqwZPbpw0GISTZchWnmNEMDfxnUafjcdf8ZLUOCdFqhcUB6oeIlmM2oMQmX3sZbfE
FyrpDyriz1lY8NnWwsBwCU+j6NfwA4hXYfZcQmmGffS7KlKmvrP2fO8nL0/VrqumgYFdJc3MvWKQ
jYzFyPF45tBYhcF7e4vWXkW76vcJhpFfwHxl/BJYUekcwya1Gnej11wEueApCvrgwKBC8coVsk2c
NFd9DzhyiXxCjA/ZgIXbZOu3EePTLRRKtPxFdE3u6VpwktkribTaXRu9i1GQp01nuZcURe46aS4O
7bEpT6taYEcn9NQNyKYnhZe3LF1Zjylr06jsxfGj23px/Z5Y4bK1Eh+DP3fRVKZ1zgMFvA5PxoQg
MDrAt/soAIdBq8P52ZHOXXQ4YtjoH0LEp/9cdzJWeSveCSrxbD3PkawpLzb6LYnTl4qtX0jTjD/w
AizQtFTNHn4WmjZZyrdUl5lj2F+lHjJFXPDL1Wh34D88pLAr2vJGlV1SM6xOczERAStnIwgJvuZN
i8lH6I9L/G9qn+fLwyxfhgNOmy5czmy2Z5Mx7JXCSgD+ZNf6p7es7+ZS3gbKR7L/dT8KljdrVY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HZff1McsxeX82qnhXi+BJ+b8nEzAFyh7Bg8hGis0nElJ1fQHK3yYkFvOmkAb0P9d1iJViTzh41f9d
JtWe0XhjyIKF1p8c9tld41cgROJRmVs7Nmxq7dlOrGtqfl/jxNhks52SZAuL5oMFnjUDE7R6jQgX
NSNE4X0P7XLcPu1Qjn/9nuvCg/CpQRdjoHwgtNBBJINP3E/GRyQxw7lawPJ74o/ZJcG9QEQI+FNR
dYhN/iUMmCP3PRZCiXvyxb1vsz1dMZHDufy8eiRcjaQw//QX5oqf8m2SYqYH8pzF158micZIvxsf
lx5dq/6hVsruJmC/n0ihcydE1rJBwlzZKCi9HgtW087ONCQdFCjXKzUD4lttgYd56ZFl2/Ag3873
nbikbjiDFCzczJfnZdO1foIxGmxiQduhUAEYfVCMOl0PybHxDg9Qli36gKTflIYRthKnvaYIH0CT
b7pIz1h3ctDO28N8xTqJ79tdwcbp009b2PDQn9RpKiNsScele+jzWQZtsI4CV+tOmgHLTdRN8yM4
u0J48s5T2sy564GA2IbmrLzpH3MUjQpaIu41oCNVL0lgNLjP6xafbYGLZx6Du/5ZzZHKQvwiI1U/
/uwskSd5rx+O0OsHfQvLSiGLzIUk01516gAMGn8e8JjjCN8qzjpTPfS0ox8NnJ80PorBEDtss4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
koJVhkoDmRyYA/bJnlTxDTjIeaK21SJ0nxBDfBnZJoVS0Tdj7F8DErcic4C6z71HkoLkMvIk3UcSA
HnV8iLoe++TjEvvJT2IhDZ8JsEKqO4n4bMJXMGCXnhpncoNwxllsGtad/n/fqJBy/J/4Nzeo1IyT
1/H/fK9Wfu5/HnQZZSxB/tG6Uhm/u22fQigFAeXtvWFUJn5mtcgWxsGXU0Ignh+Yk07C3Rax2mvW
QT8kORlwfgDvYsqXCMwkOdTqV7IpbjyqwNvx5DG3Wo+2AejCMGn/fpl81x48FmqEOE4kgDSX31nw
vH1F0ltMFu/yq/MufivOqgU870pJlWe7GEhY/KK7AjIO9d9rsmk0fiZ/kPbMfukVBpdHMyFYRBxf
aNLFbFMy00Jd6RtFpmMxU/VgaRr+oo0Jg9o6RDXQuIWgSEHOaNpW3H5xx1KSc7TubcZJLpVqbjXe
JXbSZwDnKv38F32hMnrQFxdwoyjhoS00Ds2wBDSpGUYSVIoQjEK6ZWY7M4yTCl06XQVKIDrrEqzu
tkBrPJ0LioarrbguQGsEWRBbcXunrgmcMx6XGbQRdCw4Yl/OqUVc/tnX1BoqTrybe2EtCzjncUWB
jxhpypti35uvoeO/C7CCpGU3xV/YSy+ExKCYYYptOC/KEE6qIk8rLML6aadidiHNoM7prL7/fw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HUz5x4elikjNeJsSWj7HFVtVqPyHtz4sshOvSM0BsnrVlekBvkMZZvFqz92eSffPb4NzaGf0kpmy/
xNDbXcFAH+8PNc2HMsbB79P7CjeGPVgEsC0aX2Ps9bYOui/wdJ1YvZjt/9JRWo6wCQ3veODO7A7S
9BHSD0pQjodD8OyKCQFG2mVvCtNBOdVEkH+IOSxgFQXF5Ck2QPRDlPHYqR5A0hxFzbRSOmA1DJ3U
d6CJ6Db/ILilvlwFLQb+zmxtdJ+nNqERas0zhu4daZ2+JJuC/VK8CXDJ3ClcVt3apgUMlAMcIfK9
mVpsn1Gx5ZIz5jQs6ZuUrzdfHk1+pAxuPuBPjwPKqKh67rqBqFHClv4ywiql6iRGAT3GaAr1YDe1
AReTnFD4mXD38kNBWLdQkNV9pZ55Nn/Wx5eC9BxH1hIG3lb9X99HT1A25eL/Z3Xirbc9mEntuqFm
AXW+HJIQRycyP8GOYrK3WzgU0DL60/DwYyJumTDOWqFfUZ/1KGwb4BZi8sKNW25Zo5ksg+2DO9Oq
YLCTiEoabWTh/rK50E1cAFhbc3Mfu0xOCoZANIF1ghwMjzOaqDCKS+NwdufJhzXNOHN3FIP5ROd4
g3yUh564vxNCL4xvmqTt/02wQy74lZWNI9AB3LjUdkvlgdQSco8MWV8l28woOuSbis1QwCPq3w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CaMXr0CQHWT8No+pINVLnTbsqBCi472DInREUHxywkjgAukbLdm37bZDYiZAU/NRD00KtMbrK3Yw5
H+qH+sHToLHjDwJYmir5xipzwc6AP/JXPtnRMT9kZE+iwx2AuhltwkNTZ5BkRxjHuaDoFjCfcdGL
nsi9oaodmNAiWI7H3mGpbaGiJo8YZHsbtLlH297XFNSrJaV4GUegGB4qnAHXX8qTSCR0ZGce4w3K
seB23/vIMbXkUT+vA/Z7ehDp8h2V3l9lkaixT8a3JDk3nOrnjYqhcNWsBQiv4m/4kKurmPZsfEAf
qpqeV5YTTGEANKTgGgRt8RK+Yh6uPQiWWW6jwBLv5GaREbVtjkJEDbRuqxdEjlHuW33a1kcf4cLK
eZrJvwa2+CpGBpBVtmpdpWDmiJ0+PiRIFr/0nQ4w+whruybgwzqwUODE5j+/uoeWABZ5+S46vADd
b21qdlwL8LjBnDXzjOC+7y11n/5yZjn3SqT0F2i9kS3TGvim2nHIjT1s5t7K+JGokcAqzepqO7Uf
f/jhYAVlJIzeXQvppt0eI8cr3JdOCNz1s71U89Xn85uzCKPrVn0CSHXN3rDfHChrSgAIkOPI/PyB
9J9efSt3VDxSHi9LtkKq7R+mqkKQLfqGAyGmf5fhNBB8HcZ5XGLi1oeZTW66syDzVw6sL1O7Es=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mJ+NNfWpp+dwDwS3PjDNKGZ9oceni3ZRAtVJuZtOocbK+G4LkCAZvsR1p9ug/Eo+ea/AqlL3tlv4a
epjqyh//piCULJeuttBQ5g+Tcqu0U1wGGsHYHJxOmmkzbNypHU2Fa7u5HiCRC3YPpcVPc0NxBPtm
Ucf5pU248jichaVHmrVF+tqyb7RrFuROqCqAWd/0KQJqVBHrxbEjuJfKe7yCbB65qSGm2vV24jxd
5aLiSYPgTa3k1vk1nxEbPTSOMDXxbTQr7AGgdEicjxp7SGr2X0vhIylL5LbYoXDE1sQCwTiMUOTa
mo+g2Gt3i+02PzG/cRe9OmuExOADv/LAKRfdKABpqMruYcZA+6yQrUfg31d5pS6OksIiV1YS2Nmh
GyylZi600x1aVBUF4AgxXH06fqN9k9XsCV57CstC/VYbOjEp8imKnNz1NSH/GidH03YeQ0a8aWL8
7EWAStAcgGP9cZPnETYNvKSbVi9h3nFHheQ8FOyU+l5UxFwAxA1voQEUKt5NHI6E/j4+jFsyKaP5
3yw3hcIwYoGWQDB49vINlHYeN60FfHD/wY+M7pRu9hh6QvO3Ji7BSuoxD4D/xfjTIIhyM7dRVY0o
rdD6sQB2XC6flLY6mSuEPCILsgWIYnFvlIEAeTAaruQ01HsTGuFvij4rCK5SsScrsuFWUHgrrg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ewy99T+b6UemsqoP2l0oZk0zHQKp7i6wQjlMfP7kFK2DMeJskpZ9lkA/gU2nsJk3GRekuROr36y03
npquC3bzqX2jmIFS32nK8qb8o0mA8xguSLQNc2P2nQbHpHWOBtWoh/afLe2PCyBdcs0DMO50Svcl
tMsVnxxL+YNzM7kb7kXUBXN4VpMfuX3+OY41dZaaIUyB4/diehRqUiyLyVHhTDaRmAy4S/5CEH6d
GjQLrAEKr4bDTkwPRdDoDd4ECiGYvn6LL7MX1+4Z2H+M/PxqEBQtoWXPS0sOOT7OQOWqbX513Wif
rnkIqYM4LwVeBOSsqWgtw05/7egzd/dq9hUVCf/IgelxcCEVU7wgPLvbQ5beh1tRHmCLhTOevYev
EPGP3Q/kFJGahdpttmBmT6ps+IcFwawOhnQd84O3V91IXuxmdRxxSatc5VWDoSK8pAgUfQ8bFgq/
GLiU8A0/Etxn4brug2oUB+l1FCpj5W23xwWmqyUcA0EXzZy3HuLSYzicETwVO8ThhNlvOSlckKbo
mNhrdAt6zfhlYiaP2VeAu6H4a67vDhiSgDKkgdB6GHSkXlXrjpxAzfYRoNvaboQkznEnZ/1cTNF5
EiNbrPkRoetcXIe+rqKCEb/qjVYYwNLqRN2KD9Je+ZWvbX4p5WTPkuKJDTasVHhO1m1TFaUBR0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
B3mTCW/IifUVAHSRN1x0cnuf8uJ/SsFXGulPgH1aeodVeBho+drP8DdXJuFvb6MvHDIif7Y1/+FMi
bt3D4pOcC5TvH4Yu7k/fQYVNx7tKpynFkdP/mglU1VrresgQ85TpNuaI6so5zQ27p/yXOCmuDysh
NAXIj3RJYWup0PkyKaKv3E2S2zEHu8DMhX9F/n4VpbCujNEss+OGTU18mbdyCK+Cw5Tmsu2Ef9J0
PAygXfofUwrHvBt53+c56IGnhWc+cfS8t7AtuZY/v6GU8/GI30ruUAAVtVx8h9ByXVgf5yqJbrLm
qibG31ZT3pSbWpmDT7XsBjPTJ9nDHsIPPwMFBme0nYcd1d8ErJ0+eEnw209chq4sYalM+uW7ZD7a
9osQKZuJropaLr/f4c/N69SYsVPuVNsIp5pGwBxz8JTUGVwA1TB0+/NVbGr2r+rQTsS4lt72jZVh
p1ADdv2y99N040kq3UYpgn23De5OIXnZ+gsIyikgLh1HJkkzORNLx62Omuk7j5PkJqpkbQb+OM5M
AR7lVt78yHgOXVWn+3GEJJZQ838iV9ClQ+kZzDmK5K/7+h9rLsNWXvYLh2nsPsxnAiyFTB8nlVZz
AcBIL49PO/FxYR0KKI+b9rsehP5/iCRMZQujwIs6NSXytncRg3O7PwPYrRoSxkj8jmmxjWzhP4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SCzF/GYuuGVQsCWwxfOtszYNFW1WHpHkRx2sdzrt3S3QxqYL7Tzj9+6J+QhQQINQ2VEmNI6Mh1ryK
1jDJ9kgzvCDxojfLigMQSQRY/1WvUF8yJv8GiRLxE3kfYEHBJiYlfEy+MLfhwNCHIoh9hHP5643V
rPIdLJ80nTzjuG7JozrtJdtxOMyOIxlJhpH9j2oid31L0vc8jSILFlKZbvUfYNCkRcoOKdSThocI
/A7MamGrLsl5eiYgcSrSOjTEszBV8FWRqOhi/Ec3fJbpT49HgPnV+0CzezF6D64dUgNr+h9FWwa5
oCJbKxmoU9wKh+G3EuQuH87j4RNTG1Pw+IfyN//I9H0Lev0fiPrbc4miv2h/67w/9ONm953CF6hc
pvnKG2x3EvE/Z0wt5+uQbFQvf+DdUaWwG2XyDIApptk7sd8PKoYPibpVt4gmaP/slaZNIVwt5kDJ
uCWekBY36rPCt+jVW98dt6u8PD3BHs8WKRZps6d5Mks5vUa1btS+aTLQBpMTRrCr1YhMrSUh1I36
yA/IrYzEIHtE2r0tfHw800DnacU9fhX19BvbwUA/9nzr0ye3+WG8DLgjUOCpFxpdrU9+QUQlB8iC
2abyQk2PPvd33KU3VOT1DXgUD3j8R0yRB3sZwOqCWhUBLGWYC7u2834UmUjZGCavH+EQc/t+54=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mNz5WFyiH6Mn8gioK+lK2iQQ6B3+gBtCpEkkL9Zo1LSbXnioIEiRF9VK4bZs6w9F2f9xHVkch1LIY
+I+fHPbLkqZRRFqN8KhJKD4TlnXtnru0zkC/X0/NrSGnKzFZFfq2VLx5r/M1wYtoXk7bds0n2gBk
EgIrkug+QR67IFO/L2AGwZoh+V4qLEH0aBk5eqkUdSbBQvMAnWsVc8t9hJAHp+ED+OuGM/qQ4IIo
cQI0GIuyg7BVnkC7gstofKiUSYwBCyXErZLiFHCh/JQ6puV7LeqNvMM1oMyyC1IRW3T4Gmc7Dhco
HyR1iSPpSYnCGX0QsQQ5aSyQ/et9jXefaOqmoCSAfkrg3o62IYtPYyXu2+6LB0NyIA7pG5aNJ0FH
9rDqL0nzvy6Wk76m0eRPOPN0sOGsxDwnoQnAeZkQzuvtfmeTf/3FLm040rc/9ICMIT0Rcr2eYy5m
oeL97/pO+V803WN9Vsy3WXplyt2s65hboyeVUK6p4CJS8kEsjk1IWGoiBqiEDG+vewVy0r0LpWIi
VThBuAZ38rTwHtditbnXxxXXroJNTi44dXSQ+f9PIibNAjaXaQm/RV7uwxOpe4Zyg8N/ckJVSrvY
HBhYR9/rCZdB7jozErm5+o6j/z1xdbk1z7XYDLR6wq+8ROHz6GL1FAnhDffvc6zZB0z3xohd3E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YvwfZkEdjY6MNsS0rgq9tA3xCptlu34m7fsZ5JD50GALiT8Hy17jValYW5SlOFgwT5SaxoHVqFENw
dbbBLzJ/MiEoK9JJCSji4riFjI+D76nUEeUiZR0JQufeO/m6I1KQQpI473Et1pCRQj1PrKIKHWmk
rWprmjaASou0wi0F2UtSRWiGXNFb2qyVrnmL/adqKuTuj9pic5tvVQ7nnYXxnlvNif4jApdcC866
XUQA0R4NE8Eiop2vwUtnRvzeamu5XVfC+o1KAOCo0Da59YOEaDUVGXH5IjTF4MTHef5MOGNAQqdZ
+p1FxSiCS0oDyc82gTFaQ3Zo8Kf0gN4law/uA0lQQd5/alY2n6vtBw30Zb4deI/n4xdb3AqIri1e
/pOUL50sMixoE7JPTrGPORjPNfBFXkJwaCyXjhDT5U2LlbleDqpu1gQtoCkU/0rMYoWeljyZawiN
Atjj2BeMldvnEgvH8wfVtRUY7seCNHtVU8XevXEGV2qq07baH00PEFkAzA/HmrD93GKZJVTYLxz4
qhENSVptIvubwNrRF7ecaMeFKTSzcDnJcQN59noQuMhh4seiJFuuQGOXb+DEJhcA+FaES3vODH7J
cBCR+Zj54Nq8hQ8EVcIFk27uVctoTy8Uf1eKqr5mQms4BaAlqSbvfJmvHo3w9kf5Be1+owTvEs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cryo25sGUBnE4k3FknqOuLE8liT/wBIN3OFzNspAya4CwWR275fxK3jQ2OJHBolGhSaVunVDJREZa
wnUKkNzGueEQAALCkRaNnyfmIkJxHtM3LAXBAPasa6epaXoH6JKdP9ASopS6AtbrVp8SCT2i5QMZ
3FUBo2Rau0JiiWA5VPg9miRmQBS8Mu1uRoyElSuFEia7Y5EDc6JLeMBiqvdWTgo/c3ut6tu7slkh
28WCKb+MtY+4P50f+seAr3DtzenZPKGtd0MT0YphW06r0yLb/Iy4fmwzfgJ/bUJaDakTxQ82CM2s
fT6+sh90dgGXPG4zAhqK3X8mCdlDz6VUSWPijrt2HTTO3sppKBy2SspXl5AdvbdjIuuZjt7oBUx6
OCgA4/yekVMt/UMO+bjq/nNXPaHdWEncr9+s0dlzlCN7VhcNaR8whN8AGotYWvo/sEzBR+IplsvJ
ADka1gcUkOfROGbRf/r6M3z+B0faQDAED0Z2TK3srj/20W2T8W9AnfIqbXF/am1eBJogrBTJ13ZD
l9DfLKQYL4CnN/ceF5TIIDkzXKu/yjtcS49nGFLMFgFrc+1yhYuxvwcyh66Q1aWEE9TA8U+6uc91
R8V0B+4m1PAKbp026nLNPxACbRP5hCwWWnQgt+3l4jnqRioejdkizGfXzVnMK4Iw8gyHy+ZhJc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SvWdpRHtDsVytmccJ19hXuNAC+hce+5geqlP3ZxMEEjPjlmKPUtFnJHG5IzTCnJUxVxwdbKBldFFd
mBlExiFjv4cNnXinyas5kdaxPGnMDLJH5X0Z7JYcUHLzB6qMr7tS/7QIalMmTF8xS5CL3WC+nJp7
ajcNpJmA2jpqeApAUY0BcPy55lwrHie2kn2CU/oKb8RvOgUb6aOzgB+skFN3DK/9PGEMLGNITjFc
IFm/xh2fAp3Li9wAuHSvGchZxVfhGWaZsaiD2nHFisN3GIBSQ01971qZeB4La2h+noWUIGNmfIGe
5Z6/Y5GNu0yR8xek3B96XzclWcdL6p/EjaXp+6lqhJXhonqn2VD6OletDed7/c86WlrLKMkTDZxD
6uhPdJUMS3/9/PRw213Xr3aKDRy15FXxXnRoHpoJfn8FYvh//WfmN6I0S5YBNno9k/OYD8DRrpvE
0CSLVQz0b34tI6Qrn2RVJhb0LTqDN2Y6X8eYgYXYCoHWFKj/3v55s3NmLGOt1S6cnq3PxENzFVZ1
9j0UJK5ld78czagUHdN/ioGJOxk/GZQcjyZmJpfbnvhmaqhH29vulhITBfN5g6k6BDIbraoLgJhT
zz52eQFq4f00PhJQFkKxY19s2uYAdD8Y1FoTWuHwfmJ38EK8Bjuaz5miZ+av9P9EygoWm6OsHA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gkMCEHS89n0/RyHptSU1zbr7Bh6XlR1But6IHtiOtylTDSYycboP58tmLuD8E7tTLRIu6fsJJXd4G
R9qtxTCT7uDS9bj5atI4UNLjeG8mP73gaB9CWxCWCDP2mZ7QUaXZ0eEjdeKKWq0u96ab4h5CStz5
6K/BQRWXuhIJNHi60SEM9w+DkQAeDMY4tZuWNRI8mRtvvjGM2vHomVLa1PqajiZDwm4RpOc6hZqH
17gUJax4b1qVOirV31ek1dFR15TyYbrSwJwduOkn3xSuX8S88wwlbQstHmX2n8HmU+uQX1Ic+ixh
XI/esAHaiEhu4eoT4pHe/GbbuWR6wiLCORZ/qF5bGftG3waBy4DKUhnF2X4ik7KrodI2Wn75fOTF
N3RtHb4slyLmiKZKNPXsDJ4sB5amMOuVIZURWmhE2EGnDmFVKMy/wHUSFdFV4M3I3c5YMl7YqfQu
3UZIq+LblTZZhQzl8uvtmNLJ3Q5CSktpKCy9LHE+8aDKaeGJBMCbgf4IB50/TjXhix8HSNcTtmvA
5k1IqLdmYbdMqsdBsgZWn3F7Yq/p7tclxAtGqQoLcQcdLemZ2K53R30tZ+Pyrk9DIGJyIlXNkACp
I9lGaQRBP48Rit3XRQ1yM44D/Taetlwfau32/mXQicgUq/t4IwPH+B19X/68aAy5IAUSLmNG8Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
g/PDEzYxKYqQeKiejknumycdKi2mzkkxUpJi4ZWIAPWpBA/s2LrHksgri0jUZNC/QyfopfQUyyCbv
ydaU6Q1fNKp3ZrPiTcmYs4D1AvXMY9kpzUsDH8XA+TYSSjVHzC+DmOoo9/Voly4pUDBdFg4VAfSR
yYihYRo4mb4nfWzKSFgxAEMmhLWu/SZXEsSaSiXY89QCPpAgYda1j8HhANJ3Th5ygAPTb7WoyhfR
j1IuUOLOIWjjJNQkQAiwVep+mTXwQVyqRCJhVkYKYTJS/uYM/jIHLz2niI8yGluZCQdJTarnaDSl
2P5UJGf2mw23rYVrjEO/Q159H7JpAGopMcLk8Jt6ITjgH47DL4x/QCLL/qyfJViJNtyYLXBnoGEW
VrAdipevvmPZbfJJDEXnjbbjgUx9V9IJPpxaXGfc+qeoe+1sbmg5vmPJFT//C2LvlNj3O1gAHKRS
1SygngR6ACkQdmHEjsJN0LFsD5UYU9WHRC4DyA5OI3wlbbfRjBmX3IdN2a8F5WEkKtiuCNp89aVF
l5gcgwjMK4CrfFYmkxb1GeKSco3GE0SgtS36D1zPx0A4FMP71OHFmGwz3S5YwTED6Aa26ofwySk6
SDMQq29EKdYCucZ61IN6dDJdh2uralGe0aHeDlSFsfdHM0zZQnXtzUMOKS5B934NCq8Dmw+G68=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gTh1V4IDO6Bepa2JhoRZkgmW75rZQzESs1JE6nBRZHoYx3GEcrCcTnCCeZPEWPMs3GaXD2XU4nEfs
bFIl/1kScEBZUO31aW3i1Qf/jRLtcyuXJ3egcA5557mFN+2ed6QP61M9JJv6IQEnyYCg9uAu+myS
qsdNdlY0w6xDyM17r9snfrXI+T8LTcAsD7tQrjGnb9yXDLWugJigO7AsEbORqcUnW8B+0cElLuz6
u8uok372iBVhRn2xz9DKq1uXcReIQDjSxBj+3Smpp28cjfc0Ilz5vLAeg3eB1Nf+PkDMWsgDJ2VH
h+8mg8ivIVHIxmABMokYFgszReg8H3qTs2uFXIuSYS/t8XwpPcP+zhapk1YdQUX26zymdI+s7V20
9RK9IW0tRSkVAC/yJdlD12NNWK/whjjCYlkn2k32RkJXYpprz6IXBN3o6OpK5ewEFUmILnKtyIQJ
3Tzt8bgBdleKEvwg/WZsfz4Al42XsKcBwYttL0Pd5FZr8uY7JoGugSsxDZp5en87t+VKNKBIMPQ7
kH6XYbGMXx/NcIJgrp4WechtwyF34dpvxoVel+mh/Y/rjXRHZ6jQyCJeVApaBCaNslADr53ane13
ggZ6MlVqW3B5fYvrwgS+lNQttssjN69w3m/hoHhSrGfkEp+CIRUHbFDpN93eckGflJregRejs0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
k6e/z3fjqOfA1f/vEy/K4kK/v/C8mN9NErHYL8rSmahyZc5jwbNsh+au1D2+VmXZsmiXcNIaJnrYt
f1awWrajOPReFA6MCPqs4sYIEojOQfeDmVOLZPw6L+G23pKCGgj4RRI6iIc3uMVuvEipTpQWH4p7
d68YSMEEsYwg4jcIccQa6vBiZsc4QmuYvW3rOWO6buiRTa1uqWiNAedu1nIYTB4GxWGjj6psKNdJ
hvpUxYcVvhC12tzjg/mr5SxzdZC77tMGyUN1lnfmMF8X9HeAZpjsu3HIEf3/AQhIN+E/CP9betdF
SeC6KIFc016UYtYoTW7e0WsBwMZk3hp7IO5bFz05LBUTjA3X4DUpvuotUf1OjQ+KmdgA/h6PoTPG
b9TKxpxEaAOeFzR75vuL6u/1nW91qlbGORqw6wkzfHipjcXxgKMTI4OZLyujvqkEPCgU+iXaMjXC
YC9zuuBVitmaelIvugPfLpv9A81oXZg55NNaKEWmf8VIsfbaxBZvZET3z1h3CBNqZo87bwtJP/Xo
BMG2cBOj+pZlwjsau3K9uNZlwHkf91eG9/6ybELeST1w745xZC6CfPkrTf997XhuhLv48lbdKjmx
p+22PmKFi6mv92UsLQCn6VuFAxDF4DVJ0yz/htP6R+8DkvpVkR6YqqM02TMhogniJXm1yiAnsU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UZsCUXJzobg0mZI1O/5G5a+B1RRShyHp7kSnc4lz1RPwS3+Tuqo0kCDvObBeYWFBSuz6EAAlzxVTc
rcpVRXivxmTfgMQrb78AxoOZ0QVMRih46V2E4HDWTAODiMyqMtaOayNtvb9L5dnNltFlkyKG+kxG
525iQVizGCw6C4b07IDsjbqnz+3UL+zfz/29NkjDNXTvLM7D2Ymmti9H0j6vLP1UHShmEUhiH+Ob
00q69qcgZQgltCvYaaqJE/JO8UsuMfnoU5vkqxKqo0dETAuBo91S5Xus8cZIDLIjsNWRz98rnSZ2
kPLcXn2THAjlePbJ+peDX58HHQ5KDAd9STbjtMEUFo+F+A97mJrx68wGoU5196yFv+b1WAZzl3kA
UIA8Xi9RM1+MD0+RJP9q2+78aoSBgKd3mdr95L9M9I7/o9uoC3q7dvXUR4GuId5s3NnlmkqoM05t
M8yAmJTNdUim9iDU6lIkNmzXd3teSrjV5/YSqaFMHtcMTLHvC3XLSbGWj1p8lYPhTVzSRVx2gMXo
VLzBnjnjUIfdzK/r8+8Gk67dvip9Mb0noNemPQOduSGegoM8wC1eTtn9vQsGuoPIGwkCtANk8kXw
zq9VmLUTUm96GYyAKN9IJOa6mKI9s1mfGiHulWbJ/gnsk4FPKf9jKAmipRAP3SC/MM+JgZ+tF4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\Roaming\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LG4QrmtZx63c4AktIv6yFVal4sL4khkDk7HqMz9A7bnGHNvUUuMAWkEvbBRb7M3XZwbO3b0rXUs4F
FOOtdIft6SFI3k1DIobgRxW30RtZCHL7ZTkcH75lndW/+SYrDA+Qo5/eR8lInxXhUaldKJR9bOXw
ycv4T6NlScnRXJvgCpzALAjOLDB9V+GdRlKQJBXVE0dHn5sMD/8kGuKJOEOlHc/JUH3jtRLdxdZ2
WoszSbVEdWHo49lJ+CMcOaVPCtl4P6r0z/cghXCTKJ7W6KQ5k8aO6+j3WCxEiRlI5152FMK4aDD+
3EOn8xqBZefWor9Jx8eafjiposR28OliK/IQdjGpF+2ADgkYCXbzjPPWVOmCQbjXkLwV09s4Xy0g
prr6H8dhsGMngZYaWevwQIXTajaAY3VCeMOpblad0VpoybZ/Ak3D7tGdPcQlOwI2HqgxlR4lF7pQ
ul0ODzhG6qhtQm+2ThctjHjS7XezkgkstVw+1F3JugO51x0Ep9irL+2pXIZva+MUo40uisMAGKtD
AKJA46pXwZlGOiNycZOb6LYdwtB2B2qNTF6MDO2eki/y7sR6h3+yYOWAlOdjDtCxETZWbp9a59af
HxHD8QHTu9cudarihc6HWYHbO3euYlJIXQgi//m1NzhBMvEktt9T7gZTUxBt0vo6y2FsKzQAz0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\AppData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cJb1NyFJSxo8IzJfJOm8ytnOrkZgQRtz2mxZo6MWNEq7DvkUntz/eSJowRgA11qyJVBnrilTNt1Mh
WRleIwirFqbQx0afZW87QpuW4dhpjIgz68rjBYM5t9L549+CUljL8cK1zYR/ZTX2S/V3yx0SpaEq
ufH6MGHJWz5Bpfve04rsaN0ETWdHDuu7Ma0RUWFf2vK6q7RXW66IrjjMd+I6Kp94lrjr19fvAHR7
P4uVSENHlQVbF7/S1fGO2zFKWgJGbptX6UHYAzQX9+QLgyvc+lnVeNRZ7Ipok1maaGB4iB8Fi73a
ULU5pZEDNgB/7VvlTCBfWlrYoYECZ6IDFiG3vD7yaVNlwWn7RKb3jzAXIHSCx64x3C2pSOt0ScBn
dBsHujgvRu6fhq3qHDD7ImhOhO6N3dBm+qCy58FtCZLwSQFzNLl+/lJRkO9TsnbajBtvhobrnB7y
vMbID6FLOoHj86t1m13zMfsFeHgxFEA6MHe3m555TeYCVFp31tMyuLhBc29DpBQAwaU3Pm0USiOQ
J8/DzZk9SFcD41wV0DpOxBPWwDnTh5Lp/FXRDZ550RyXLu8QUN4bEiQ4qHZwj7QoOWlO/e5g97q/
uJnPhxp2yBYqZt8ofBJ+2NWTJSF1gZihLHvuUNhGHd9iFZKQdTqMG5tENO+dftkiM/9le2c8Mw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KPi5aOpEgiFKcEI8BcI636yIrT0QpDH4Q7b1b1EyespFwFAYs74LusbjdG8chmJZpNRyA5iNbXpK7
x5i5C8l7ffBDtZn+KOCiltX4ubTfJXoFmtR3OisflTgbEiH1jMHV0ttUVoR2ZSDSttLkR0ei26Gq
ad90mOTEWC5kpEe58VohuvV0OcibQ5KT6S/B/VlM/W+KZ13q4/ono8xAv0rnJHVhKauzGlNRoPCq
kDJCoACaECMOClTWnWQ6U5SPaSMEW+VSVgYDzsaalTG9/rXQm2+mtzSPAbza/mIJ+H8+aWyixUYc
bJ3AwzG/nVWzUun6YDikFJbhFn1IKhb3o20I1qmWfRn+MkVVrDd56mSPfSP2vkjNNbv+fC6/rBNQ
4pfguYCnVjbRGdBtaBjSeoHi1C14ClSokKh4N8LddluiHfjPj8akdJ/P830FDyVFZghMy0deroFI
Twq3g3ou5a2UUa6aKt6gsfA99xG4bjSERnWtscUO49VTDXo8nhzWNoJQiIVaKhAWbDXmZv7Bpxny
Xf096qkPU5Xp2HMw3Zum7RTP6qk9sddz74Sb0FimfVvaG6QO4Yr3E4BH57LKmu5OitAKxj1ozsBv
4uKebA91D12HdHYZJqEPAv/cuo/vZg7iNdn/XhuUpROB8Tsr4Vy5CnsJwTsCwD+2cWg6PO8IgQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Desktop\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RP/vONvCWO9HdPUAPxB4zmVAJU+1FubO2oAozjObEgXBTj1F6tcRs/xvUApc35R1uAmBb7EB5kcrw
nc3oJSZwRbF6VsVl21EekfxZ2gtCUZ/Y6iURvZX+B/sZL+7nzu4qao/IMzI3/XVpXXOIIR7hjtOe
POP6vce69+OezD12jMW4EKX66k1cF/rRFRtTzseNMy2O7X+pGzE5DdnuXj0IomMAz5vn+gvOC28A
HLxuxqDQAMF9oXmJHip/v2+YB+j2abpuZ1cWT/iYc5Rmc2lRApjTXtbQ3TpiS0KO9iEfrMYSLPuf
9qNY05D4UcAo/zst+/WbH4dKsI3lB1PFf+9LV55Rj/Q5yu6+E5sGsjdqfB5wx4Pm6fRtQSvfh5yt
kzlLaCCcyeYoPidhK6/gRBMsw5/K/rr6NxV/4b9zy1/ERQE+op8WHMOHlDJBTQecJe9XzYyJrU7Q
hgFWVPxVSBKU7hjiZZc2cVMNMCkqhmb6VQ1uMA33nbkvDKRN4XBAfpFMqtIftubJ+d14UOL45vii
1PO0lKZPwv+5qYguQ7RoTv9q9kH3LNF1upOhKDSTbkcufDrzayYDq2apVrz0WwdBOfr38wsl8YXZ
KNG9+VEjvDClgBLS3nXepA/EwMGrOdgur2/eiA0yk8HLpq+XYxta4W6XPwnA/OMqnOx1leF/zg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LqFYK40OdnofLgeejiyx/xPlUlu/e04ckCNctQZRBopKYh3/Kk04nruDfEHHjm1kZDLKKUg9uHUT8
JW/FBQ1pcKzGTQii4BdjjRDGfjoFrL1wO/b7U2/DD5eQrXkeSkM65NuXevZNaSdOl3fEIzaGrCyS
9xA2Xm5vi0fpM6yMu7T4TVq+na2turgZzLzE41t/EJTPBtllGukft6qxA0maZomLMKKr1meWqGUS
Z739LB4N6zcr9ricFY3kJWfivPXafwMUenZfJpw17JFeD1nY6ZARkZc8lhUCZcMVoqoGCNCapEKl
GZjYDGYEcvNIaOTvnu+gdBF8YHFADRFmTTFFN6zHr/wNyeTi7GXHZaCkrhQGB1bi5Z3DIbm92XVb
4YxqcLEU056wAnJUxCa8p40NlkKCcEHZWGHeUYqqAdUBhfXSW0PNq2utPpofekJkfl7utEGJ4wkv
FYEZhbJkI996b5YFkFrEigJfZGeDNeLBwR1DrZzSbvUmkwLfGVCHsS95B9EuanwpwdJAv1FdUsVv
wIgctoEVwQj/oeabtSSsyakA6BHXkceWz/BpGEu+g4I/CoX7rQS638coBHBEQ4BY1rzQb5tErgpJ
pfulsc3LFYca9WI87/pELCLNZzc1Ja+Io+Y8VFBkoJlcWvfSHFwj2RnZlYM2lMCXrsHLA03U1U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Xej0UTQqXIKaDAPRsY6VdoRsjP13xEIfKV1tuB5pbvxYApYGVH9F+UCpQs0iZb1YoQbuwiZShpl6K
oCZdmvLYLICa5j3V4ivxbJV64QqWYg8W4LVW0fPQSVLgp27B8zooaCYT8jVuc2LPCrwkf7QySeCr
N9bQN0unp5nrT7MTevPLx6dtqC7KwjNb1zqnQwcgMJ/BIDobqijHofVrOdPUT9BqocBTZ35dAT5y
I0ZNZ/aVJGplay7MiU8+aUY1sLDH7FmGiIJ4AdCnHaxWPndW6Br+VIBBtsM4fPjr9ectyfk50eN9
zbWQ44wkrr37k85u0ZS8QTObWo9SFwbPZQpr37PlVLXgIvNPLQWBtQw5/WrapzdwosP0RsSHDJIb
3trpgJbpY8PMyDfTqG1sWzmmWGGMIkVYj/wjDykkdPvE2sUk00cwZI1VSOzFwMwTEanBeDKzROv6
UqlayIa/4YK/ctyjPxdNqP5zS65NRYua+8TI5Uz/OFpd/t3qmkmixKplRU89xNTt6VJSJ4Tt0m2t
TDygLZMqOJbvHVa2nQkaxF4I1TTkCZDqf5kMsmKjM8DftroU5H4Vbr2Az0trdDo3K2gLwvYkysgY
NRlrZwKx8ZXRctkpRAQwAICpov6stRLLUOtLMhi/L/O9xqsWz+j2fh3mwrBAeHn3RrjLmJ+dFg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kValBuIoLIZQT2TeI8ZkIpjW06+lgp6EEgAg6llbv2HjFlCRku4Mf+fkXYHAd/i/FHZxBi/ouDBQ2
0luLg/G744yWkRwj9Jau8B7isMnE6DiUVlyFMURNNTHC1vk5tRGbzDi+miMJYG2RVGatMcIX6EzE
NVFPuYM1tN9C9Om8igM5wDkbl0T6Sz1BxbL/hT8Jy98LeJaQzhIz132QwQ8B8aF71fQbC6t79fsz
11X6yufj+Al+GjO4Ydmtwt5obytBH6nSEIPsB9vPTKPXRuuJKrnqKq8Vy6ZFEOk5ChAK+YfOyBBx
0Z1JIVjp/kpTAJegMim9wymcpcy7qjRmscWCQL4RAVANxFW0bzmZsVhXZx4tm/eAELigUrjXpww7
E4iYI7BJxgWDAoKBJbN4f/VIWq7yNZXlqgB/E6FkQXQyhklQycTcWHO4ni4CI6/vglO+ABNoz0Ql
CKn9i98y0VQErNUlzHidB3uj0+4FsBQG/2pxJFggqIyoPBdd/zu2zIE0Y0LcGq/KCR6CxF3jBA6N
MGFBeWxKNpdtWQqB2WflUigfBs8+TrkzximiGFd15h15uefFhA9qfoxR/PMJ7G64u88pxbc2hY55
NcP5ShQZj4pnSA5jOy0+pN71T9J7vfzEjzMbygmrzvy95P/a6pulK1UUvr+GETPYA4+NDsj4Gw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KXHnkkptUnV1U5wzZrqZzBD/ATK5oAyvkXauo2++Jkgim2p1vDz2ISBi8udUddKuPxJponV1sCpiY
lNYVrrXjLT+3gzaRJxIfF3Nebmi2BhG1SXW1Y7vIuIA63d3szSVu5PJsLz7PGA/DDOZGhzxTrYgk
XYtdUK+vYyYYYJKT1Y7QFjrUZtzXfue8qA8evxQeMXnLiBu+iGNtyxroS6z6yUIVJoTPYIjHhkMi
ibyTjN9BWL/b17chaDlU6dzjhKYvtBd2LO2iNpkyFpz4ETLjdZi9cycNXCDF0bTnr/thlLuKdRSm
bKt4dZBVQPU1Dy1j1/zPBsbdkyfUl4fZLkAU/SvXwntWKry5j9FyiXHbc3Qu/e6SNnQsU/RWeRXe
RimyMV8CJ2MRQL6z3tTprep4LaYpJwBlwXvgSC7jUfBJvXw7N4rcgeNa2O0ZUmdrD6hnqlDMgIrK
3nBXMAAOGyZmBzebKFb5at2bsPk7bNohr2MNUmmWf7IpNqGvUjls2FRNH8ae/Nd4gFtLuCrOJhwm
+13uX35fLTYVDmMmbwtRmuz/j91RUe7ZloYc/dOTKTXtKIbqUJHNTFReRK3YtlmBtqvKjrI53xHH
9e9K+Uqzn08AF1TznMWLfJDxy/CL3zAuDUgSgCxE4LJMJJDKC5YP/QZwrL9N2JHXzq00Dr8lVE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BCZJsn/LxorhdIX1STy0xrXod49tLKAO3elAlS2IZ3sip5HnqnyH6q2Zyicv4vNFHWAfVFB0aszIF
cpVt70ZkzwwBFDclT0zPA89C1DtIzHwAmxY49XMc01hiv+3JqZJSpftRyk9bq/3wrfX6hKDiIUjn
Nb8YKVJ7x1p5PIgCSzcPsRVh4FJvFqn7M6bmqKrfVckIYSvmrm79tP/oBGqWyZANPa8kojv98Iod
yChZa5fD/JWHUmLoJxJq6zpv0GZi4CijU91a3h5A7gpxg0dUPfuuJXzWC2pULdlO5vhWOMhTvR6O
yHRdoeANTlH1SlfFmskAMjhrr+ohPQZ7QumzE6BLPv+GAlAbEL15+uxomE6ZCaDMJYI0QK3Ow24D
bLDUoRp+70c0PxTvJG3/Wr6eeSZwXB1vpqOnCxA8oEMkzp5jA2mIq886lKX0KaGLevrAORw+GecI
xcytxBUL9XYWIXC8FyM/BvGQ2RQn3uF0t0DlSqQhOIuN4noa2Lp1OTUjbZogBLVtZrA7txK0iek8
02Yj/82t3c4RmHfda1zlAcY21pQZm7VplhY7Zewih7e4586ykWK5smBsjeyHLHr7LVGqQzOott+L
Ji3TPyNB+NFAPgJDJQK70eh63E9tCEqMQAhIueFK+w4QSS6UVZKFL+rnw5IRcKbBE1rWji9NbA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Documents\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Zyoqk1pHdzdzp4Xr2al9wfFzllVF/KzT/wwaDYljF7RHvTaToJMF7EZetFszeMS7QQi1NPk1yM7HZ
5qfRwpZMBg/bLb3lHHXp9ZCifrXM7qnLqXkLa/O0e9WFSVaVQEBVFcSrRXXlqPpuECeL3a/DaPSV
TjvlJAynwIUz+ZG2pjMbG9/+kSUzK1S0PFG/4Vg+mVqAYhLAbz+mGE9OuPqss+vHD/fQMHNwgfGU
HzRsJE9PefShcx9Uj7z9F3UsgAR7yTOy5KRjzF5NgVdQd4E1910jTLRD129nPgoKEeSSeXwyroPx
Ppad9JYaQ2zufYC6d5gqZANdkE2OrKvkWo0Am+Nv6WqyYq5vX/V/+TWfUWo6FgkS91iZLICcVe8b
/aKfI6nGAKa7Xmff92+1UAMpcoGGxduDaWAasn0GHC4TK85t4HK+xIDdctsU3YzxW9X76s9KQGr+
X8ikLzVKk9DgsSEHof74VOPLNpJBrkK9DjYIWn8fKxSgyRzr3szE1VRT2AF7wlPTiOGa6POwvqd6
I8v3xilUjVZBCVv628ywPLi+x5iwqHG8wGF2eNOuNNIxHN/yEdu/QHkwqr56uvDZnH+CD/TY3N3T
fHzGRksr7RJu5nBEAlf1OdEJgUIIFwR73NFVGrneBwhfAo3hUS6fWsUX5FbJT0zvtmkLK4arEc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Downloads\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
F+j/GD5+eX6X1cUor7xWYmWHWVOAcDp/5y7hWFth5dweCJLzZnfZsGKI8LhCZT252sTXKCA1Y2wiq
a5oF0sLsZLn5zSkE1yJQ1NY18mkSxAcKZt8Ro0521G+pxPSl86LNZ+r7BH1gyAk5hLOj8CdQ76Yh
rCBxTD+zbwq5laphYRW7YQpCos1uablMPcIi7tIySmOKq/PRFbo7+pu1F3+OnCYu43X/AUZqI5UT
nAyGzA1wQzjmofk087UN3vqyCxoUJxVX/DdgNMSliDAWkJvjciOArSAnY1SQxtjuJvCtx50eNx/B
4YSBS2MwHAT5CYcfyJTZoLUdaIeFyvAEVJUc5jBTTwl3CUwc6Atrd5oAeAnkvda+73Hf/y64Cm2x
RHLhmzyJE3LXdZXzMEKp7nUAst5vECq64IvsQ7efbRi2PYHH5HQ92AFpeau5QTYQFAeUS59CsaiD
GiopvdU/JydDBC4Qe9ReJgtFi+FBR9vWtPp8QlfEyuktfmtPjHzA2PHjYCKDsXZMr5U8FoHaShTd
zRDhYQHvqWexhiI+eyi1rrkcgjcS3jJsDnse5vFjLUW0LfQy0zMnqAHbRAp+UVKEwaifFTrtgaVP
/coxMvGtFYol/3ugXeNU/I45kbZU53rtroqqH/TvADB8WvTc22UpbnWJOv1/QYPb0MiZz10hQE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Favorites\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ijYDt2zy5S212R6u699+2ruAPQILEt5UpHWJLcT0+StzOgml1+Luc9e5z0AwtrAcUpRj58Av/evq4
h+5L2mQ8yNHKBdJ+SdpfC6t1Ydyh318k9ZsoSb3VSnc2j6tobwDD+YA2liDLLYEKC0fW1SISkq/D
yyydVYhaK2FfdSzvEoZeu1h8U+5fjzrNC7AxcBhBudeIKB9WTcw62FK+j+U92DjFm/LN81n2bXMi
AlhF+ykfyivvHjMbnSLqXwVrz9p8zAIJv8nk3OGowOnp3B2jAPicz4M8p7RiRjRugiOL82SMNUil
o+8pbgXeCzRsd7ujHOWYz7Ny4ZwGlMLVyyxcShSifj8NseP+qHUfeH7oNNGH/2O/1yPH5W5SgvsS
Oh1Ad9PG22GavvhEEVn7NXXu5+FU02JccEVLcIkcEWaHJ0Tn5Ttv/z4IaHL3rM7gVlZUvlB1sHl7
rK9O2jVZOgOvh1mCPTKZXJEw39j+NcE6e3PTZYYUwCqhCKb+qx/qYYEo0EzlQS2HT6KWP0/WxW4q
e41GQU3qRreRtrs3AEc/AozA2WvLmil2AP+CGzg3DjCjnxdymdwlKv3CINuYEPL7fL5T5Pa8KxJZ
mt4qYHSI0QMd1YpWpWF8gT+UIVdJhdgyAk+qrjWUD1GGZrl1oK5M4yXQtKl+G7yukBPGXPsuxc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Links\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dJcLqyoHX5WiZVeQyLmv+Ysb+Js70rk9OVk4vsN162kPvjjKs443iTHu+h3EztN6DayWv5rcNpqzt
7BBKkSTTgKCf8SdQCGm9BeAFvyHtsdB2U3rPFpHct3yibeUXSjlxFK1QoeNQUMPgJcRlGQZZ+O52
pTjba0I3OKS3a1WAw731aa4SZHgpnKGjVzBCndQsXPRmq8FDdtjuqq58Xyt1ckxHtxjGeUXO7EYI
AcwBzqrgfK0KIUWvHXWbTT0hjxXDGjQnwR2++Y2fC+KlJPFinGBYGJk2zCmHhq+9qNCCrDSOIpIa
wQLJM2LUuZZdSHNX0gnrRKp9JJA6x483mNtNu+9iy0SH2Rd7ZjjehkgHfcXMogkQYspeiKuAkqPU
xUZqRBgaNWleqA2lzO4hj8IRbIiLDMv1Bb3UYs0C6ZNz2WPltjUEojN9L+rkpg27ylx94hAUZxw/
APxszZvFYoY1pGx4lqWhgP+6exb/nwI8yp6HdTRgHeHe0UOt4MnoYxTTSjDY9Hs7q07GoQvw4lHU
MaVKDxJkwfcZgQxQ7iRQhWXFs+FMO2D+Y+DX+FIRNYDsVLevhqZ2d5iqfjw6cd+zAVtIJOUGRkJH
fJJ6pHCC2iPiMmS2U4mK9XpBzkPvlCsHwIMz5MrvBpO5+Y4LNaDPM+25F9GEWw93pobxKLCdvc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Music\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AgT1zEDLMR5iKkPygiggcsW2gzgdPY7mRCEE+QtR/GmfRgIgSNrJo6OjLMwAa/hmhGChnoexVZgkf
mFfOsCffbEhVlKH9QpKfme4vGJIYExt2nmnmppxwd3qp06sz3rNpfx7ONE/EJmnG4fjs8l0qYpE6
gQGudlQ/wmUo454CU6p1UuqGsybAIGBy/g17e3eOBDI2xurai03ZOE1TkS29nmF2Z7YJSiKaR0/Z
HQ8bjPPvEKiDFAhq8T4QCGpxen1rb9xPAtwSrFCJ+QE/7N2jteuQuZdb5FGUqro8KKR3xK/encP2
WBjP8H6AWAtsz0D/qLMebAfpxd7MKvlGr6VuhsVmVDvsKVZlasCtYF43I7MqCPw5Kdl2/32PKhwX
iSO7c7pcJrv00oT3bWALJQWTbsyfaNwIU0YIhELbYGHRHaM6ykpJPs2vYswXCmsRCGHyC0knxfKQ
BZV2+GlpEsVTWBZ2VJzBhqAqP5udLWqXcuh6zUmwfA7vCX+VL7tOns6q3ZQh2QJ4IPYnozcR7jm5
asAgbTm70OTOFmHjdGeQ8BHwEMyh+nMugMtEsJeiJLs/tzW/Fxb8vtCEstUjz82DCxOmoqvzl3ZK
31+WE7ljQEj411H8DkT+HQ8eubwBXqhBi/JA9E1/prEsvpYbG8Ns6Ysgqi0jzbjDC57zPQ80EE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iz86239Zl51p22KzIi8GaE6VvPJe5uwbjjMBXSZwQDqoia+BFY1lUYvdUrtwwlsx/x1W6RRm8WKh8
oreuf4haFehbfcrEYg8G9yH9E7aAWFixOJDZ7vNWytEtDdpmDY2X+poGq3JvGuKWdYF23QPKjeTL
G9y1ahma/CsMsVooXvrCnbrGPRZ6C5HtF05jJ7gz/xwoQ0tVfrARNkEpxKrLfJ+GLrfdh5vHXFN5
qE2qM6yrBv01Jwfls8IqFBD3bPQtfmmmR/8f/rPWI6rU+auMHsgzCgjhgOWaHDuvK9NL0Pk0KtlM
/BLC51FJEqVzRCK4EFM/vZM+w3wHAhBZx2+FvcOMED6De8pHT0U8EN6PgfmINz7enBwCqM9TwwLr
u/qq5x560S+mliH4zU6P+gC03eNW/BvGzSvfweVSbGtmwTD6uTC2uXmwEk/uedCoEXtlwGp/LGAn
q/tuZf+SX8I0dkf4g+2Eq+NYXg9XSmzts5lYSlbeAqortOJFbMerdXj9uU6T5By7hSDhPyPpjAKw
a6ssj7q2mwApcuoM3gm+3L3F6Nb2VXYKKbhq+VIgK/5jiItJwwF3sE5ado2xRgPJ/6+lsywFz45p
ggjguibNQY4iDkAmkZPPM7ZGNnhtVp5oRimaaERplTiBFf1VmeLLQbDdPgkr34P/9Dmbq/V1Mg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Saved Games\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ba8gt7IprwQfcbtfZrBQt0VpRtCePekchRk/IDTu29TGw5a2AxNskMmmeckzlOG0ErR5PpfjAName
XQ6leKJxjmZV928VM7JDHjWZLj7kJAycbrrgrKnxJgUnOxpE8ipq7XYDk76cYb+8LJ5bkoNuazjZ
gh8P2+Py0SYtO1ERC6k0b215XhA/gthasBlD6MVA+WalIZlXithioqUl/mW4/p6qwNGf5997jZmr
SFg6+qHNN2sUWPKSyRGEY2CD9IXhVGP2XyFooGHLFmrXcbzHq4BwZEONWFZbzOK7Zr3UZdFGxkTh
EZJkE6q4R7MWwTLUJnBO+TYJzwf8/wnurbwQ4d9xKcFbJrC6TOYg3tsXP6mKpRN+vBoxLuUy2vOw
wm/Z4WgevJHuqXJt0LYVhVPshyeiwRigTnpbOhFx3ih0KWoNwM4tuehfJ46aHn2YX/9Bov636UPV
S+mlwdt7zw3S+IZ4QZVZ0Xrff035Sn7YFiyOqBH15D8FTO/Uv6Kw1eZMsJNbEJFEB9hXEq2M6iY4
ns8/MqoiaZ6ZYOo1bH7rPVltPbQOnKwPx3tpnIYid0UOSvBsfXkIQf0g0T5PnjBRGjL7qMsygKWH
wPkfEPo/wmM2jwlfu6tRDIU/+jXElfSWDJ/RTlFY2M0oNKf04i4sTQvGNA423NlXJ9TBvDIgaQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\Videos\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Fv9erQibyfFCjbVJzMCtRH9JorOAo4/ZFwPIvMdQm1vh4S73tbIfIcYrKORzqCGMaGgmapUHrDsYh
UeyYx43Vy/I7qOecIMCLyjt3aPw1syRhk3+ILln5NWvze16AHJahyIGb33vTKO9CRYQntxrLWmDq
utxlBwLlY2hxrF4jEcYF5KkpvI2uJOmcI1c7XnkZa28XXZRVuG/K/2HeXn/fnHOc7vZ01kDlHeLz
5qA+5MfOa/Bbnbc9PWyb8iOCNnlITXKyBkZxsmDl62UUt4Ob2+OkeUtrTCqiGUl7SujCzoAr60VJ
I8FQzBtkagYzxbw9yeTOZQMvV5FltjnHCoJrl6k9nlG7SdDMBwyMM3rdCvqhqsvQn6NSbnGI4n5c
g1u97CV8MAMh0AEk8lkEDYLNaTnH4yWdi0a/W1eI7ROl7oMoxf67ySaB2kjiY4mK+fbYcY68aZ3r
N3r+w2O5qN3Gy61dA9ANuG5GZjZICSCSqUcOPh7yvpTpzvlRQRHiyalm581q+6+4RS0bGzwjI6DF
xs09JrMMJ746vgWqRFvIKuwb+d40ihnFnX+YUo2MAckOWtvUcu5yUYVWRywo2bTi8a2IlYfkufdr
JUy6NZDvcpkHFCX0NUAg9s0LPS1oRzbizDcRvnoHznsoNCjLVWo2DJV/L502wqv0ruOMvmnkUY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Default\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
b5NM81pK7eW+9LmXxrkKKuRy86HzuRDUGyYeVMewHDqDHBIJwODiN4Gu3vvBS0gDqBeitNsUShSDr
CG5MfYHnUSXU9NG3ZVZ2xnsjK5cSlV7ub2K1lQe+AzvR8+spqJMKMtkB/eEtOJixGL2OzTNczZ0k
1m1lquu7Q2kUflQ0UTyu8Y7HMdqL2nmL5WTZNIBH56o6SpDS11t7sS/kuB1DCGxGbWEikRvJfYwW
vhYf8G0AuNrBll6r1qTMQnkcixe7C0/Nb9nhqxnddqbteKI1mTnIWekZnFD66GNiUbGzLupUNRZh
HpnXt0o5ksC1ETEADPXMikybQlv4rARQuHt7+qnC/WMh8yijmnGwGRJMIQXCQ8RYi/6+tG9yQ4dP
B95NH/L21FcGhKejtaIYjQndk+M43KDrEH5lufMZi6LV9smJGTxNWDqME2LCx3yvkxrDHNrB7xbO
gh/nvqUeP7HEeQigXQhtA+ZhsyQbsWbqfBP5+mKxzgtfB/eG9xocb0730+lTDiPJa9cOXaxz6DCm
Q66OZMBGNfyT/cISL4jjJ4y/WYYdZt3NNshL8xrAtNwJl7pe7wCmkxmTekFYZRL46JNUsZOFLDK0
wA2oEbyzG4Q0V8lwAYliLZ6E/Eba59+Tcfn60WR8R7Roxv4p1svPSWb0vkTIgE/lt9CSSAJTX4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
emi5Av1zIY4bU8pFQYSAKJEtD3W2wZxVcoEEaEGf3rTQwI0p8dyOSaq9v4VQPJ8SjclVyjhjGUHuO
ccYsSL0RxY/1mOp3xJEHW8p8Ct9NcnJHG6kBAMf3gr0ll9wy9jJFLyPreWya4bGB46z1lSPaGkSv
WekLtOPCRfgJF6ckhT3l6sC0Th/opJUkrkMLD/UT/MCDNCOKn3TVywE3LB1BhWbPu7HfFfTDR/No
dycgxEEjRrkEi+JZvXpETuHpJuOAgAxE2iQYHNzpkbsIDAW+yYTB/gnEn+tmRC6gU960n0UuNgo/
GWXe5+r/teqaejj64t8CBYiyaQ4J3NtBPGf4OuChUAimuQ9uZ80sf6FFE2uf8ikJInVe0RgM7prF
vJGFUpr7FF8bhnTe0KRL5j8Ojxi3KtlrvxWAAt1zLzx4iLHiZWd0xWEX9MOrdf27aiZ+OsNdBrZr
LybJFN38JIbloCLsu6SJ9r+Yly68pxusjcRlfxnVipnljt59aY2EsJjMM0mt6tMympLtQ7SjT0EJ
7Mu++X+emr6qJ6fzjuQkoZwvaTzt1jELiGY2cj0X5Et0xIW/JsQUq+f93/msSdM9Eo5OAiS6yBER
6/kt8v6Um8y5r2g60UBotu8W0J/ntBoaGtWUiDc9xCjADZEDhbbPC7Erypfb3g47QFdxzfXKNo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Zt8rybPvXVs9oB7w7DFms9BiMhyie9/Z1iDwWqu0g9z+RSxu8vB6s1OYsO209SF/lp2uN8q6mioHh
AJSJHlmSKGlth4R/FCdnZbSapBKC0KsTGlBF7ImaGoaQCiMThCu8NjGzJRWinhDlW++CEaP6IK9+
FYU+zTXyCe1XxCMajwJrZzF+Ow/+F4scGo0yQZ5MRYEQEEYDGNeZzwwIkC5jaH2JnFX62wlZjwPE
RPTvk+U1zb4cEdUqMXf7DplExNzjg4vPVoB/Fist7f5JhtkYEzghxdg/7I6fHRlRgCt6nxTMNq5c
dfe1n1VhZg0lSVsZB6sHnQxq5ra3UGJHDf+l6MjX5D9A5P8lZ9W1y8aOOEDbDTpcRn0EeIzHwOlK
M6mCqyRrRxKMR5KjojVfmRBQf/r5NoDtoStK7X1nrmeno1twbohMLsIywo7yucuTk+OML0Wx5o13
mZjDFs6TPYIkrkTl+wz5jwYfpTkZNuToZT/Xb8iZHalVNIQeMwIX9cDnfug6WDqgosx0qjD9rTta
bgAdvLynJVPlzJVOZg6+K55CPdZiObulNMThE2q1trHiG9mK/P9QVj0IFB7ATLwF1bPtTIR3PLMT
O+N8ek3ayjI9RbpVqQx62zDHoe7imuO9RNMGfWOuyttEBIZnlTmRX3BfzwTai9gmV8H9yeOzK8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lBGax08AZ4AHYgUDT7YebBYZMBQc3cyRNKaur1RK3sQWtmIiBfPhZGx9DUTcYi2VW9JQaifNnPbCA
f4io2TZIp3D1bnKUVbIMg4xVL3lm61NmkDIZgniUt+OIN8KsTzKsuY8cTEYX0elj44JMUXnDatsT
f1SlisBiwP9uyR4AV0vSHUCF2iq3D8hinEkrobMn9ecJ79Ah6M9VAmjGUnLpUmtIx+JVnaZcP/pm
i3dWxUV2pynYZsB8nLC5zzPDeNF60ZrJwtZsnqldU+w/WXVIivbcWmeR1CrzyOb1WCMVOw3E4Avg
atAqUZs8Cc7506pUdHXtvQKk8niyefntn6EckK9jaoNU2CrGI6UOsd7IrkdYbZhj3xed8hcrpJg+
mUoO7B5QHnAbIk7MdG+G7JaM5ccOmapkiWtRMCGNXnKfx8NESqNCRJVgWq5W+xN7l2WRS1RdLf66
FyqmhwlJhUaM2BMN191TYEuOJD3T+ylqOxTqLAQTKKkuokCc70zcuk1NHJIJ8Wdag9rJIqP00azA
qJimED8DI46ErYBSu3MEKc1bqfDe5ZcKqQZsvEha+FdqfxdmBL0QGo+0PE2Eh58kYIq7lgHAyRR/
XTN3gk25tTcgcL5sjtGJytyc+2NMXfSx35Xu8kn3WdnDEWxT9OBGDalJREdFXxvJZQHTLOcA54=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ECSerivceProvidersConfig\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dqJxHW+sDRaUY/mM7YUkLV0CJXLNjBiZgK+TEGc/DAHSTpcmzEIeb+sQ3sVV+B7O8+742yOQfCl+t
ikEj2VHp2F/uly9Ir0pWCMZ6u2ZWzOYRVVLfbmr48+K8T0B0XA2LgyUbIKl+k2z5Lmu1SGt84ha5
TcO25+/XIEXnyFmjjyDaZeJeoTKyBIHqFF+j9sOgH9Hcy74JLjzOAFpqAU4RqxlCPQx0AVAU9qB1
qXp7NXopxmU9ezd4vwL84/HByUeaBpVleCyhehfWEoggqmJrCwioOmDHRIde9pcMk/WgfOglBoVF
GtHvAMHXObHTr53fY/RM6XWZTOnE5uIljqsonIQeE3/REBScRz9/ymkUAldVAgmymlCIPSfCTACt
cAE3TW+WokTJA5TmCMU0p/HhPAGh/EYWltctpCpsc/5n0Y8134dbREoTG6jUrVyOdKmI3DS97EL4
aKaqH+BWwnv+8oiM6+F5/bfpHZc5v8AdVl4ktVdlBiK/NjzFZLLOLaTUzu+F9I5mQLdF5UWVuaDt
d2UUjbQaOq0911A5Asa8A2XC8qbvTJETZ0y22k6u+OMX0/USrlK+fT4iDTINFqScgw7/g00n/6wD
kr9rB2r2JSSVzsj9Fk+n1rO2UwW2AytIE4olaN0JiYoLttyI11kBfdFoSJVaI3WPdkO1zERU+A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\FileTypePolicies\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YAChl+b+3OJUT/XcIkawyDlCUqUKprtCYIHplt2KQlEg/NXl6sgLGgfGZR4ZfWPar2gioZ+fqdj4M
SPDJC3MIibpIgoqKTJBANHoOgQpEF5EgEZLMz4LRhGjvzyv3ZVRzQbrB4j8PF5vdva1dhEfARX4g
a/ci21RkCRQoq0lRNipDCfKK9o2KSWQqsfzF+jrFAp56fnBFeAX+NFlpogOR4751d4nyx4++NY1m
hwa/uVHOMEN/veeKim4bGZJu+QmBDwwRHCfRLCcnCFy6rweCUV5biGRHgqPmEVAWiXwZX9qC1eqj
LFExlQlU8I7W7I50LmxHHu22zsiZ6l8Db2O1vYVFgXszO+v5EhR2Gor0TFiayDouUuirmBBzTarr
RP27vqDsaXDWiJlL7gERG2Sj3EbPb5wJdOawJASR6vK9DvC8DTf2Lz7EW5sosYB584s6sFvwGZf8
FuGA27ZSBI5c7b93INp0Mh+364VM9Z/vw0OwJfXE5SqC+X+4DqevNptAaPs1McnMP62wpALFpNaA
d4ySsaDoZlHcB6GLrCNfq0B0IkeHfuvvhtP79hB5Li04/mr89ILeM9UsHwgrIrsg+XClKBoXoh/w
I3OUCqJKho2jeI9AJT/fkAA51WFdJg0O/BUiLBcKFG/u8kGM3ELO8N78h7K4NkUenSI74clkS0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\FontLookupTableCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
E4hnkrIBAciOp06y5h4wvVc06UYssX0a9WmLgh0Gm7AvFivMM9pVDhuz+0VWy3tfRjJr4u+dVoE+u
JKLcSavpS5dfu/xGpO+gVe8m0+VFKpNdakZnyaRevu5oI7ALGRrLQMH+B/qcOGDu7AoErmC+2TgV
8h+6EEnw7HtK9kAB+cgniUXeKjXfqGfOnm/RveA/wbhtmn3QJGRME9omFpMZxupdV7RnF8X9Modn
sOr+lZK9TwiXC4Pr7cA8Kk53v+TOGxMy4RJxn9rFCcnd8HYyHCECPpKNVdvuOMtpTcdXHQtZKpMe
msg8+9SpeG/UKB081zAWblBdgJlDzJSGBFCs3ZkzVnD9r5mHH6AiDlGxXne6gAWA8P9iLuHZPNBD
shJiRzcj98/w3C4ET2OyiebpUYuvh8CHIyJ3J4+ZRIA0E/z8eE9vuVzn1YO50ed5pFckjs9NJxMj
IajlDe7lcioCQm0SXptpqHyEfr/gGF3+uIS69rRtu3YU9BtiSb9yciTc/FC88FvNAZnnxeIKl3DM
FjKW8ihX0n4cNhNqDgbZngiWNcOVXCbO6YYZu+/Sb99RH8I2QafQlV9PUT1BI7W7UDKXrEULq2tx
caKgmxzJDo6gGbWhzLF1nf1g2glRXUiBGI+bRNDeQPkxA7j5xEE+JcD5oiUvPsAiIpfbmZb3fk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\InterventionPolicyDatabase\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
K7QMCuXbEYHeJv/5y5KmzEKffI5U4RqAvcDHtCUlRXHqD3wNSdlkDfHT4q/pR06neVufy0L3dCFBr
pLhVHSNKkr40seBTzjMgLvkCuCEE9aIWziHxZY1JpfUiOT287n7vfbeHjN35vrb9Yaqei65c0dBo
Aojq2WgvHsGfoKY8Eb8x+vHNh2CsaHptSH8XmFtyyrwT9xlyTwfBZMmFHyoEK3HrOUAznQRfvCF7
h7Bjd2c0Z0U7No+AU25BjvSJ3eq4bhxX2NfkxP3P65pxkEYglPC0vgHYx3wiGKg1yWam4CzD10L0
iBZGlndhPoEk6IyJ4S8bkVOrwl9ip0tw1HhZCcJw9w+GmEduSy0l2lopRR+ZYdFco2ggzIo717Sj
CNjAf9cSbnPyuEK69wW50DgBMjkci6xmUkj2u+qGOBRyRe46I8BcDznjfE1n3RYHm0mscPvw/pUx
YowAJjJIJDXQ1WMOgiCaALcfVJ0s8caCq7Glwp72Q3af/FbZMte4wevJ7fu1Aq/sTk47u/AKpz+E
utNILrLsgf3OwEQxlNziGmeQrkNs8R2iQsw/0al+YhjFDTHbbTH6YcMgoTS4APOKDDgf4CjER7bX
xGR9BPvDsOkRzzkEw63PYWWdglE2IlyN8YUnMaoTQFfVkNcxId1AsW0ao95HDxKvZYeZbwlu18=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\MEIPreload\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Q0o+EAozii6NOYWoGkwsSWjnkI8/M5NyGkPpcAUwURmgNAWBC5GoDevQf4ILfXJji6ZjglDlS7rXb
+sCULasNl6ybBbbiIOwi2bViL9fK7uRNzJp5FUbPn05Wj5H+nJrSEEiCfsC+oJ5rQGBWkk0DBQke
1bHhEvU8yZS89nX5KCaHwe5bPTmPHTQIVo/ifs+tMY+osM0/nvak2orzImHzpdKjKm0BsscQjM3F
HubGqyj5ESZ8hpvd6C8g85+rjkls9ktjoXaQYyKj8dBBHid+XH1rUd8HlMMinRMndSZa4U5BO4Zx
WZK96SeRYTdaQ1f8MxdWYWsPV36MrDimGZv4K8VcswfqicZXTfWqQYdE0meJGnk7mAbCI3aEND6l
CCG3uOljOQbhsxShNuh6sEVeUCEsbIolX0Vz9rKqT302T+OGiQwRXy8mEK5EME04naXEGNsmrZyz
NYOOHHnBsNSXNPhQEGjHDqeFcnDDzzgGU6c/yvTr3lL3K3LFO+vhIg2S1lTFG35hx06fLzW5vPnY
DIIvA+2E/sOS4CsolZ3/oeB8B7EPfUsS2DMf1VDelyZlPziTGfHWuPbr1tpj8xmE7bEmkoRHhPwB
AxqUnYgkX6ce52sKjbYuNjrOFcppdtyfsvs9dzKNQhnFlWr4JIKsTuZqlwKtB4eZWk6iFiF71Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\OriginTrials\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
demNvHh2DG00OFfEwVmNMxWVQewu7Gv6QXTNWSegkJPHt2OjBOk5YGEOp3IN7bvhiN9IJWWmqYzTS
8P4kMuyn21ppdYPz1l7coZYeMWgbHehv6XEZXgf/GeV6+FvbdB22cQ+bQ2Sy2EkQyeWuG4RdNURq
d9VLEc2onpHA39wW6yUbkVE0KwN6/xUrwY36pPI7pPmoB5ZBT7bE++Pt758Q3SK+CF1emQBGJNrB
1jXgc9+Nqu3xJHg0+Guib92JHHwsfgHhvQk8zRy5/EQwJr+uVxXUVc4wf5tIw4PFUll3d0lzsSxR
V4miKVokCuRqVGGs3jr9mcYIWXhpSZAdDATy/UPo6+ElB0Sve1sdMJJ+cKex71kYTgQhDbPLxWpx
tG7xPwGJmEimQxEH4j314eaUS7b11s0X/UQ5OnFXFpEHFmP0UNp2w8d/pP54KtOZ6AOtusCnAR4N
myTzgHYS5bXiZ5hPX2Ym4zmjm9lrSJYgk6RJY8nT2u72hi9j5QuW3W1kFVPmX6UJUhmBh35PSaBv
oSrq2sCUjhxn3PHFJ1jZAlc1HIE2ZYN5uB9VuQGUZEhhycVvX4E0+9f5Zm2yNxcRTuSXBNZxp7Vm
9h3m7xi0pznDSg4bljEOluUuL4Vw/S+TO9nGJNS7lnU/7lBuwFagMdDXRPjmUaW1S/SvviMlVw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\PepperFlash\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BsOeH0FyWogNsLoDI+EL9iWXe2Ts9C9zHHBB6/khmTS6bIZm0w4aQrq7kg9ePkUhDFsZaRwIktMDr
WKu1HeBlXb5REtxIMXXo8wDuU/ciq//ir7ja6/s5qxD7MuHwXcYf1qqvnLqmQJDvGTIxWgY8qhAU
fuaVjGNI5AtkDJD0mDJR4dia4sAM5/jrppD2MhReVDhBm5kjIOVI8qb9R9crhpjWLCAIfvlfYIem
rzURqBMWkXJ6Ph6BGu0nazj/st9tTIif2EwVPpTot8qldcxOA+51VhTPvqXz2SxNtSaqY6RroYOa
OHQwi0j9Y04lFdEvDM1M3inCJslACZbrLqb2/fyErATsvK3fZ2aTEqLiQKIxQeuKDOeazMFqVSTf
jOt6g54gUKqwevEqJGsyNLwImijicK6H1fQR4gm7A6xnYyxyEu5PbGSmFxCHkBsePAU1EHwRLut6
/6IH77owZnnxo8vZYmjevUDaQfXIBIpFI3WMWcON5rbnqpLWplMK/tcSYHhwv7sNPY5kcUyaEItL
zYado/fgxeQjyQ+hauirPaUdnOzZrtLSiYa0VKCmEX48E6TaTDBhlafR0GDGftaZfXJSrN/a3zMf
vpE7tXZ12tH4CeKxHbaIN02RHJfC0RYcg9zztDpiilUuCW2A3DuDI534rxRHZYmhUnFGZskyko=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\pnacl\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UQ8HX7IQ/sFEgQRX75jHdjRyuMLV5iw8qp7LCNCq+a0MHta8KXbItvRnszZr5Zr/y2/TQ9pBkB4TU
PJWaPAZLq2+e12k9O3r6/jLhJXCSPgdkVqsllT1tbIKG95kkX2eyUbbdCAbuq1TvbugJW08dyaNy
wFdvJUHFFfSVMSmS+8hB1S91aJMnuHWjaUE2mlCh4Ow5ZwJULyBjXipe0st3cGnTDKQlJybzQSw2
qw7EN5QFpFdU3m8cpmjjIrraAriVbASuczqTtMqCBvXO3gZDEcQ2MxsG3K1Zo9hIzyo95MDYswWg
i0NnsileQv2uLB3Y3oG0fVojeQ8t9my5fjlzu32ll3cTGrE44uObMYdBZbC0ptA+C+aIbfrNnHm7
tf/f84HCNXFCTuRhcDoO4tqLmZMuOyxwVHiS+lbwbUwlG8zexp0JaT3yRdp0BMEkZO/18ugWs+VN
OKrlwDDM8Qay5ZFgNN9egYvRZ/2MnLYDno1U4YQyrdPcSq7ILXsmhE5y+ZjWPe9d61UkryJhVHO4
sRnZ7Sf7sf9VLG6hNaeSle/AeONaD0L0xjY2hHZgfIUcG/S3IzXIzk/tRu1d8S1g3ZspfYkSEMrM
ciyVspWU71dk0yEnbD5hfx3qf7V+8fYANwiibbkPCKzxT0ijMRAS93vuaIxoT4oCV6ABmAv9Og=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\RecoveryImproved\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kAowBmTrnvVfMph/3jmSPDHYSCC7YHnVTekVm2Saj8isWwPVtanHk9/wVIIOjTZZFxpUfmgH6h2/8
P1tkWDRycabmWD7qtdirINDKc9/iw1IUdrqTZgKsX02F58GFq/6lqc0CnUqROSXVfemH0KdDLOQF
SwWspqasgoIcG4+J94WP9WKu6HYbUiP1LOpGUClbQd2FpT0uSH0ETPR26+0jqFb3gnczbOtFPxW3
qAMkrZ8FsjEGfWboIulza/m1MfT12H4KDooybg8UK782eGS6kRq9aaTdLpYC1d8roCoHmp3InpDJ
yL0FCayfBi5iWBT3O23kUTx8DvbIMXQmi1CPXW61TJEDDNK+q6bv/W6C9u7BprMaz1FMv7Q/UqB0
jgwAHdPqaGjXjE2N0amS0imYRiZMFhUttTeG35CSn3EidEmgprYnIzf7SiHyYjrRnie8MRP3e10a
Of1bq75emIDA8AdM8t2OxiWe2pI/KNr1s0BdbqjYP17eJ6qoKFXhrJ7Ds8qMd6s9wKUTgIW4COGO
wy7pWCAjv0TMgZAaLsffC+drrUR0GJQIRuryBHHB9Om3JgdqitGaiyYJHbo4BnsxkJf9rTgVxXPQ
o1MPzWfe6BdDrl8QoEh8w+V4bTQrtSmyTbxP/yqKuz2b9QIkddSaEjVfsGpJr2y+oWDjHwxccU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HS4osJWny15cYmEPjQHU+6fMAVziyJZBmd5C9ldt5gCNJa01mNbbN9rY1r7IBlACru1iZRjcnDwrp
hQ6FrmldM+hQ+fYf/a5kKY/wacxfi0p57Q3fZBifG+K+3/uC8NAlgQu3/YddrlumsXYl1mAVxt4C
no/Fqk7M9B1vfuEVCJvqcTtKf+0+2Bc0meemQhJPh23Qop/XChGznX9GdpRXtL0tTY20wVlQWCXg
78+8KObGYVqEh2d9c5OQlgYnI7TdSr6tl230LgAVZxw5V756E/csn7+h4kYcnNH+TqoWBm4j7Qq5
5q2R4BSooj+wEVHR0IjHhLbhfL0My9VJmUp+dZ0ml+QU1bHkiivGueXD/L+4duyUZuzmg4ADrElQ
eVz9kPU+C2an1YN1JlZ0qZJPmM/Q+4+QMDHOAE1E3AsnwdF3rjnGmWWJ5VNa5Yp2iBFka7cxpwIu
pTj0cP4TXtnouB2v6vyWE0+MfxsBPnvV5TAD+RcRby3N6MeNTTAVk1pUFsRz2CuGZzDy6BpCHVui
36MJ7xncfJ71BCjTXy9GxWvliR9gaMjxyQ53Ss63nTzZJUclhb3QHJmr1KCuXryBQ1Tsn0UdhXNC
w/4Gt9h0HFcc9GQX8iul2TSKgpsaPQ5+CD2EybYEnyE7NukXYV5qv+ssdd0QmjfyxgYD161Ny8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SafetyTips\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DG8EJX1gDLYgawbjtLRQUNchGnJLlJG6JBoj6XQrsI1EVaDdKhiNy5eBH33Avwzo/r358DZDP/QL6
ntFNdXlBSzGyfI6DQjrO5StcCCQTl4rTO7oIVVkfFtHl4EqIVHMt5VYpSv9JPyt0pNW+z7okbZ+4
Jv/9Ls879jA2WMUnHsXr6IDUVK8muBMaFzhARNM4aEaif96syJMeva0+pS0spSoiT11IPz6izNA0
ioGk9OMAfyHLOiDmM0WsrlYwXDoqgXGbf35+QZYgcRWduJjXKsYiCHSfttJOdOmSmMAZvAwJX9cR
fIhoVlE4048FbuAeDTrRoCezhPwIxKm4rX2Pj17gQoxFjN3W6Ifh1FIhTgELZaVubz1bYyfd+AvR
TN2okQNxlfvR7UwYFxRsJ25qGei2c/B7WFQEA54r+AKS7ibWglzSvHaq13Q6WgzlXbgpvR2FsQO7
w686rBx4wo5nsxGT9Lzlfq2wQvwTRYz/7KJEuiFUwiSd5VyPqCZ+NilY/5kmGjOarj0bRfk4ScRz
gVZYdujTi7p9I9sbVv+nftzmtdMHDHHWGC/u1ngIrotq6b2WawpUO5LNVyYY/GOCV9A0F5dvkdwn
xo4XQyHzOQj46sfw+02b+hUy0xy21irIn1mieQasKqtJDFoa+S/MB+0YpOEgkL/oT6akccV4zY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ehzJggFfMVQbffU6VS5ekQaK6kUQu6FR73+us//ftVPewhmvPHnNUY6WoiN6ulUtRmxTBwflAa0F/
OqKUpWhqbDjxbDKhEcgbaVInWHw9mdYdZgWh0q1ehkfQ66tilPrSGIXDf8AAThg4cpyJjHX/RUuh
gols8DnFWVbmrzVL02F+h/B+Orx1YQAxghQBlzBTYll3M3vs5KHapksZPG+bMQ864H6X0Oa0eh9e
+WThe6ah7Ph+SiZLE9MW+gQQyZruanO+qYlRDaDY/vkCDnBIw5dGGficfndkmLPQQMjKhWb3Pk2w
+8CDwJYqmtIQmUiISh6Tv1aOYFkIQUJ2NigqlicWSRxt/7HFNgRXu3jWHeJ+RX7MSY1FjMLJOCQz
Tei45SYT85cNdN/yrMkWV3A/QY7HoQ4QHVYJap18413iyzOjYzAD/4zJKGrB6nD9UGoep9NUseUS
Gu4VkC6PF3PnsG1Rd53/DA7pArUPjVAb/Irq9MJ4TA7tQglgfpMKItpN6Ep7G/ArGpt4uRGqQ+hc
levD0TAZIBHFKR/4/ljLTLJgZmYD3ueiNNIuaYIL/YDA+WKCn3bkOb2ByBxbgnGn2DuaARvvCK1X
ajhxKo7TfAqQW83J0A2c/51nz73rftMbU5BZXTJQ6C07qxYfMEkDtuLXubS6QAkYoF6yNLsd+8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hbAz0SjPptx7pZgNXqRZTIjcN6jsvVldX39fckaBoY2TYIEJmK55JQPZabaXKFVXys04seX4ghXFf
C4Wz5E+aHGbF/PFa/O16Jx0GsBfbs8zR6zBg975APjCfdiYCuE0TJqmQwG/oUt/6NxrKS4p72M4W
avLpLuksZrYXjgJ8zn7jkky3pPYpGdm9vxhynKzrbu5PbQZ3dDtkLEZUxceBcLxbP0nfrwv3xAAZ
OH1HJat7vYJJqXJmKtXWaGwM5S+87a0vnItFJFRt2pG6lZ690sbRg6/KG8YkaQ2qpOSiFFwFbdqx
rqAxliywBCupaaj5q+5Jc1EI+n6kCzIZQWTmkPmCRusA6ECJw8c5/LsmHSz5bbQLaHWeSXKIzsOd
6cAjxnkyhQMDvBOWO14TIfAuQyho+1z69he8icE7PGztBDQk+4dTttybWS1t4PjkVvY97oNvk+kF
rE21Dh9Qdd/uwsufPEISklB6SOSW8PX4PFluHaYRzDI3fq2sa/nPjibVlyATnyz7KreEzTPachqJ
y+R0MiGrv/UFC+kb6oc2FrzQxEEaPAKpDcBmAn83mHjmag4imicCkrxOnG1KHPF8VD64KtK5QdaX
+4Xa9Gjyiixst1Wzy7lQVva6Az5s+EIQAqK0ZIZZSZPGV7w+qGVnoL+gBU8irNbQivfW+pdpHY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SSLErrorAssistant\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TsZF8Z6tIcFIc75Mlt2pLY/NUWiy3Ytld4cDd8dJuYjQYjNdKY/Ktv0wg+9hqae0rmpu+36WRU0+5
BzZEKcGuwlEHnaJApoB7pvpTkZKssyox8Be4gcLngjpkzoZ/wBjUFkp71yWMnAQZb1QrtWscgADY
CT/Bn8/4QyfuwqNuaptQSUHb+DXF/ypIbpsUf26y9BgzkdVO7OL9lii/P6Gqvanpq1lIxmh8Wcld
xRBSgocAqh643GaVTf9wj9b1kxU6F2oj/AcCfT/NzKF58Mhe5KiaIMGdsAMiwL7rIJIG65tNgruH
xMv89WWvPVh5wB3DoVeqzajQ1XU8adsVjNRpzK7MGPGfHQfmxfmNnK0CG9UrCIACVPWXYKf2rW+P
7cTyksiDvDGLCpPnf+a0bwHV05691oFU83jcFp7Q8yz84P5AE2DrxZHtoxEqV/UNx8qCdBQkW6u9
gJf4Br5Jf+3IdN9nSia83evHnL6YEWxQrDs7Ia0OUeadyLBY6SVNzl/uDpSakEJW0tksIx9u/00v
PkbG2Qg5/2nsmdR7t2SEzhxEdTLN4n9uoM08/os7cYgNcW1qvESRkNwkD1KGOULXqpNsHCQ0yGvu
XTbU90zZCQ419YWiEBg0ugpBKqkVvms+1tNk8CQN+nuRQxmxhz3VRpbQTlj5CDYuiFDaQEtza8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Subresource Filter\Unindexed Rules\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WpaZiszn3mMdCla9YDdTUs6GmKWuKtMGLp727Fu65y9V7LWdh7n14ei+RZmSD9cXvq5QXT8/AjzLi
rbDJNefgbtlHhWxp578FpP78/XhaiARCNrd3bltzgiFCSirivtGeMO0QnYsrVHHe6eyGpGhOZ5uF
XH4MZpxiPXY8X8OZqDvwGbF1P8U58lDOSw/yOifgCR9F4w463wCHfrg6gCDE68JQ+QEYXb5wEmZ1
vUddSjZfK/F/tEby/e6B4pzNypcfF+ojifOvrsdAodDkhIPdgqXJyQeP1rz1PU45n1LsHMOcDS8A
2yB1JgibfrXcWsa2B3EOF0vS2d6GBajlpAR2F+KRyJJrJNSn9USrZ311MVK+TguCw8m13gxrKHdv
t40y9DBLeFhMLaC7pjmVwvHlshjrlvzkb/fCMmlcTqdX11OACQm0acXqO8snB2ES6EjvbKeMykRk
cQqyWypNrMNgXe55ttxQLaHjghfqHIO09XF2daOqvVvC2/eSo2O3Ri+9ZkUcXuDHKZZxITEQSpV2
5YV0n/MNw4dAVZAS02Xwd1JU3eASbxau97BwXIpC0fnelxOV23wEnaOzJOBChPTlilUhaoj/dz87
w3j7o93JY5fcRPED5hy2xIamCVVBHJMNn/dODL2N2Os24vNTPs251XV9/WWLgUV+jNvi6rtlec=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Subresource Filter\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PGH41i2OqV8+Pwgn+S0rSBjj9GfOFNTYezu7Kvvp+C9fz+XJJkgSha1RSRst5uETSTiS46iSvPuMO
LBclJ0hyF0SzqhhLmZ/5653OAT42yP1owggaW+d0h+/u3cRS0SfNIsI5/dflkxvc9HHJApYhd+Yv
0RWFdK3dfsRevIqYt4aBHUJitzexfHplYtfy8kmLESDVu4jOzrvYQ40w1h+DPhSuFBcwvxXoLHFQ
LYf9wiY/fwybuu7H5TXptwNCXQ2OLw6iJq+XohqCW2TVT4s37kULCAr16k105JDc9WcJ/TGjVkZe
yvJoc3sK1FJiaxCsU6lZR6SDoMBfAROUZcYA01VkQgkANf6iYpKnd8Cvi2Jt/AEBoFBXNZeYpy1I
39zmNWuHnJtVW/8XzqIOZ6L1yyrTeReZ2wEkpegyTUUBSneQ6RsIXsATYWwQZSMk6u4QDrltIOtL
qn6jy53Gxgpc0cJtIxKvw9TR2qcc9dttj+QlLPiaBYDmWqcnMtSe80qlzPBlfc/U/+h3ePnp+7L7
GP1523oK719UXwACD4rOokayLzzOIjq1XFndvXfaWTe26OLdt3TTCUCiRrJNGViYFbEMeH8XEwVR
ZjXq2MZHVI4YGB1s/O9SiFTXhYjnGV3PQsPEQMW3L5FhGL8elJ3sct9B4QsU8KF/V9MMmwwgzU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SwReporter\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UH+oKt8Zw/1u9sIvnkt4DEVe2k3nmtDZst3GIUcQH1hfPYPLsPkHcI1ozNuzhfknJgMe69rDEpPi3
sUk9jpUjTMgtQFCnSqZSLiOIMIO1WaZIPkgK3HF/N+Z8injtGbZ4K7oVmqNdKITF6Gc4y+Sqf1Us
H4EDrtznVriVUwCe/r65QnsIbTpn0rxiBE9EZFkpkjUTPHyu0obnGtcCbblG5g3Ea+3hAPEJK6YQ
DzJFcNOb6Jgt+f1W0kTwspWeKfSojesHw9aVN/RqjdqHlwVxA2uiGstEPT6z4VlwSOT3KEmgOAUM
weixv47sotGO66C0Ih8xCUrdgCwdnU7dJhSnSryAQ9uJdsQP2/Eiq6m3VuyNIOh/RwfpP0iWfwfR
/hjRP4ChN7W+Va9K5J1pDoh1G+qjS08CpyBIb8Ky5TESxrJ9Pm5M/BWPZLkWw3tvpcmVYCiZgQlE
lhz1OjDZ9dd11bDjcTRyi0bFC2ivuycUiidLWMYIepYXFd+V0HLgeBFAVYgl3M3eCtworLBejB9A
mEV1v8zIrYe3WI8N1sF8sdaGnNffkfkkkL7Kv6o6xBm9tzXRpiUroCGCZA5Ktp6lmayk7pr0qNa+
+qafiOaTJhAMflcv7vTtvIDcc7Pm8p/RKTviNEKLaFk1f+6lNnHWeUkPJa2zcsEZ2/sH0DQ8wA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ThirdPartyModuleList64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kMkFjZSXMB8vpcOeBpU5xOS2u4+JxEBuC6pmo4FcobOfcW1kZvB/0FopEf3BWW4UaUi0nAnQbx0Sy
J8T4UgKamrQJbniu5G/aDEk7ZntsJ7gYeycZ3Jk0fOhESBOr8TNhzkLcPBEKrm/zD+dFJOR3BjdA
ThpLUl64qV1XLC12YLIf1kp1KMVG2skavXYQqAg1+XK+y2lTqQS6nodS9oNtVBIiAiZ7jg5mM80B
2DVh5xF3TVtjgEkV2AfFWWMufCILTPck1lBvXgobNXPerk6lni2bet3iL+B9+QRfsalutQYYwv1Z
/BZOBhp3uto+VU++CpyA7G3tiKA/ZPBnXxGWkPDoO1WQqVDnYxD/ZnVmp1jjnURxipnH/ERlVFr9
5qwbhgz4HEsTVMJYSRCPD/VrJhjV8X/19bV54FOQEbulfXbv/8hDavXrVfcHhN/gikDCmfBD6C8+
l6S03MuMmhhZzFFRC6bSpetQo8DUq9vxQ756u9WW2kzkkwwcbAGUwVmwRZXqaBKIenmoXLz08qdZ
X+jKYKBbv+BQel/6Ds01RijtqewzOYMhbTfajsK05CjvRn+XfyFWgFDb8uLhBNRLfAXKQjBU75dJ
NvXQmPs43yI68ZK2q2ThpRVjIurgGcWmeBu527yeUhsP2C+6ktkJjFTkD8WuCmz7L+DpYVhnpA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\TLSDeprecationConfig\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mLzXw20IBMuSLGw+6c8RVhVaLzlEcuE6kOAhaxJz8SqBkm6iHudehErKFsskVx476L6qc23XgXtrP
nLe8LN72aoeaZDEdsg4M92WaQ+q5ZVTluLFNT3fSB5dakKNe6H3mjiIzWO/kTZB10Em8oRnPQOHB
tZDEqFvDPFVNa3eV/WoJsVGoz648gq8vOTP71keRsJ5lR9O20mdBIAsocM4sY6PtssL/HvSJrqJX
8OKOs4ZKG1UekSmKu95UV89gTsCLV0q/PbbpVWbIlPs6prG7dWpwEOuArFR8W5pQzO7KP+UXlmNo
BNhpmIpm14kYP16nPoe0tJ9ogjEtDrF/EDk5Jr+1F35cFpHRD4oEHp32R5dt+sCHvxr7DUCajhUu
DB6NTcuEUFaol6wdgRRdXqxBaHTFhDu4zsZu8w3ZVoSw4OIkgLzZ5gwh7vkT3S2/PVZ0VGPnn4ak
NdL+fTD0melbt672FpvbXphARInG+Ak2gKmlG1OUBFi21uIqcDL2ZO70gnlCfKVAs5L/jmkdsTnM
uAvGTlhAJFVBuBS241hWsXxPaT9qcojplAsEJySGCjZTAP3CP1X6ZWnG6VIBAdsOQ1kY8bD4qbJY
2U8Dm/5Vz/702FVx0ee3uYEKrs0FrFoMuxxkMFmzJu7IXqD22UZv5DlNS9pIW4ZckRRUYULjrQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\WidevineCdm\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UqjoDwcgMKlPrFUn0o+n5O88S8+ywCScVglru4PGHnhAYK87AA2AN/UYssFhgxp49dJCAkM9Dh9Sp
J5Q60HqOfQLkZBAoHpPsGIH84V4Bh/U547VtL2E2CO1TyzM/B/1+m8kkCCgPfyW/eA797pClG+GP
bY+IuAmyjtScdJLfwPiwsFigpGipU9gyd404GyFnWTnnRSKJUkXWXJdJJl/LjvE/Fa+tRhStexii
XGQk7R18PfPx0F0SYzjkGieMzLYsV29gYJ9/qoCNgy3/in3GokqKvKzVhUvJuQraj1lDEsuHlNK6
3nc+zHYm3QtJ9scgFoqFJIiOSBC2Q2m26syejTVnslmReotn+xaUJidTdIj+qsGtrW0BL4JujJ+Z
kQAX1LuVejiw2qiMF+PVT3DH8jElUwt/ZbRmF/4yw/ftcwsnp8u2cdlUMEjZEFxclJOdTFMJRU6u
YpaEIo0VsAeIVRdtdHq3nFZHZcmxlyITfPXTZlABLBDqsgBI8U9lfdlnPKWjeGMZmYI6hcoWdGsP
o+DEiyQTjsQqMmy/RtRv919l4cWI9H++v05YucPQVb3UgNsVipVBxAryP35YwT0dhLeHJrLApfov
mVKE12XhKOCc9ol8pdPpUyOU70RkuB2QPW0Lqps3nGO17l3mmKgMS2KYZ2p/I/xplha/o67Nt0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Unod6JbGSm2fZql7KyPACu8C8pxuEJsGUUT4IPqkwBwgt2Lbfl8uOOvYh0r98ZUSiJLH68FSgbmCS
UgH19apjQzDZ1zgbhjVC7C+JA6ZcGEGVAo3WfUJyTPwpOl8jt3tif5ZJ/LV+ggLCFbqQ1PNxY7dM
FXlWRV0nrt9kMlQnx3iAdU8xwmNxV3BTQdtjFx2HrorQWJz7bjF3cuekoY2aKlT4HB5ElfPDnRVE
qtE3fYkIDoJrybxHThrrwsuejSg1aoqQJBkWHPL8wBg6+CV26M800m73kBDsplxwZrPZVCqPrFiV
h78Fkj8bpljgc7egPLrQOro++4dlsZ8LOZ1nRSikRRduLiCd2+tJMwa337M7Mydfch9axT//kZXy
rxevPcUh9nwkS9IA6scMwZdVzRXHut42aPDyk8RTGqDoPYfPQQMXK5rFTOdJnJq4KCA5yL074x0X
zQ2Cjb1/SY3jNCxU1c61jGLju3WoUyvM8UTci019XrP+IiAxmpqlcUDd2QRGC1vRwN02i9hFdcuB
96b6sFb5V+Kikd0+gzBl20x+M9kNOBRV94DoHedYN/DudO/Z9JMJBWWa/NMZCTJBJ1ZWJWNFGUBc
1+sFVIJPDqBYVGBL+KTx0TlrJ3pgJnZvB2A/TAcqudcQsBr8EOQcbyrBbvJp1A4waV0330lfLs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\Chrome\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Z1c8sHeohPz1GHHd28qPj/gCNBU7LKqAxnL1kk/O0kbxdqlTYC/XU8P1Frpx9iHTOa8+L1JEGmfKO
3ir0ORRw6NP2sYGHjo3h6oL/85nEX/G0a4K3XWym7n51Of4fs20OqoL3f/TSk2Mrbxu9W9c/OyCJ
onGzaKaHrICYXFBukhj55OZsHOXcvvY4LkeqmAji4XGpSd3bd7ab+qrghDw2Y/rCebbrPngqFhox
kyo5os38HFKv56Pjk46pu+dRTorlomcqN943VwM5r6KR+ybiDyHebFzZcDUB+Jt1yQxpejYEjxCd
R+BxNPj9aYN8lpIJAjb30Y605tAa65KKjgRM9qbqxH3S2U4S/nR9yKZB1QNtEhCahH3tcshokYIl
8+xyqLighsZimlB2CepCDZQ6nqk5IWdcDQV6CWpLSxVBqx7rxFcmd2Nc9tUj9WjFj99cSwPeFzC4
c1oayOGK6F6+Pw4P4jFxqvn1Ni+mB/Mxhf6TpnxSxoVy+jqq6XVB1QIcV2czwnU2dAzgj3co+2SK
1eT1zTYp6NUDMDLNFlHisDmpipDMNizXUyclFVmiNacNtg0osem7KNDXPDncSaiDU87Mt/bo3rf6
aESzf2lJdunlrSrIla1U/NQx6QuhBK05miHrEmm5XfzrBgL3Q/aChVO/Y9V6LONhwjoF1RCbFU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Google\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
H2wUW+lYAs3IfRrMAbgbzGlGuU7RAy99NTHk1whaurojn5mP+eN9URUUwlUiG5zo8f+KRJGxn0EOw
Y8idlK0Gn23jwC5vzlLk0xTTwsKsxp6Esq717pVxI0wQfcp1n7ZBGmRInAjz6wJPZQYJ8+7qUf4J
Uf8QjFWgD8Ly+5fdYkQvGxUAH17TkfPxChabxPbb1FK8zo0lZ/8ezeNEwYISk+WyMrY1WyJQN6Vz
yzBIlpXHkiS2EuWDlMGfFSlrBQLIduwew0LGvhfyewLEOUhq6IlTsw1JN7DxMF0rDrAuUIwvS8J7
zojSysE6TNIaZhnTCjAD0RX3rqnnFDybyzh6jLenruQFNvsQsD/kU7oSurBQb0s+Ca+tkkHmeWRT
rw+AjWaCbjDyJDsJmrJXYhppGbN6rtYyW3ed+a9MQc14+7DFRMp7MkX/+jrmxovTCZ0m+2EtMN4y
fVKl6rPQEwEWUtRiXZTfhM+QQREUlevJohIZichYsYMO9YYZGaWgrBZ8nNRTlnNd/o4ly++FpfyM
9KvBwkV8brPvM0J4lP8sYdxVr9jbc7/XSJ1qKCoNExKRBYfkvfn9O4437X0IeyaoI2YR1rrjxhnE
BuezGNryoWtMSmf48u4U8QumaAiLehwF+lHmbCPEj+TF6CEVJi7aAM891CjANS18z7AOhdifW8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Credentials\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EDrHc1rLzOuquik/MDnQPK37KMV7PRNOsQhFuC6WZQq8f/y/ayxlJRSUV4wGN575PQDJUhoIqRz7x
9X1uN5QpwilQBTs4hgMC7S1GzhYZNjA5H9PV4CZAMOuRUJodo9Cuy+kwuEt10mKrVuArvN8S+uy9
cxd+4q5pjoQvlIlnldSrUo6nhsgXqU5aZo5EyY0s0dBY/UrQBV31PMoUGHlDwuC29ZNeaVOG5iwb
FBF3eOJqSCEVkSqRXQ3T2WzjfGGUzx2hpSPM+dOet1XZQJOkN2AX3lrjhjhgzhlZpE/kz1bQv0/W
y0j+eAT18HD7bL60/3GelW/KYO1Dau9z4D3AnaKX4aMusk44NFXK0jO/8AC5TWVtFgXD3AhY1j9H
vmXie7tbRDjopijpqoLMisDVsa0k1Yhf7MS64uJOwV++yRlrpGgoNReJ0+2CpjuOdo7SjG2Hk4w8
D9FMegkkCf8oYkmTFv7Wvva1dnBD9ttk2JsdnJHUjSIpX+tAjHLx2mlr7UjVS1q7qYL61iehkpWn
f3/PLlQUWtJQaiW3AUM1doY4q+JTOn2biTcqRo8VnggufIUCoZDg2ZJ8rCufnMZjfMS1LxGW9SYM
5oebxFJcJDXIeFjUvmA9zQxrcfD51M9IXQUYWO9HQul+nuLDuFEf3US5seKh/DOocNOo1sxGTI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds\Feeds for United States~\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TqRwNsZn09cGI0Nnq1zWZun2zd9neIoo3v75GA2nNSnx1pC+7fLvW9oCRR1e46mJ3pon6txXhFn1Y
1X1lZ0paeScUmnab6XczmB95QYn1yKhWhM+P/jbmtZJBrrXvyLupbHmhDZSY90hHRX6peJM4NVat
6I6DWEror8dTcaftvA/lCMIUy2i3PNnUY6/5dEuxiciPUlJ1OdjX5qaY3jMtbn5SMtbMoqe7hc2e
TtUNCWwVaG0PUrww5O7aw3RZvP7oQAhl6wvZMcrzphVkeTFwIigdj/P8Dt755dzkYa5qRerLx3OG
rElmiwPC/AO5UXV0EP5bFXZTt3qsxe8fZzJ6yZb70aCeSsDGl1pSiZX2tbwFbYKMq+5hpKp2m9wV
4xGC0xsrn1JmTG/UD9ehVMmXfe98jIYY5FRZvp5mVR1wX6RpzAhoeN2W8uW1IXjZa+OfixMAMn/O
JE+tATKvlSvT69Ce18Oksw6IUq00bangkyO94RNLz0BQVqOt2mTlLhSwiFq1pSE6bZ6AAytU3EZb
92R7NATEe3lSLNLTNM7/ybJomn71TamN0ttqvcHVr5rkK63QjkdbNoBmI5Wrx4CCfWFwdNn11Ibw
sZUHCpwSJfeM0kU34gVGvErFpyF66lHSFjvUkfLx+T3ala/eZPqtJph0MnguTqtwlh2yLsEpAQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds\Microsoft Feeds~\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QFHImYSvP3nw7NXjiYc1hORx8hFD4Re0LbeBZTrLvYo5tpq+OuxiCSg/YZ+kICFsEAIxgwdUyV0ma
phIWqSN4cCIs7wjUOF/+1dbKML05AtgvFH9BPMt5saY3fodKnvYxKwORRHjfnCYIqu/u+C+/o8Rf
kWYXTJFUkiqjJ2xPXrxaQHy5oaf8dMlKoOiKEoUfLPnGTiFMKZr7mPPJKKFpjFyy7MTILb/U76Ti
Clj7j3jCoQnMOVXy6/XzfbINVENnFSvxhUHqAxCp5pzJ8RlS3WDTiGLfECxmSzjOB1v3O78om/8D
LJyPQn8I/3KMaclgEviMb3z7ycsqLVNrdH4V+f4pG6C3BdtZxUd8KzKTMdBSgp6J+X0akKozkdyL
C4ev/y8IlTXe1YOd6ACltPK9Fep7xifAhEsU49PYxrfjaPSf0jewZHbW1nFASc23Y3vEEtN8Ugv0
69BRpyJbQc6riD/MxzNMSqNKcHtnVcjaJqyipMQh6VLQ9NmfD7JefJnguYfmEtdm0xi0bxlMMAr+
S7xjguzVHBK3pUaCQs6WM20/84txLvO0rrPHmh0q5qWTfryNQetg+At4k+jIZEoPWuItMHoymg0i
bWVj81LTLEzO4wz5+K6Va6YxcJ4KQ5PgqYSC/ke2uKr3fSICLMBlzxAW3dEbeCXLPhXuE9IZ+Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SS5SGlVvCDvxuSpLPwfbD/Zn78pJW4015lz289P0owb/QXlEeQyf8pv9PR/Awmfz7qPctYoe3rltS
5Q/4g2hpwHN+oSGspkvCToQ+ZP23gXj4vveUOdHRn0Oa+KFiKlsaW0j4tzw1oCdhfv+Ld1Am969o
8/GzKmSFdqMkIl1U+b4Qh0NsGxPKf/Z2GfpHcmXgccgQwppW4o7RDWPuiIQadc6FvFj/0aIwaX9+
BapJTRKkQxEzR1LHw6v3Tyn7xrAIAjQ3Wh2sZuJjMitwVx6PzUUnK0O3h8VrYgIpdqVz+LoEUwz1
QTyvbxMijPdV4BFPe8n/ITLalbmqHr+lOK+kzw33/+cxCSFP6gu9mYLuB6Gx96Z1Vv0jc9c+vMpp
OF6KgYQ0s2bGj8UCh/albJG+37BxbWCpc1wS2rDgDHw/GH27TlLB2Ts78fDW0RY98CgvcFZjGfdR
wBwZoxsNvmFgvNk5q1H9RQQCGa3ls1q3vHNEdeR4wbIguI4pugOvOk7+DQwJ/4liJvvPqe7YIhYF
qEvpH0yXwp6NpfoI8U6JnYtOz6OpusiqXEBD8OztdJb0Lgmc9UuOED/MzlA/EmPush1Xql4aT6S+
yiG/8Pavxfjkqb11w5B/B79aKstOuyQqI1AJPST595ZeN7MT/PTDJPqWCH9YQp9Rp5bvQlE1u4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
S7z13A56Zwfg5XATbynb5syDIhEA7idBpxR8Kk6jpTfk09dqPWXk96jI39UD1RVU+p1zBwMkYNV8I
OuKRSA4EAMU8VjDFMeqHfYVsBf1EtxEjrPTX8jreVDy9JvJwaH3bRofopvfHqoFdpvbwhe66g4rj
tk5HAt2Z8nLmWTaZi3E/Qz5GjYwBKwTr7lHGSTnOSYUTBuf0k3pzHBRz0qwsfBtYF1y9g++FHeCg
BhMdIE0WnbQJqcK8Xe/lR6CahWz5RNbgRJq3hsVUx9eaoUdhLp5dWbvumf5ZUwXS8j+JU3yLHXFp
7RpHncBwlud7Vmg/i7NCB6xr0FaGUFLeX6OXWxOdHSVPBlwh5FW3zntHOxMXwWFohZAL6vrtuRcT
XWHp7Y0SDcfzSInPa3ewsCdBEZD14Bo6Dl7htQPrONTnpUOgL0Omk+UrTmkap0zh73RIWuXWeEOZ
pDn+dVOJ/d0tedf+SKISnVlcZUOjj4fWm+JJW1BOqSGJTizOxn0s2odRxcipFj15oTW9eeXZMzPU
6XuWfHEaiC3+EGxmLXSjNmLK856XfNWrmi+wqx6aPYDmU0SujQA58MgretueB5ZGsUDfhH8AjveK
mOZME4xL0F5pVHmdNSdT4EEbpSGXRojcnyRHzEDvJvvl30LL+8Cx0d0tasCRJsU2HV3yq4cNVE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IJDO0DpzMRM/U5MrV6iEsueFGOVQtKEr1cWKJ7rE95JbeCyVx4zpIbz+DEvl0k3WIqEVv079WlRw3
HJlGEt4MoN1lzjz8+9/qxvkIB8ZR4Eoh8a43jNs5+ANAqthFN3wDxXjUSE3KzdRDWEjkAge1CmMo
ig4XOg8y/638s7s/Z7A6AVEUrTTaINoLxvK8jqZyemvO8Glgtw7gQieVGuJFx3Tjzw7UEYPDI6G8
mLxA0tt2aoJ/UqknhzzuThSScC7wmWvwOqO7aiY9WFN4UIAqw1xPx+e65rTXs4ag7TW4I799eTF2
oU0vLlL/Z4zlloSWFy6KOJxlqdpJ7w37m4rpuA4ispgGrfwwIuXWCTVUxkekwR6j7mmVz0shOVqA
zpd97osPnkkSNscI4QBsOBwqhthso8La4TRTBBBPHXFPpqKIkYL5AUEFRCMenqQSlYu0kK/HFres
tjYjmK388dhvulWQdJOSWw/lF4n586iPGuSOULxZc5qmusAsFZ/hUJylwUbwppYUV3A8s8MbMlHA
8eZAz8hO5HE9MJyc0MApP+YRSIFf6kddqahI71NRl0OyJ/A+W7Y7knnLVQ6I822541Znr/4SZtlY
De7VUyX3/KO6fVNhR3O3qcg3OEHWjnx2yAw2yklnpNbJHy/GZ0pJ9emcf0CUvuZcdHwbeQvlV8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\0V5SICB9\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Y8aldwLsk8UHZX9toLLCq7VKLl0c26up3JTf84rMCyDfElbUjAAvJICEkcKUtIoAplj7EDr+9xo/g
gE7aPwHMZ1qObA2mVbr+WnqaaxQAFtFJeWh4tUqbwUMHI0qA+x6efLRzypUYSXvZbESBgmsjxfgq
73ojvDmC9vYiy0ddqyz9hEObGof7Mr7HEYljkyum8akr7A5+Yamtt9AuNLPFU9uDIH51WI+VCkkG
1sXOCB4qGKjeUOMua6x1F158pw2JZdtBxhIXO93c8gakOHTjdAiakIBAnMvJ4/+PVV3bGmfrJcr0
yrLVDexq3RwbiDz2SKw5ugSEJB5iDNc9sBTVyi2QaRtH6kHERXpoe/5Mqx80Mjicjl9UL+T1vKey
/T/zgC5TVZVcs+vZZ97j13zLX+D9C46K/JJ/I54vrKKGWMfazvC6IC0Mq63cvbPh0Sfhl0b0fX25
Mo9mHHCqGVo0VdbXzIGPpYxaBVyq+7vOtPtjQR4CmMuGxm7boq5b5RlzNvsRI7F6jDlFTTiqBwZJ
/FPbqaJI6h9t6/eeyJPs/AlcUtZU+lwerG2BY6IBysAmn9mC8uszL+3UXnatcScXeTZQ0cebYzLY
HwTMHd3V+gG3QFbKitSU72RMh43nnCapvcoHE1Xwd3gpkYHvz4QwkLqeUOOGBNDS+tyjvqYzBI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\4AO3J8KQ\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ol3yQ2iy6Xs9fv1j8CDKckxEvErVNUzquvMvco1DKoXJpjsSv6iuioit/W5/d45tNnZqnkezsy70a
DIfq0J6eOcaTDZPXwT3/p8d/Ta4ISh+hg54PniNk56INBMrpvphiUV4WFFBdjUHdeEtmRt3hbIjF
T4+YRrnO5GndReR7QhhdWYlu+YbzCJ6AaQu4Bh4W8A3MOXRP1NIfwZC/QETwEKf57wOEj+oJXS5W
dlhz/jUgdADjpj09t2r/MIytxVYJPeEFy+HQd8oFT79lgTQXoL47D+uM67Axkqi6aMEyQGDSL2LR
CY7BPE4dnAj8FY2azLnB2t0uENdvxEkaJfKiSxQk9yndmOL6IEYIL/XEMi04gZWUVozgZd5r2hIe
CFrei3o91xzAhZgfdzmdNfwDEv/H95To4FJvT0juLWM8v7JeEmISnQFYRzAraO7VFi98yDCWaTSY
UwBtcfxCZYfd/IQssZ5J+kk0EXghDrsxpaSPsds1iH1miF32ee49lAG2Z2+krQsDXTcLpzThsB2C
nVcvVvV3t1CQIeRj7HGWfWv+QWYdCYN5I8whk9S34TMt04Ng5BblcyGIfWx2iXpfIvhCqDVg/eF1
QzVGqvN95CtL/5rAsKi9EFEaY7P0FiTiOLpZe70vJRkC6AhfgHRkYL5LHVL7baesZb2LPQG7J0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\9YXJLNZ8\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RMmMXgZ/KqKEpASk9wgCREuVNbMV1/PNude2JPdzkqJ6Bc2dPZ+6kHbkCDjaEPAk9lYXF1YNy/LL1
3QZazEqS2EJX3BcBYFfZrpQkCj6g4HQa79NyZHNEp2vA1qT5nQNcVockDAMThvWmHesj68lAAme+
EU6iT7AFSsldoUJmTwXYwgUxKMLtm1Sa0OCuUwXfKmThyCSR7q7QKI3wEsG5CxxmA94qneNm/z1o
nZLYToDKTwj78b51g8erjtOdwZJjYXTMfar/fkwu/SCWxQRyOrNT+avFuElcfMkyz8Qf3thB7QTh
Gqze8bTdzQAnDYKLbRcyjV33yq9wDY9rKZ0TncBuBT2SgPhTNE8pNkjjG0T6XvGqUHydB3G26FAn
HKJdJI++aGZTkWH3nJSMD23Y3Z/gOIoceaOq6QP7oRdhs+V7TARhRagJutHzm7JeRlLp1S8F95a4
o/x+2QWLgnw/oV/B14pVtp5NKOEedjuNqwqAAYgc1bDamvudaosKQXql5L9aTBNeVW5jNEImNhfX
7mcIfgEhhw+Cu8eW7215XTO6E94Ll8YmP+3wfxvXyL8WQ6FP2bwQTa6tIzJjRWlRuqEhK7XUsfFe
ivrE+MBxFRgcCVX8NzeqsdwAtwJfZ99mx+eqoWIQBWGBL0iuaSeDLOrK8pYGiWOyqaM1PYYd/Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\BGF7D1VN\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Qxp5C5mrPj+uqLx6WN0PktHS4E0fMQyNz36FRYSRYL9GuGeBEqtFsVQzgHhHMCV4g0AwCXbmX50kT
SrfSEqAfzEbQHxAOOj/D2mVEYFs4qYsMiUcfkZxgaM4lNo88o/UkuWkoD4P7+MOWDNinA0OF7p8p
HLnhaDFRde0OlDDRPgdnFSqTjK9T7qgR3zquWI4kUQ/fN309F8X9XicARcpZaYkWnOspzptIPlww
3WPktHyqNQ/WiMZ/b4LTbAL0jGKqVtSXSRwpqvKzqcL86Xr4N4Y4SsnuXM+s6LFS45O+6oqZjmxh
XlWMnmRfwJ6N4BJnavU3pmbAuzcA/OpZD/zKi08DE5feLS0XF3wpoFQzH0+NOfcnDv6FzMPxIeCz
bHB8ucHS257BwV6oP7ioHFkjtZ51tPKQix9QjLn9EyoeQZu/tnUEEasd9pZhvsERKyHLVg5mD5N8
cALfN0NwK3hgZkiyg6CHQCMq16aWy8tMM49pxgsm6kJPB9C1L7rqyZFcVoB6CKQ0DaC8TO0UY4zC
JvwHrl4ZDKmH8ogcmub1nCmy75rO9kJZGw5lbMKd7A+JInymQhKvVEgjB11XWyy0MWCo+k6wMni/
c6gcmEWqci6cEI/ccThAvSIoqxxjNTqlu0McVAgmYMsJALrIYoKtTZaRCVyh7BVO8Zsa8N/K1E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\G9Q5MRQ4\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Se9y4htf+tKGy4AUlW6tHagR5dG+5OqpjQnTC6DrOTVg799zoBst2g7828HwQt+8Mpfcsqqd4Cf/Y
5Loa2oTxrVF+7dPUfv3E65kcU3DHrsWS2sfY7by/L2f9sk+uV9DlzAEy8QRqaosqNqv4fWcFM+Bs
k+8yn3zU5qUX9itROfiTiDTJ4rHOiT7hZMADmb3xzktKGVYU04fegqCmLFxWuaw3amPCVHwFWrty
4IWqRnYqvncCHAl5ry0y4Usem7AbN/AXKPQHOkn8sj6v2GN3/ld4qjg3jCRtDUD/+eD1xSGEgeC2
ZOj6M3LsrojUhEOui0C15exvshqzozqNepnkgjMk3+nxfsmwbVbyW5kgpI2r2YdTOHlPGRiaEIbN
2kP4tlW2ZmsN6KpO5774Xc9eFoDhFt4XXHWf19paBqzIYD2c7Gj7LRdsCvjuBx8CdwdR8/aObtmV
nMVqAkPLUeCUENjQ6ji5Wy37gjGqr1O8w/9M2VRdrpCvDwo+ccrhFvPaL0vHwOikzchtkTF4fhYs
g8YyjR2cBbc4U4YV7UPZFdq19gYbtCAXsmsevZDxPclpgegCJLStzyTvegHCTkLnAhWabFANF322
dPx8Zpmr9T6pZ8AdJlKNfc05QU36WOr8KAi9H/gl/cAiuIh6FNj/pSP2eW+oJIfV74OqkIe3Xo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Desktop\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Pimls+nEUjdHhjTfdxNQJ8FgUVJ0AAGcniNXw1rdYGCc7XCQ0yLf6EASCthWvvc6he2rOZtmTVgOg
nQm3ONYKAUC0c0QDFFlw8APfg/dPtK6tUIJcFFl4C8KoLr92263AEWJwKr5AhVBMS7UFqgFDXpIy
CkJmE5Iku3ZWy3wcgfnif12u1PDcpmnkPeOltpxI1Iko/uK+miFAyAZcQf6jTFER76cAvurYCRar
lGek8E5YVoFye272pzbn3bui5bMDY2ElowU1r9DrhMXk1m+R6zeMPeeJbqP2uj33UnK9TbadT9R+
wmj9R0vtjlumdTq8q7Dk2bz1HavJoxaEKue+0dW4dUpnn2RNnLa3O1mRMo8pMkPUufI9K7luwPAW
HTw4nkwirs95Aa8T1aIw/BBS9S9OIbo2II75OG5mPbdnPhqPI2+WHni87dystcqCgsmBkDFFNj1V
1uT1w4ATus0Guk6lDlL2qsr7LLrbvHI/Or47PLpWx/nwxbaJg9/A7xnVKkKjRUNUmMfOdn7wHeqz
IaVJ4j4aMJ4y8A/v0nFXnYPllrlOll+mRCUF9xMq5EX6rfjC9IafgH64nYVddIpH3w47BvDf24PM
w8HPPi8OOzXpjw6oZF8P6GlJBC32xgW+L6MB8LidL+hWV+RHM69NBK/imzeaygQjsmGCTVPM64=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Documents\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JCXm0ViF9apDopmq8vIyBJ9srsOh/QK5pVSZXTzvuSUGdvw4QbwnPkUhqVl1yY4wog93Ng6aFCEk9
E95N/NQHF1J4UVa81a9PNrEoFbTjg8C2TZTsPt+v6c4o9WsaHWkVzOgWmEHaSQ3MSWwfQmI3GWnL
WJPr1pBK0bhcgQlGqc4GIL3FsOPc/9NZdZfGAqUsdmRPxPBFR8ogdl7Jlik+QhMReGj9T31D6vkx
FZJYXCoqtKUwFxuXzWSzbN69lK3k2W8drmzftR4L+k8STGBq1xuV8ijx9IVvpm56kE1MG+2QElNA
1xKHJ9qCsuLk2O+Hw2qJMap60Creabc7NfdINHceAANBPc94MwA5yBxhgidR6qiXPpZqSHCbW+sp
1f9tth8+wyXAcglOpu5DnZC0TUYHdDhYnGkVvUX40Q/c07cpVHySqeRTEV76FiA4X5RbJ2hmt4Uz
zF9TdSnuAr4uxQhllEYO9V6SQNwJx8wcH8NwQ1lOoQNJU0axnEUBZZv99v/zDjntyMve9Ek97Khj
HvZ8oDyWrx7OyAdrrnly/mhAI3BDGAb9KeDck3y4Vqo7rz6an3AoPSiLBY/a0uQH22eEhpQVbJMi
eaoL5hUleNHAelSx4X2IPzcroedkssaHpSMVg+LUGlrQU2J5BhHjybQ4UApLytC8rrxQB4nCPU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Downloads\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
S51yhajzRqPXWN1TZiEy1RhEH8AOmjodKgNVvnxrP4h502tgTZV7nj1f85+dzk/DkWpO/cHYEYiCG
nSknirawcRvMbAjerOBH6JNLyDYqy9tfApjr02ucoS3XXcIrVwmsrXxryk5C5b7WlMlt8NEZqjPw
xwdwjtoCUDjXFhq08jLZWEYgDbT+bKh7P22b3IYYUGJ1ZeB5ZqhHway9bKoQXKnxDVSGPHQeDxF/
XdfMfuMwv2Ka2RnFfZWAXKfmdFPqeU17SyVKc/V73YZCxwpDkADly/VqrbBEjgQtR0N3VghXm65J
PucosQxzzcd5+v5zu+V9XZO2yXouUBxzb4ksbG7K1orowgcMafnelY0ETcwkwtAO27Dm9XrWdyO7
9gCKff0unYAFDzGxoIVJcq5bOjojmYUZEucVY0oJ+75ihBYWYRYboc2XN2Rg6wpzHsSDihWXe/0v
CrGJvWBUor5a2uNzqtRPAjyF1985t/PqIrxrS2Vt7eWEJK2rXaMYiZQ6en95goCifTvZ7LQ8Y9ST
QQ+dG9/h4W5HNAHfUwM2GUn3I9f4auNp+RXlecPwUCzQUNs4Aq7rJcMB4zUcB6Q2z1jRHFjyBR5J
4m8OKYICc62oyEHMC9bkckwg+Yg7ENJ6YAI3saPi/0hFgwA9VVC4uqkCwQSKDACmG7mWS57BsM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Favorites\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JYo3VyWtQOMFeNjg4yidG96DEhauJOSGtu+DtHNP0/67C74TcAdJY8fv9uoI//zqAMJPCrxz7M1Qo
/AVqH8ZtekIGFVFFFEM3tXKEME4z7fOdYW4FBzkr8x5qNpIAGNmnuWPdjwVgziaKB5qegKBtdd66
cKK7LMwbr9SDxKiJGDeFb9a7nCCqxS6vjl9LpDZBwFmYSSu5s0NZoytWAOfFhdybGUCKns9VhWBV
vBfubYnRorbdaHt4CTAzqgQoWO1bO6BrAPZZcaQRqRTNVBfzAjlLuamLS7peAuZIaA8Gshc1n0HV
IGGu6coG5j4ZkP7gYIXtIM/IeWgyX4KCKBuxjiCjKiUoSwGHgktWUMDnw2LzhJuthnouPSfKGFnJ
dZkCQP3pv26QDPfX2cMvftdE7vPSNsqoGbdZEbXaJS7SHqkCy7xUXKtZxv244TExFSWClvxl1ga4
DO5Jxn63bdCBLFG1ZQF7cRxNShExdTt1PYgWDEQH2fzNB1wfm1g1MVHVp+U1Uwusx2GlX8idySCU
3AwCo45+lfti5pyODTUPBk5dKmVwV9KkiPF136mIHvAkrKQtsA97BCudhA3kX0UPOocPL4i6mblh
0niqM9Em6Wwco8/5wa6IY9kdoON1cqh18d/jHlhRh3buKYCXFCZ8iqiRL56S3Z/OZDxvriATJw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\NBP238LH\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BasbxiBOFiymyvXqabXEoaYKo+hmTkoxyK81Jo1SwtouBRWyPd081jzbL+2GeHgLYjMybrDS9Hlv7
pEteWHEDAy4BiNxmeAK1FLWXqcPG7bmrJMY6GN6ySFmiwur5IuQTS8Ij84JSP/f2TrRcUMrAef2v
145Q71QBL7Nf0BW39V2iMrk+MbX9JMckBisPsagE33tJK/Zc5Hp9o5r8BVA1OLwzmNanmhREuwjA
RtM5ev8bLRglquAMDkaHynkj7cDssbV8CciXIstwhYv3WN87e9VhJXpDNmhRdN2j4G2lQOd7DfHs
0b2FtZJhqKxq46zo4/iNRHv8J56I8yfJwz2ztk90G93CDnt90u8RgZIggf0y4bKMuuJgXYJgP5VS
k9/syEvyAz1u+s9lfidgmh9qfDzHeseiQBlQKvWG7cM7vjYypBGt9y6MbqvwKWqcAhnMakKQBRPa
Ijqd2ahsW+2ckOgsTOKAlvvUt0pDvZsxsHeu5m4eL1OXy2uIsXP7Clr16rpoTqQFeQ/et5LbudV2
dOcM5C3UDcyrV5AX0XIYubMp1l1yEQbU1jPEaBrfIJhCErz08/dtE+o9yuEDrKq16Q27wRghJ+BC
JGaWIKgA8l8VchprTlJIb5WqQjdkfoYDQbtLnNhYnIy4AMcVDKhqDHT1gzZzkXjLyerYXH4Jos=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Libraries\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Gijrb+ykqNT6plNKZyGbMMA/2iS6vCmGKtlPPgTVMW7XsrJDB2BjHYdUSm5jHDykIOcUla3lqiHzJ
k4wzc9ALB9JPohiXQbyE929yWu4meOhpeH/LSTnQ/4NpDCgn8bztwVf9dwsVJHSYkWlndRpv3aFH
jRchDKKZ/Pu5UHAJmif1Pl7Zx0tFPaJ+lx6te6u6yDAJbA5NkX87RzZtmcrEGrPfzz9zGZ2l30vU
2hZLWHNXleFYH2Z35QkZxTnRiqFdRj4D2pXIrkWdL+jCRndEP7r4pbAZlzmBuANNtNfIItZFpjIn
Y6adtkBVN0zhZfpBy8FKIqvfiFmIEbpe0zbbaPcIvwsPWoz/hVvNWJfoEkGZd3Uf/mTSbTmR/YU0
8N5wnb8jNgXua5XTmyP5JvCDBAcq70PfP35J2OBuIZDDlV9SLKIg1sAZGr2utaMIFR0lOeFqWiNB
XS+I72C9pD3SbYbB30zwv9LxhERZ9RQD1CL4IsBUlMjhPboVVbt7LmaU+dAcZtHKbvI8CG0y+9HK
GnKJOEINQp5/21/66Uj/35R3pJmGiBZU1GFkeX+URc4OOmgwS365YZcd5KQGFueOC0CyVVmKDRO+
YRIR9488qL7Z/NsSW+WMAxgTt0xru/0PkULkcwCRAhO+VhJ5rZ7CxWz7tzNXom03cCZpsW25uo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\PVYCMAJD\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
g7Ywrm45GGn02mXtIqvOIj9ATaYdJYsj9VtOp0E7ZDhITJ1Y00w6idgLg3outdU1DYNTWBuGOBci2
m4hA39lPDyzzk6KvLahgPaL/947YYWtmlnoNaC6U2a5ZlzyXueGvExqql6Iy0/XA9V863FngUMSV
9z2fMSlP6lJPnt45U8lcNFutye2N+4zWhO45Zh7wuoY2RZae4ml3AvjaEWonTMCo3qNKBFk3XRKi
mDKFNS4/xNKyavk4Vv7OGlc4LLQzIZhwn6YIC1yJXq2Ij7G9n1q72XOAkcgr5y1fzH6LRum+N6Cg
wF+cBx7Y3GSF2cfEzaf8xSELWKaNcv9Zs3G3c87NtHNmhy3n7+bxLa+2MkR5pyGPMAwFEMam5HOJ
gVuZ+wfRfzXI5rXu8eGd5klm/YiILgXE+FEZZQML826MinDRQcsZAACnQoRRqabYBt92FlmG7c8K
gVsO0l2rCO7172IC1r1h+3GaSJlY8eYmPi+Q7sMThLzj9tQomLqAKgUNpngCsVjY+o4+HifznfRT
+UADqABUEphsbfU97uE/S51xWrpBDNo/RNus+yc2RxSq431Q/gUCAIqvMKHE9n0e5DdTLpIow7kX
UABDE9U4n4jAbIkg/g/MMzH9DtYzW8kxpMNoIamgsaRny3ZCaFaxvt7vLhRrxygEilUqmy+qTc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\UBDEWKGM\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
l1LRj/TTq5CgsPHc2LmzHJ6009YNXnpMgkZo5/p7hDdYAjEveAhVCA3OJ8IJ+CRTpng+33Pxu5FTq
NhU3u4ENZKJUVNx8lViLRAR+bquQfyI2q4QgjF+d4XwKrb+l33XFl9YyNSLlc3cz/eSKemL1aF3V
hDAd8k0PN/FRXogS85mHN92Xt57OBWUG04NAMS7rOsPs2sZ1kFUXyo/tn6evZIPYDWH6gAA2dhLO
N4WsjEElgtfb3O9NmXPLDmDivbrQCWbTODZsOClO3VTt7zhXFY670qjDBEDkDwVDI0MFplOq+DPW
tq6aV+MkPXLBWq8Jkj/AB2FXNie2/BNRkDLmW1d8oo1LMZqQ5Rqf1NL7GUylM4KNUI0jrEpzdxsY
/UDZZkOOM7b0JDgPF/tnKQtMDM1vcA36rh1Iju4ZjQUOGKteyZB5Utv0hWIPiwDHzYb7F0VtzLsf
t7p/GHDuzvRfNmGUkdtBjXViu5VZIt8L1UFUDp5EAQPkqTGYfmZOcSMV20HKy4Gz3vzMmXMTgYsb
M8Gg3Ebu6DKnvFqDK06QPU/C1GXOXraFC1DGlW/SjlPmsVzjidZFlDYhTRfYKvctuyiUPjZUZl9y
jZ0PPUxfobz07mQlOIHClGtEra33SEnErE6OY9upIhSlaR8KbrVXD9T8jqvo821hn5y2atkp0w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
a4U0g40ght9tCCN9QNCAxtC4Gp2067WuqjafCwZvJVmZdyLjLjGBMpP2Z0fF9W6A0/QFIEkrWdf4z
HGhYkRsjoXm0DnQqUDTmQpGWo4X02pJHtBRUXz36q1oujDgNPsRSzVG3+Jz6CYusd142OQXJdAEb
tqbel3hR0CQumpiQb7QD7lWRzre04kTrbo02dpYid8BfEhnDRxZ9hKuwKi5rDjAGgZ4WP6Qgzou6
Sqn4ZfQ74jPus3WWfnEbN6htFFlR1Vh2N5Hu+Ixl/jS3qi2mFcYA6llgGHWll329Mf9JdB2uSSC7
MX5FrzmKA4nDcFHFF1GIHj3i66wGdmQ1MCuqL5UEf1Z0UaHv9rm2E8ebphsBXm9NGh5Z71egaJjc
o5ztSqELuoW8KocI4YLSCoXEruZT/J9h/8eCg2VTmIHWyxlc0lyIZeN4jyQK/HIwlhBBvfChe5fV
2qk4sncYmvMFkDt99e9Hr2E8OBSD1qN5FdX8w0baF1XFE8acRSYxDtg6anE8PqXd9VKCm7Lno2AH
5VOi8S5bcY/th/VYZVlInoNHQf3W5LPJyeZl65J6KpHYjgd9xJiMAfZTdBEaWvw7sWOfL/IrljiK
evdFa7WASllOUehqQNsqnhShy0P+ZowdHd4caq/uaTXDbCYMmUY4FXwCP1DQSfG0wo3MkUzUgk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\IECompatData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
is3Q/wqTSziRuaPu0Ud0rjmHdv8Un+EHu87PTxokCPQIdOtMYRZ71K/UU7B3mczw0wHM5PUuezUyY
Tf1s7Pcy2EEonmmgNUPLU6It4pvzsb0dorx0DFgJEy+/cragpVXKaMYWnv025nWUyhns3DZb3h6v
rvw60yNTbRVED7MZW7wwFF/k3cHA6H2ZQWZDLFVQXsiVNOt9J5NiEVI4ShqYD0U6GcUynG2UNR38
hKom7RijCb7+aoyHKphpWzxGom3JSod12e7X1fCHvVk5mFR8+exSNZ2nk9gGGca4hvhnPTi88Ie9
f158gUi7QSEiGYNtUmIuAdstYWfvXjLXsp+/w5Z+ub7yPOB7I99ZkPkhZvvDtW8l/NZVy+Lh+EBH
sbrgsIlWcZdxSuisJGlW6zspYqBH4JT6+/zwc1RfbspG01wCxrUHnHiurKyAQOOwE3g68QEadIkj
LTBERx5p6WDKz7LA3nolGR1szTJElLUArRBNFn4fqHojhcz0RJ8nvOGsybFAuQNNkHUjZRBAsrFv
58X+KuWjs0ssHs019q6U37ZNFKrjoROvQJ/lLuMFda8IVcFRaxkVQphGH2pbHphpBtHPB51PvOMm
XrrV36E7x/ffAqxdeoGJTHprrfdqnBovzwnVgMJd6XwBkKATlD8i1dWGXaPFYYBqgkFqBqBu9E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\28xp72e\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZS7S7oPo47LG4xu10hxax0MnZWa13JO6J6hUQAParQ47P8T3JoT7pYhPSRtwoeT/HfYkW94YUVLNL
VgqcjtjupXuXKTHdCQgPAsUPczJurHEtEpb3aSJ5q0GTRBrcQ+ZgxZ1VdAD1ob8P0MSMtKbRTDW+
qupuZ/dvCGfN2LPyvS/x/PRzp0GkVRnizpvugCuP4ykbJqCmrtkLG2fMMETmrb46LxfGX+q3xWqT
5rcJO30NrmyiPT55q0SInXhSiO2mWtbA3hla5+6I0TcYUqaco6HiaRYfixl3rk1JmujnCjyTwxMp
kaskdMG5wAS3lc+aY7G2VkjqCRzVGPAVKw6hv+iJkc+jqHJpXAxlC04oqVRq8yhYgkV58BEpglD9
BQym3eCCml0IEeH3LpZVN5VKQof5SjwafFYnuBytZMkyK4RFhF8zXNzxXHPVRRy52Bo762MvMz9r
ROBxOScp4AP3wxV8+d0CA3nVGNtaTYy2BEyZGDKRaJ3rr8XxG7b1BrjltB7ptVWnn68Biwcv3c1J
g00wkXEKmWBgapDHruurwdGW5xPal82Sd2lhkibWbxHsSqJPjUDLBatI2uVnEkiUA7D5pSBE39yJ
x/4VQcf/wDniwozKGqRMrpXxwzmgJY2bgcHN7ebVX9uR+Yr8+WituO7U88T90mxIwLN0tWin0Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
drzFBbkLGnZAgVH5k/p9xeE0ANKiD2C5vbMaMofHkPkQQr6tEG2AizCySTFaqcBC4BIvJGbTVO1bZ
1SwowyXjEjHgbtlXu8KKSh9AFmQeXTgXdXSSa5iLc4UHWIZ6ze71TQbxC4g15L+ydJEZT05GYkOP
RxRlX6WSdWmy1HqdJL5G5xBXiYGVQ4Gkqj+0wHYNGXeHDJH0uWKB8o950sDySww1VFGIKXqIyf17
fZg+YSjZYXB+lZlT5t9EQCOoxg2D5S3L9QjkYh0VdC0kJ6zmvdMPGOj3BRg5oYMDcOKKLKyoP0aB
NBsXULVVULJkI95iwqEaCsmIzMXetOvOJoGYXkns4FnHxkwPw6VLKktfZlJ8hxJb4oFnEzPcZFTC
BxgPt3dEWdRkw6s4Wpq8m1KrZfFC+tSoK7xgZ3OiIsOoGmnDVMtlNSRjrWlQ9DDECtwgJQ6yrGd2
MgkFkqKCdWlbzlZh3e/FLTObMNOTvjBm3tn8KFB+EmkRnZEBWd9+xFcJQKYfkO+1kxymDqluO7Hn
d9CUAVqEUxCGa5OhL4aAfucN2PRXZFYwIOw+rzZ5ajshLlaS6VIJzaRvqEIqqK15NTZs4IYPIVcW
cCH+7IA1qhXM1gegNUC98doCDsuAgO5275y9YKak2V3hIqMd6+xJmn6Xmbjb+yQjENhsMGJQHg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aRz1Bnt4oXa7O+U/zU6fjO0j6y51Vsuv+aqesNkNA1btgAjMlz5/4Q6yFI1phHIjSPB8i8ZxeWSSr
NglotzZGBPTWfqpVnojFn3lzzQ0q7tQ7PLJFlvWa5G7NKUG5gvRgVv6OpVd4FqRd3ArqTPw/Y2C4
z5UZg85Y3RHeN7ggdj+RfrPa6O/we/g6TF9e7jHtnTVWu/rrV/x7ixQrG6LBzgIyA9oBZ+fSuwYY
O+HrbYkIZSJzbwhY7AiEe0scNwXNyDOdUtECzP7g3bybUKsbO0FX52GSkfjWV/+AtuqdyMFuVzks
B1GGsy7k4Rh53Xw9H9xRzcysY1u4bNIfCt9arHE6DK0d28Urmr/0u+z8a5njzh3Wb8fbKIcY0Xiw
MO8pCfIp+Gwsv4XT9tajNtYPDDdZw09oSNxOu1jlQdSEt7izdat5o4CU/epPucXmeSNndbPaPMhw
SwUPrWdXMXEnixFeaTiz2r/0zVEGHLBHjr8BiW67vTnyNA9YdxfZGQSgoV3zJJXf3dXcp+agPFQd
opWAbEsLHRxdDwxJDbFpDNH+pZatBGEqMfrN9Gh4vvt/S8wCILY33licALaA3QCZjdR+stAv965b
5zELn55WgU3kQEoGXvTpiEZ+NHGd4AsaEm2S/9BpfIn3BmmFpiz2k849O13P7xtI1kKImHuXTI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
P9+enTU4wEaE+uofoA1OczEFjbcpp6u3nPznkYn8v5AlDgx3sQucyqWIJZ7j6XWFp5oG1o8atVR4c
tqK0vWiBLDk5gmKYut6kjQrAmCyAIrL2wEuvfIH5KXWTn333EnrzYk0Ecb+ogRXrHpqERJstNEAr
S8GVc8KAEuawmL5H4Teq2ynV02ywlhvl5s0CPtFT1bMl37RYXOA5qH7Zhm6yc78qkVdH8NjsI6rg
l9D9rTFfnUhUAGNx+8usvcK1MDq6ZCP2+1FmdJt/D07keHGN9ORD2Li8vdlzz5Q5pAikk+IagC5D
JyULnaX+o6FDsig7wJX9aqJHQyyPVr1X+fUSzxU/6sVEweMzSc7CYc4Pq3LD++i/vWotF2FHHsDd
QXi+OyihEmSNn+ne+KAhTsGHQ8C8eO00I+EtlB99EfY5IcuvFVRezO6592qVLbECgq0Udi/klXoj
2fBRnsYpG+BWgEaKTJ+5owVCtT3w0tPEWyXkugAunzoNGptP98NGmIzPix3qLUgqGv3ofujZtDnM
yhxXBbnidIi0Bklw5GFuOWUFaPjbxPvGQRDuQOxgubqazWBZ5O3fNkESoMlC2F+AkaoeEFvA+zT3
cvzqn+T4kVblLCzVZ/9kKduGXJR2u/p8Qs6TlJYig925mQKH83OpmVGuokN0j2JNwqBkm/A8lA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IyWY9QfaV5tQOyNoh6Tpy8oXMalpaH8ii+VQOkETFt+ylueeZ6VjyyK8TmK3k+bijJBRNhW0KPLw7
N+mMOSVm2ZtXF3qkTbjVfP1Uj4fNm7ThtDeacN7T2SjxGbLu/AQ0MogDyaA37abcoZdFA79Hz1Vn
YZIBtzhjORUfwN4Hzxkh8wY69PmcCY+ylmNsIZ+lW8dqFMm/i85F0lvUUPkJbkCQo+ApAKCfkNGq
gU4a0uU+tegUISwirDFN9NkrH6YcqaqXi10lfm91yyS9EQdg00O1FIOzvlSjTqzwmFu/usBJC6jL
bkukLrKS/sWHwST9heK37dbmMUna2gdslr7NndO4ilRS/eIgnaUgIEZAjdUMuvPn44uwZyowLOUM
S7eJ2wbq8sCBe+2xa4cl3jvQN1rvLTtRtI4UiJH/gWn6LI0YF1iOvaG7KnHD6HPo0/Yf5yNzBoMO
uD4Uf4tylO8nS0g1LXGY/6S/R0KE9zUifNKYKlLy7/PhTN66RVfWHESFmrXAO26keckRPdw9BB1j
caZyX9ikWzBpTR4faal4Ems8VqJpLIh5FSeGYXxGJ1F2nS01AZdf2R2Zv0t25VCCeRhDHC0IAMJo
N+iMu1cycGru++cFBsaYx+QUx7jPqPsbBlzoohzI4Ew3CL6hMHfVLpIGwT6iBTkhOc1nn72bXE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
N0hhscL6nJQrhwEN+YD81+UCqdshyfVm/7SFVVeJ60Cenqitlnnav4fWPcwRKRY7hFNotVdlfuLuX
lKJ//Je96EVlh8fo4sXecbV5e8BQn2ZlrXPcMBLm6C9goS6+kcL12Kz6fbSalrTeh2qfBb7yzS76
GKuAMWb8EYSPjf8ep+lj6sGo16e0GTU6l6rLsUH55VZ2lRX/JroCt5HEhx6Iqol/li7wHj9wt1b7
h/xXf6/FTYacm6M2edm6I54RX4SQvpKnUKOQtcgQ4/HHNC2jSKqROputhmg4xhGyCxMoTeGUuSvg
m1p+4LN018xXts37mVYGnx5IvFmv0N++FscdUaRa2ZsdpZI2yXLll0NqofOFAxgQYsEtIEog/To8
M1Yr3R8NwjwpAGKZtxcaN97sLmN4jVPquYqFeog08yPf3vABdZwdujUiob7/n5ezqbngSFtmBHq+
7pTnG4oznuAzLLE/P14jTOcuDNw1fHVx0SbdU9ZN0nqjD7KSx6mLrjx1mbBNgEFaRqfPdF5Te572
PH8xzZCV9qumD2GPGkbzL8EQTrOeVgsKY4JQxZ9hLEFEMaHOLe7ucvYvZaIXNpnVTyM2/g2DfeLV
Lkke/wZ4QKZzTCQG/8hAe9G6lU5KDIJQ61vuWhkIxnvsYJYpTZyOshWKefKegDjHTDvBx6DDQ4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\TabRoaming\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fWb7qglInCVpQJIVYJAgEKYV0At5jAcMbrIqYDZV9BLl6C6U7DOZwurgHrM4+jKNCJXf3J2ZjDEiB
lBSl+9PqlqhAmF/6fJ+4dSyKmwQHeErH9nPjFBcW4SUBP6iHqo4saYfvcsh1eul4eUu5AscLpZn6
2bY5B7UKALdQsHIyr6QrrgiCWXrOJr7+iv4lxoLS+aFhykz2Im+sU8Z/2r85uk0HzJfxM+wm1rvq
QVaRZ+5UBCcZ6MjMLS5eje/2WPSiCcSWnYHSjT4ltNybCICJCp1GxUms7hTFLWZ6IqUU7Qbjc3CY
eNTIIODm81D1Xu4c4uYCXJ72JN5kNvGEMDK5SppIITmb2Jo2jsGEf59BQbaOMsgOCDLHXiXWugDe
JbAskKDnE77B0LxpNxkpzxZ1tAFwD42RGMUNi2jjZ1fbg4eJOdP9T8F6dHBKTBxV0jOw/IvO4zXC
NSvMh+x3D6/vM8JEVSWMYd/qPSZSZyIHnJ7yhFxPkl3p0gUt5dEkADKqDMaWSxo5ecknBiIF/m+F
0C6/JjLqwxcHVvjN1arjqk47APNLOf4AGpy0HXfLYx3geQJfMlLMuoK3BQc8w/qacD34XOMu1Kh2
Xc5yg4vtjhyDBA11KR1gYaMrW8eEmHxgNOw2EpuWG2F3oSLv4cWjhMd/RBTyhqV4oe/JHk/DSc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-2845162440\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
I2yZIrjLSi/l/81R7UPgvQ+dnEY84rAz5LEBpfWrDBLtyKWT8TPa6CO26JWZ+RngM+cmyt35GTtie
kriMOgnz241+FHUPkV+952q/7TQJN1g/HkDe0A70Q1dCzzd4vdVJTwi7jIHnFkKdNY4Vd8JyXoUP
paCllSFi3O9Z6RPyp7nizSglmTfUbc1239LQBZLXXvy+W/UeWVmvxNXu7lpOOhvKgoAqkfei/HIF
MhD2eHOo1698lKm5LxjoBCM4iBknbzVLKswdGCByyTymh84NNstyZA/MzELu4yveMbigm5a2tDec
LvLvDj7CEOozr/p+GzF8EdjMkFmOZqclQpVocC3lCEb8qLQ5XYys95bUJ1B3cigXezyBX7+J0a/F
hBUR2eNbKrWmtXlxBdKbqHb9ZwC7P78NxAokPQcx0YAj7buOKW9PuPbiUsvOOBShaVeNtlGRJUWa
tlrneEcjr9cn9ZNL6jIJM3HCDWST+cXHi/3rkHHgoWbb42HnLo0sRVFejpHCc+w7aWKy+3omi8Uq
XoUk8zMQorEM7cvZ85Pu2LXEpPNf6eICFtyWMTjFIR8JM9pCk2qpfskPkNAAX8dsI5wa4kLggWHR
igwDGKTqC/jiuJPF7GXxGSGSD5mzIkJEfYjJxyETBnpmwALPtux+CaWmHpbicIwSexK067vSTg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Tiles\pin9728060290\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
L6qnao3+FHZHRXciI5dups1A9RrLz3xz/CSL7XHCiLh2kVslIx+WOqx5eMLfPY2fN0NtOJh53jMk5
+BfelOpD3Smp+7AWJ+eOhnYBQSw77mvOR50Sj90szqiU+6HWK16isNTePQVVxnSy4Mj5Nl5kiyAb
fMEq17qadO8a5LHrk7yAVtKXD5hK+SmySThyAXq3DBqC30ZIiCcfMAykj5vqE/n7CJNJLXXl7W5+
Q8PWVsBWxL/lcEvLM1Ghyr6+PLvvKkw8FTc1SHmme7GoRzuXOvrbbmn2w6ZB6rLobGMgvYZh9n3/
3rszwOOJNu6gvD0faHYYQlaAIL0aZjwzFVkALvT5X2C+6iPcYDhTr3PTIEJn4b9Fz1Bu4MW70B0m
pDYJ3KTQzoB3JBMRHpjjBkPDGG5cgLEFXY08CkkXAJDhjtLnjig/cjSyCmYMmO62XEwI0pctxLB5
evW8ZwJLqn6l5q6rtODPXb1bZHGsg7nxZhaHrXjWh7HX+xBFPnj3jFiQJWdMgR6sbb2sHV16BU8d
Wr39F25KrRhbb3zpsBhRQa0ZQh4QKmzA/ziq0ThW7nmCXZaYM2fdNFJI+YvvAzAI1Wtp+zc4iIFh
gSqKTKBgCcL5HORIgoWgdR00bayCFsdVIwWo91uCDydpxdbC95gCER/b7GctvBdugCW8hMkjK8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Tiles\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NXFsxwLXytxlgaYx636n/RFV8ulxurD+LpPuVeUQw6uxAVKbHZ7Xxxdi69R7WkY+t+DXfXdkmQRWK
J6G2SQlsGucvFfSx/NgV/SGXJZZiZOjwYn/SlpjWSO5HY6VGhrliJqlVAjVoDsMkAtFqciTC8e+u
G6Lgcqh+xkH/9ImugmmeKxcwwrfb3aSnrwoqhDpNT/csmam4Ap89HIc1n9+7APid+MGSJdfNmd7L
fDcicHZ0hqvhJKutIXivrUUWZBg/6Yy1T1OWUUHlhn9OqLJbSZGff/6Tc+/amTsO99W0f+DY+cFA
aViS5ZyfTwfDE1Wxw+tJZVOr4lJWQtCsNWgmidLvhrSDVOX5T9UA795VIoEQrcv0QRvu0VWmbTQS
4EALflPrrV0QQ71S8Jo+H4sARYUDslCEegySn52hFNXbXDkEldjw6M4v3EaPpUg891qmhsZ89F03
X0+cPKK83btAZYHagNjPoPyMTeHtGlLxMuDkAcW87kGK8oS/Z0buZkTLhiOQVSSsMdg6cWopihiq
D/kDPrH6nV9A8bKIZG4nmC3OD6Lj2TG5BEhjzUfvYC7M3fZXKWBWax/atAKpXsKTvofC3Q4ezrGu
gxywYJE+kPAExyS+/a9FKvndQ1LW1AcSQeknimKnAYT86oJ4JI76sWw+JpUf3ngGlITtlFdjFo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Tracking Protection\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XfYZ7YzFtAr8yZvJXxz+qqMsVawvmmQ9JI6xk2cmntibyC+ik9x7rVBCVjxwTp0iMu7y0bpwn+8CY
10LsMVxDm8sSq5eJGAbWW6ZeSPS5+IT9V4z74Kx9UVgUS6zE7JCfVm8oiVpiNNv5ViEWwsEJG4Fx
w98sFrvvrpbI9I6u7ZfP7+KYsYrh4r9d9L1UTj1G2Zw5QYEHCqNRCVN4SP8nGQVd7l/uqSHBIdnZ
tuQe2BMO1KwwumdgIYnHyq445pvjSphfFkJ0eqcoHxTRb8sGd928uaaNj5mVyJbehltKqSXTuIIt
uzRgFvz/sp/Jgp2JehXB6Bt1s/2V4qmId3wEDAvhmm6RCL8vqW+6t8QHPEGHPGOJdYJ5v0/Z2xcn
iHDojwYSGh+coQUZcMIPsrbOGa9qB0Mfl1ec/mF3XQ5JCbOqMDkF0aGjYM+5GYJiobk1tzSlJxcc
9EvLFDTSAnM/5wmuxv+HsW6ZSIW2BIJgUNfZZTRg9eGSnzyu2smoLF2p3yam49wgphvGyBvLRRL1
fD6pXfpBMVvuQoFnFgQ/Lr2OAxVrrmyLzR27T+shUmJuO1tPtuKscn9rGodYrn1UKrPyXO7XK4yR
PUKHsFFXf7DRgnL26HFq28cdqYtYqGBmHGtrpv7eVVvp3E5MDHG04a1rToNw65NOe8AqB0U+TI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iY34+IpYC0Fj7AWBH6rXTKYh5eWrOq32abX0dil51ByfLniLISNFYoKWakwniZgZEdYKcegObilWF
FFWih695/zCLSm1/W9+bhfmp48/jPJdut0pRpWok10PXoIZiuFLqqP58Fgy3GVBMMt4+hCIZWWL4
vu2wAXEiL8Ow8hE7yuYZX/6fmtmNYf5RFXp2YsZNpxOPmu0pNgYkl7r5Jd7j8ydLEHPMyNfGrn+R
DxqgqK75eZ0S59pNfo75vSpLUlqKML4Pd8w2/26dBYOmebFaEct//G1IMHu+8FpcUsZA6QJqcI6G
wuz4fOfLUDizA7J1MpqP3w9IUwEFxuPVGz52c7k0niI/IQ4fjuP4s0IEUfDp8uZlCMtpsGTAioGA
VLyOpj5LVNgIVLjX1WI3W8bWttGJ+aTXAlyMdleGRKdAeZBf59BENV5Mfz5Kutz/xwPjRtKqFIEi
IVDlpyT1kJXWRkWkbogJrLuVafuHYFoI21HG+nOzt5z/K4UHUHZKYxxZiWzKxNxKsUWZqPJrqFhU
lNWufUdN+tJrz6nd81l3cXulPUSHndErOs36+JGG0pdQ4iP/ddfM1EH89IcAWm4LbcA6qab6qDXA
N1p1plQ/f1MIEZYA6zD3v6ODKk727Ysdn9FBt/zv51+XeGiliOMle6jgBcz5s4kIDzOw2RmAgg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
D37G57GvnY8SrHkAPWBh6fg1Rgt92HG9Mid8252A3Nviai+3vVOoo8FK0RbAIyPMSGXchy57Di8Gp
/xAhLQuPJAOVn61i250OYLohnfuuv+OivZLcCIkpGEe3cc03wbXVpZ5G4XSQ4aW7dNc1qVaITX0H
Z13MUUrAjSVdaB1Xq6CWR8DmS8onRqUq0/TlaOIxJ+EaRFqqBJb6/Uxusw0QjcWaqFmb358ooPTX
W+2U+Fa3DaHgFKEO8em/EC77mmqmzSz0wloCutUJ7s21WjIvAqFYpkrejHTuN7YRBZqmAgYcBuPt
yOKZO4UV0V8Oty8lzQcR1QX9oVd2FrSmpdspvG6IAYkPf/F48oh3uFUl98uIdnWdhzGBmqzOz8Ol
CUAmfmp7Czkja9SZRoCfTyr5T8//nVLtl8wLCXZ6+J6VTeN1hjfoJBRujNCFIQBLhaw0VCLvtCV/
tjfGmpXQsRaioM/hphsrIdmGbHK8yzOaEne+IXKqW5gIZiKkR5NGjnIlB/b+rDGbudCcxGTMiPnq
PPNquk8HXPx7UmyIXATwGNH74ZRpcx2o+OAfxI3ftO5YunDVGnR/6325yWbAcuPYMIkrN15h/6Ra
X5rqxRUhBUTSbyL5YrcvONavZZhmMBVH478fuZvdo1oChdpbPWW99o9zFkA4KHZccsiIOizOKQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
U3TRdZqCNCJEMv8IS2fYxSgmqw/87zHmCJbpUji8bjhXmw/t0/TttshFNUxSwOrY8s8FX1sKf7Xxr
2xnFwz03/tCU4rNjKnni7CygJ493r5Sg5+/jEzqRyAUmdHYAHhprOfv0BG5I95rtMVbtJFm3nCXI
lmmK6kmSBDwqwrXxqCRMM2UPa3ZHAZHwV8y5lL2aTcZQSRR/TFe6YVfda+tQOJ3y+Z5PV+og2mdx
ZJG5BpYJLfTZTv6MsthgolvE3cCRJ3SrSWGBMkf1S05WfqYLJqTtvwOSs11lCRp4w+6cXGXjRENF
usAza84SAtPwsXcb4hNON0/RL1ayZtnJCf1Gd8C5ZpbL8wYIMXPogGipP0fKkjJ71KT1mZYmkeg4
Mayo7R3fKGG9Yt17xQLjz0GpEFeTVUCCyY3DGnd5hbELcEqZuoV2eB0kyShR4R9FhLmixJp10vUQ
+WjVXZXB4zIXKbTPxfV+79cKFkTag4/Pko2WjrrWOgiT0/utB2L2eD2vcaNGtQLVsPkr0SPQFzXw
hspKmN2N7d84iMFGb1OnN+eH1y0Kb6jq+0fJK0cyWxe3W9Ymo9BtQrdMmLR5omdfWqMwzX6A7HXk
MeC0ZHs+7KeFZrKRms+eUJMO2ZY/7OAU8ZVoT0xtMb5k1aziu4g68//F9eZ7sPkNXKOR0CQdtY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\0000863F\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PE2yxlXOFJOa56rzLOqKGabRGCxljIu3g0bf8UXUEwEVjQll2QuCpf7NDWjmAqD40V2j3wAt3ao4V
nTMFZ+w9XHTlQFUEWa5EGNF8iDdRhmsYIs/BjetHx08mfiZr5u3Hn0hqKuP6TClCuZEJCDsO+O+k
NxGyHTr5Sxupx2ye0JR5InppB2zyDx8IXjtuU69jCPXZFaHkTDIMvnLIsfUUeyWP6qpjUY0H9abf
3Aif+yKZxMf1+Rm07k4pCpxjUE3qYOyw7jU+LUvllSa6Woy0ZH56ei+Ag8lmOsLUhcr6g+Pd4xnM
qogY+447C0kYY1gBC57bWMVklFm5XCX8DHWTstzwg6NhmfHRATQ/3OImsh1breGjbBH4FCh43VLR
gwzx/yA8BFaw1DT1+DXtADHcblDVDzDVPV5OUuB62oqP/m4yQvbEju/3NztWn4OnTAS2i8Tcm1fe
G3EIGbB0XFRJjpd4GE4ZGCgRPIGoB+IdRhbOTSJAN8ysxqr9LL3Ba9v/tkGMftlsrvFSimTQFsQO
X4mttMxXB7tKbFj37zHF+cLZuY0/A7zbulAqjjLBCqMYY0AYM7W9lzUMvjIotWqDExL0zSIUmtyj
jpan76U3jnuLd6V0oV5QTCmxX5UO9HgvQfr3BAgDGbKHWe7Xjt+zMZXC9dLQbMm2IhSanfAduc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
idS+VBNx3gT0RK30sn4dvf0EjmwRvMKTCvo4jsTTbRctcqZg1ZYbL0Sw3M8APlgqvwq6moxTGPgcF
S82Iy5aWsWFVu7GOOs87MccG5glAcM6tR5Vt/SBG74U2vRA58iQGFtCldB3+9QI/hrOWiBL0bcHz
cGGwKLo7eVJY0imKDlfUMj6I2MyZohFlSwvhUGhp9Y5iOPUr+6wXgDNWcIiO4Du65E0uoslMruzD
dlcfJr4d35VTQmarcoo9QkcvRGU4xvZwAmZg9sKk3KkQgTUTvsk1aW3T+Q4YU/3zT8X8z7O4txLH
y1heR4ChiLmMqXm08hjVLSzMccFqF1XcRiMxKJIQwgqHYMNkvdZ0c7DuIhMaVWNUQcD+3F4aMcUj
khSs/uuX8JPLkDC05pZ4DCNdEoO5moma32MP8QFjDo4ulIXzPiHFzNoiwGEaWYhoQtHUxYmTK5Y1
TZZis9SfuQM9KGDeLhb7evO643vRriQC1h2mHgxsWFL5sTZVScoYKaOFOIk+l1s1CZ64i091ou0W
S3KVJZ5QGiboCq97PjzWLZYzs8bcYf8xxnHd8LwZEYVoThNLV9ZWrB9vtWsiXWcjTmNiKzykVIWN
vzf6lyYvOXLx2npVyvczblIA7IlEqI8es/o/ys6eAo36tlgMhrOR2nSXmZZ/rW11lXTz102nao=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Media Player\Sync Playlists\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CXf3N5yySEg0mViz2uSaabOnHJmAZ5rFw2HLr+Wty8r0nd8zHgrjmO/c4WBNQNfLRdFlAowxgtIq4
pAZAe+MLF+qtI8lTPFIDEe6kot2JCZUIb5GbkgjTFNyTjhzTjwdtSGKugCRaNwoikLyoRaQ6E7GS
3B30R3kfMOr33P7Fc3/GZA5MbmaYSSdPzeskUAYozeif7OYY5g3+oweZk5ZJ+rhztxfD5Kt1qnws
p3DtviOoqGVhEcaDM0Hd3wm9H3WgQ0p2Oco0g3mLb27yZ6IYdO0Y/oMW3VbvjbLm6NoOrIY8BAAu
RHZ+JlmTs6/zR3ChIvKQYzCbGCcbS53VVvmdV0tNkLSHyte28BS9lD/RNob1yKGqvntXqfyqsMRm
8bNNeHPwgum6TEXwqnDypPdu1vNnWCxDD9VOcaW7dTlMlNLKzwtF+JlKW/uKNAX96I+JJm1c/5Pi
23nz4AwxGgCvq5kRGMBHkbOKhNkS0vV8bMWOGYvgGcEdsanEFttWBo/0hs1XMG+odomp33EQc8I2
l4hPwD9MIu8BxD9J0smXn7p0W9fulSf9UCTsXwWJH6IlriaWsC0xSpRMZbvf/ijb/HtCPdZlqJ7H
IIQiiuD6lkgoi3DzojaF9dhooMaHvTn+G2OMX0/7U2zJfn1mzANR8M+Mv/ybnef34jiA5nSKiI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Media Player\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ekm6KZA43yKVqGvJHFCbXNdBdvx2Qu16/CGiSpo99OWuTDZW2jVrZyVbMRefKBZcHPJWsbevpo6Cu
fakuBpnC6JwiGUDt8CzhBjSJ4clPjxbcaCv8YZUVWXRfjctCj21cmZDi9vr07V23nnV69oeNcMSS
S+1d2NcajV5M8pYHbdkXAZKhrA0fRRcMLOQ1p8v4CnOYbpBFOFMqq/nnwwcwGEoINumSlJJdpS2I
wSn0xnZ1Jmm0oIW5gCxN+hBaN9HFZ9BlNgQE6y2QbVCgISxs/gzbl/RAwp8W03Tfik+DBd5VyaoR
64swSpj5xC3ZLaDB9ihRe4k5cQeUvtfQYVgo2smrkY8qGunpmKgUbpOEdPDasLjFF1PuaNJMQeBS
3Ag3G08x30pGSYFyb0VcGuTvlSpBhqRkEyfkhhi7gMKiTGOLX70FisNaMHKvRVK8xHcGkVRuKSsY
rdm0IUiYDzHqLWmcM9kbECpxX7IL5qBxcGDMpy8B0aTXDdvAhL+UszALGDNKmLskypoSeOS4tjbh
XaapSQvRHNnPrCMNbCEUV4/iEBq69wiSq4KUbCw2mV8QUhp8gsUwAKM57PyCHsUDDdfl/UTqaa/7
FUdx/X5rExovn1inkgAp2HAc834dEpqAotwBJT0FXCF3ZBDW2pXVWloSvFjHgiK8H8z6Q8E5LM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Office\14.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iVvBDUhFSByYFMNTBjSYET4qYMkGfLpMra2hOlr+CprNPyU6KXvsuMab/nziahRHh6jBkCDY1RTdq
WzNTb+P/9k7ZnDSCDXhvMQY7B0fnloxLnC7U7OqesFUikD8KYo5v6RO+DxCMk4wI8ZQYhk2Tv73I
+EiHpnegVZb277O0qwxI4kMmLapFwzdxGM4y/VDDnCZmTbfWke5AubKVF9jrmqeq7LdAIXfVaP7n
v/nJGa/27wFyZIzd50w0wu0EnfDrshNag8Mph9SCIqKhPWtrS/uRYLACuqnFdwzPsMFlfHeMaa7s
Q826GUWx4HHY8fNqNzPyROE10it7HyG8Pk6ATKEh9JeZsMFnl0LRyCrYfEvgCMJZ0ruz0qYvQKpz
RZfft/LU0NBPbT+9xvnF/gw8hQglNr+/gztG0jn9+ZQZTVNG0z6d8b1AB7bQlK00ptK2RNi5reDR
1wrmJWs2kf0CDXmWhgzje7EkC4fVguG1Fq4FUE5n+hNlEXC75Sdy/kn8o/2dpf/2/vxVt50lxFH5
uTW84W5WGiDX+CU9QLFpUGzcYWUqdszaXrgEblQWA0FbTBbSHsllm2e/B4DsWqP/MC/G8koxJuOs
hC5t3/Y4yKTWL9lWiqv41DzA/9JviPjOnxacfOiH2RTfmyIIs0j2Pwi4BwdoSz3fe6U5IadHoE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Office\Groove\System\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ASI2aYytRcoJI9iq0OniQlLiduB+GVvd47/AyQywXy2iWmu1Zd2o07u56EdDmxj9+adIOgN5QPwLK
gVTtCM7julCjxCqhPzIRC+jJvqOZQVTehG6/DM/6hOWUO8jvT87HGxbyVrJkXnqjoC1eLx9gv9yd
yp2bhw0HQXGK/h90ccX6p5emjFmbGcjpVMPbSA/J4psuZSl9L1saV0VYGNFv4Fr9vt7aGIklLErG
QgNhDdfU9G1VYVNebMCfoyvNAcgDsht8tiuBj4XndFnLd96wqL0cmDLKsLaM8lwCSG25RtO7XPh6
YEcatkSbdkn3liPQBfLYSccvck4AaZWEOZx6pa/ha4HTxhYHdkM0MbFoUOAnNFc/u6XWEpRpdTi1
gjcHF8f+8e97xgp8Ryok5AL8h9C//GaiaQk/8cBFelhcw2gyxwHV1IxRoVgC2Z3IGK30B0NtiziP
0E2U7A4d/VPXx8+rlDpsDIzES91WfRH3XIHWbM0NngNOUnViEYX2gkdELXxtwF4b8uWXPOAyEXgP
IGtnHZKZQCC/vaVFVUEcmoX43loR+EaNTmMUq1j190kcUK81Mz1w834SpEm6VeeXxypNTea79Pzo
Ni+ZXY9eGG9MiWvi/5wknfQa+iWuG173FHMet0ZBtsxr00yE4nfXhGz+rwWzncSYyY9OyP4+Ko=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Office\Groove\User\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VEp9f2+roQv9v+Mp3qlPOOBgXAOCw1QaOAdRto3YT5gXwPD9mjillMSMJRJoxb53vf1b1F2qn3GdL
lcXTv6qJSPDGsdGjEB1GQisvakxK+DbMNXsNe+Zed3h4PwR7FR93PbLGjoyrfMZFfg9XZ6haAwFz
F7NeTyakelfySTxqnU+4cmLvY43TU6xOQfSIjv8dGw3NdPAb5tkZJE/KhWQ8ikknCGTc7VCqVWzG
kCOG9yAW0VeYcSptoEv3FtfbgKzsfWpQizZmOLEzGnKCKrQQ8Q2VhAwhXNKse/FNpQOnnx8CGAzn
M0k1SCKU1Mh9jj8zYZeZfHus/9nx+EFBda4BpmYt7GPmOjhfgIzLKhMCzZihym9/r+2UnIwQoK4B
83DlRSb3r41eVvq6EjPOBTOO+FW4kv5f+SYv8N+V9Foy6a15cEd9uwOanqg1N8kZCIBEI1rmY2OI
OGenzNr/fKCLHU+tM+jzwoZSYIzOthfOlnDb/UnLVw5JTIM5EAy29EixOSBVwModVnnOjjqZ4flb
WkqGq+/GNPb2LXY9ZVLhpFvAfpQLW6ieMkieuYBctWItDE5p6FOH/iB/eTnDgoohi8zmPtD3zgmr
2oI9mLj1yG44eB2ou87NKDI5MJS1/YQEM1vbdc45vMvbCZAYB7Hnl/opvU5rmMhILVsXr55Z4Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Office\Groove\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Spc9f/KM9DnolTAHlKCPdZVq29ChvUxL6bHbepGYI3/UdSeZDxUUASB03AA9rgN4Laj+4/O/8OHGd
5/FCmF3nSAB8WhSsRLBY6J059HfSG+muFk2zVBR+2QKhmHdaUhOtvPmvZIZ7p1eWO27YZHkkFQzY
WVS+mAucHXljY1SrTjwa87IydQbVApGWylE+g68DMwwliYPbA6o8aomAHvXIw29zV9b5FCNG2Cp/
F0ZsM5p+9suQaKI+6Jxf8xi62B2NpSyEX2KpAvXL87UKLiKeiouAVuhiTppLUN9nqXaw8z6EH6pv
Q3MLKfPeNjfz1byQq1AZr0mGMYWiUJZLY7NJU0ey7K1strJpvvzIKUoUGpMGko7CGhs55DgckjzH
9+Cy/ySWUWVv8jNlvH9RCNFAW3yxdyAD4m33q6mAimHz5jO7w2eunKp59m9AwcR4ebHP8GR6uys4
LxJLq5JdP9l/Y5bTdXHvixp+5wv8PEPFLlAriW1Tpyz8HjnW5qHUZFSHGXo0AKceE9DTyyPxkyLl
Q410HzSA5Z7c92hbTWNY65SlAp9sC0bMXfZ+VFHPD8LwgAF7Ab/2p421Lvhgt8pGF7JDZ/G/K3+P
EcDVk5guvGMSMg69Tz71Anh4zNRHnO2hTXRMwCvw9qKS38oLUoZ/47nnT/KZn8c3UgR5MhdoIs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Office\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XXWOIzcv3NXD9lybyrgoKJbcGOTv2pINOpgratWmamwspl1QaHwn3ORtS59AwOQSkGi0e28bYuYZa
ysJ3UZHaOhkmjHL5b4LUk2SJ+o6YpCqJGyAWVyz19JFKHRUlPArY8H+0SiXIVButzFr4h/2wVQox
fOs8D336h3JmOHN0A8vaeINw01x3yjppuOlL80NSQ0TV12jHML6f7ailmq1pu9f3A55aZDMLfnhZ
neMFU6Y5+tZj9mEjXd4GBrs7lXfWYgC6cXmSRKc1xsgSu58eXHpqybrbtI04dLzwGwqVryGnE/Fh
l+nHN1Ra0ZCv+/q5FWOwKGoC6nUrdj4YlYqDH075qBk5OSmp790pV5qYoNIZgolcE4eFRocoopCd
w683UYhO8M84uL/QtF9za7sCZljkoyIeTuV2NXKoKIrNIZYeKzYHJP2gI1JVOSQdMX+2PzAK0nHL
ZJNmGEi2HkTWS0CC4IR5Jp2STKkgfmU5y8hhPWr1ENvkphs0fmzMDjvKVIDJw2j+dgWcApgD2Zz6
mIxIHHgbjW73j7mLqGcy4qPmbc/KHBDeCErcfiEZd4WTt/5pH7H5gp9nGfTqs1M+cEP1FLh8hEz5
enIsFldvTDC+w+qTyjQwMPOOgVxY2c9nt1IDnpVmkbKflstYFRxfRpuR/4rnQLqXkKj+s2fm90=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\PlayReady\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MuFa911JWS+4iAGEccdpHQj066KYjoW05srAIoB2iSroz2gJb+7IDWHvmcJ5hCIwB8dambj6TC8dB
pHqqlpIbsYSG59jpcAXuxEocqqVJvoOIR3/ustRTOSIs+btoVa9+Ho2ml+hng3S0guTzOQ3Fi43k
r8Xcvlwl5gHZslbkAb9N2IUXw7xqiQ+D4ZomJtNCZEDm8K2YF5kSgvgRWxeJYjuqvak4jZZszoXU
NqgHjvjEd1daLcUHZDGwNOWsN9Iz53QrG9XPWJ82KZpGWcbrT5V8tbxuqdlj7bfkWgUyDBd0r9PR
LikQErYRaRoFt3PB1rMvvZ9GQQ+Wy/+s/Te7lFLFM6Y0+FqwHgoluH5lutrOYf5H35KdJVq0+FWS
FSSurjQ7zJvWxzBIzSc/1ynNF3CKohpbLm2Iayo26krc2qsmravf+bBGW6VSteYJ0LsBO4qkyQZW
2pUnmSte3u8iHHQp8+9tMBDAQedCy3pH6/vP5PMUDmEC65vaR/SJTnYDyHzg6hTOnZiMmZ8C90XP
sRrlNU1KVA9fC492hzL5MQaSOzOYX7e5Tm+eTLQlpOm7BSDwS17pFBf+plhsd4yTGnlnAzvuXATu
rb+dHlIQ8Yk8zZXo/+cSeTgStJz3kfgpyKSJ82ma/oD/Gc7ze1yMfQ57J3MRSruoWp2aJTJWfw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\Burn\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
daZmmbCptTWUWROxgyw3vdUcJN96K1AVq2OfYMfaDyP1IxA5qRTvmTRnnemPB9iT1s5aALyp+sicS
L2C+hZYWhbHtGi3teBjHbdZBx3E5M8ciWXMdd/3JEH3CI4msW1wA+zXZ30cyb/DSHq3ExvNcL/Zn
flb50y1jixKLu7tj6BWzIo3iSAaQvPW8V1S0l0/dELf6JGOJgfuZ0QLZX824C7IGZYMLNtmmcXeC
ar95u4ejY7VI352LPGO7HRus1Ufz591f7FqqGfL2yMF/oSyVIJHUDglKtYe7jVo/zLv1O8/gSogw
bfnFyak0rqUaUbzzQV099AnBf56q2n2eajlw6cmxHgM3YknUVknK/Q8bkNZDmf3cIcrdbFFBB9Dq
KPfVT2YZhZim9EgCevkinhENquyrSTlFYyDkfT++h70iV5uewgvk6/8S2Q7DDuj3bhuvaRUinfk1
KHE63ldfCIyp3+DxJACUaZ17n8R+3EQVSeVqoXtJU8+n8BE+RNOat4o3juPlnqq4hUFkUfiYTwDw
FrbsDSUfUFB4inDGTUxq9tllOMr2VGuRGc/jzpUCKsJv6bIF/bfsPVhbFs0xvktZVFSCLoUkwpRT
sWgUfrGStEdl5OeIbA5hqGviUtJxobMOX8tJY+4+hzsYxxqm/upvCvgl940YLgO6S4IzrfO6CI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Burn\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
USFR3VNtbOdUezTIDSI1/5YPNPmIw5PBqykijjUnxipye8en3XaJbH0Mbe0FxG7DOpDQ3G2vQGJwL
PInL5+0fNi+R6wLoipaAxsD49uH2Qvteer68jdwtnOp+IIsxe0yv7pK9NnA7ZmzsUnBxDWi+9PNn
ZMJUyx6bZqsV1niKUNwS7XLSzfN0HA+5/x0LdGTdh8PNHPtz+AX29ENiwdsQWZjvJmZ1ju3L1zMl
fRGJifHcjd3qxDbfMUpYB3ck5141Bgr39YFf527QFMZnL6IM6Bs0iPeudB5IseYxAQSGtatY2idj
IOYstyLjFOFbehYwN2xk+lSxA0YjzgOOeOB2jo8Wp/DfOlWQZEYGPK0cNJizu5QQsbERZeEDdZEt
QRU9rQLQbtIzVWKkj46HaJUIozoshkegJJt55BMPgmhX9x+h21iZcWYcNbbpCmwtbs451XwmB1a6
Pli/948/p6NtgA0yaR2HjhyFx7YzI9OBI2ahyfdw5/VvoZd0WFeL+LHijCsQVZtkToF9EgGxvBtI
I4/PXQa+O0DMDp2EC3kkOCXAusnmXI+kkyUW8uYcsduVDcUS/zY5wAOx6l/XGdOLMY1K8vcC2cLx
ifVs0df88j6RUz/aJ0kQAvIpBI2ELjnDDF+JhjWK7MyYOsYLHUb04TQwxfbU/JQ/vklvEdiQ/0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Caches\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
W+J3W/ytnBh5vRXo+5XtB0gPigeq2sLQtMBBFuoeHznrx7JculaY+7N7kguBsmCW7zaY/9qBUdipQ
Q4pz+8LGpZSxw7DVrhdOEc65NngOdZOAaAjygJ/eWAbKRUiY22DlTJWZN2aLYK1tMx8cSx2p7K/u
3Nm6TWHlYiEv5syE4B7dYjEGdA+QvMDSVddhdqRPWAW+FPTuhn0lUww2y7wPUv6Ek3iEDLm2vGM9
g337GEk07vBfVUIhHnkEO5oJXPlmVpkwQiQoeNp5u//lNuXYX4OSGvDIM+fBVchHfPTUEhGfsSlJ
oKUTEmI8G19X8hGywEHG8TYn6XzzhH4thWnxiC6TouXtT+hY6PeA+jBNUFCy4+dIFJfdIXxPKurY
XYiNiLaKFR1h0EoKFquPYoplUdERm9JECPqaXFT714TAByBWS0UEKFzrGa1jf/RGS/IBGtHW1P4x
Kg/NkDdoF5qJInENADtLPe7/7Y0kqLhpe86aKthBwI5zsADX0KM7NA0bn7ErLy9LkppLVX6+g7Fb
AWyxL1DFMu7+DPVq7aSXrTbdhQrV6mKgxhIfg7i+0/25+e1FzLOz+fKcOFD4hCiVEPwWhjDSwHCu
YqGDjaZADOaFjPXZPYL1SkUaSaZXdZAhT+pt02a4R8d7FyaucRS4rcCqvDfvqPmlfQojuiJdZ4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
G1uWsRjU2+eQn6LKQ4d17PLFPJ/hwyNNnoB+yNO9hJk9/OpRTu7t5jGhCijtjxfTskt2cwWpdrqSS
z2htLGTYdc7TJvYXoNx7gQqD92/BAFeHaW3Olm6V/H9X4mGdR3gkAc3hverrduRJp41kjRFnInFy
GV2gqlLKqrJ0hoF0EtveDErAx2M+0WJqV0L7yRygwLN93k+Iw75hDMUFSIjiisnU1Pgx/mA8NtPI
7lRjL0cO6fb4Y6iM+Cclwyj7To736q/LxSnXlKxN4iaom32jUxpomY33W2Vc6s2CWuTwr01Fhswa
VOJf8D6toBGMBnFSyWGpryY4OL09owoCQrPjHY0dB+7/pJMK5RhxPRFHxDvHoGDl2x7y2hrRg7rv
Dfl1ai/BN+LSmPxuGYfLfxbShow2KSy7R+oBi1tj7K5VlzIQ9DoXNG3C0D/tvScLvUZX882uAAd7
kf+jY9pyxJeQNPZj5RpyXxuJktuYDnEU0aq1jHlueBUSj8iU1DnneiE3raJ+pGldFDjpRET43jMD
YGuP0MluAtCf2J2prG6Dtafv5OXoNlPPUoK5s/kKbNJLCqc1B+P9U6AAxanBkcE4ZM12av3afgbV
EREYvNT9J4ZE+0wwludAtVlT9O0dhPPcPTe0TGRnXXN4C+TE7kkTReknC6UJiWemtNV8B7pzJE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\GameExplorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Km4JtRzgM5hbCqg8LeYnUPS5JRQkaD7Es6XduTcxlZLgLD9EDnFMmK+PdIPFjUXr5cXNZatSBB1rg
+4i7/PEKL5DfBZNjcySgMSIsauKdPGxYsWfA5tzjLOBo6gqgK/9jnKLTUSdiZZ2B68uewqPOIson
j+q749vN6bflyLN1vbSdMcvmGKx2Y36cGhegOS3jzf/yU7cUbCG4W4CCy+JdZDk3t0Wy/ykpmqlT
WXXLy3hUY/YJ313KyJSr3runujdVfrGFbSx5kuL8gTewLhLH3Kcg8fL613ARow73hOOxFmfbxLce
Mb84k6CEndLMcLstLAgT0kDj9mkA4Up2P/hQ8kjwk2r9oZTZkikruz2Jrf2KIucYyF+58himc+oj
BRoO0bZFcqVvl9MebYbPHaescDPdToXiGMu7hyWT+IW+xVXZRsJMoMQk+H1PgdY1eXvXrkxpy5WC
GDYbatqrR/t6zE2vOk7AM0j+jOMircjRNIdoEbTULys8ePBltJq2ED11n/R2fg0/4PDfovTeoj44
ILhHCB1S3kixB04YSzKa4P3j164kbfu9ah+VsJX9V0bVqhtBnOF3g6KlgxZmvyVcYQhK0S2E+3Gi
5vgXP2gaBuqtZqCmnMXmDYN11iqr7esNll7ypO52DIzp0qQdc24wA8SgW2uOHL5hNm1ygkRlO8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012020072320200724\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FOGW4hvjQ6FhWGBU1SgPlIewU50mvLCWtt8TqwBNZm79qiZBgpK4VBKkoBmIZSgomg8KYKXnFAgcI
q/uxLhmNbRYuFnncIQIX/nSpWUeDDfrv+gvLFcciMKhCmsCiblEISlEG/LdS2+6KK+VKYCuDNQl0
lE+shbvlm/X+huOhdPOmE67ywRec2SajewGBK4cYjbG+47uarmc2MnqcunyprQnwDTXwRPlsK+cu
JnpV0FeCu95ljVjGPExqNADMI0xuNWPoa/enwvYKtGcT29/tM9UTf3ivtfP381Ul64Q5P59gHext
ks0mPq3pUpJmB+UugMRuxbMzK4216HR35QvSUPlNjvCggjv3PhTIADU5TCYJZj1/qdMub5qhw8YD
4U11kBffLa6TxibV+tU8W6xLt7pOBIspJVWzSab0VgZ3/SUX/3ff1Q8un8+SMGIqSG0E+9An91mK
qg90HBXZr2GTe2fsCcTJayIAKOzCfJbS+7mf0LsBI0JssVt7O76IY5uuS5txDU3UzqgEPHIGzq0Y
fRDMoV9poUMu6P1WOp3OY7fRKPYEyMYd/yUSBvxqxq1Q4yULl4UV9zPGdBg48bJTiz3CrL5TMGc6
ulDGxhnjvjQkde8o9pczbdl+RCKp4xRHBXHLlqRWOuQa5vfWcpwvgLPOTjB8cmO3cHuFDowTEs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\History\History.IE5\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
E5UDglYsz2c1h4606sykKY/V8bb1dBsmBu55iuVM720j6dOasnK5EuGNDHqaS2+eLXnpRj8lIyrTb
2juSj8xtk14agoHzjc7AYjwqaM4/Og6C3Fyph2WM6AXBnrvvg7SA2v0vv2wvDi7RRrl8iPDjACgw
AkpDyw399VQitWVOOZsBY4OdLTpB6zIum5zLOyYPcOSTJ+VhttCA0BsyRU5nrS5qWDCi2YcfXIat
tTxjM6sesCBMYhnBGx215WA0tyCYdmeYSTScpKZEUZ2eHGInnhC9zFQNmGgyJwFSjFaW5GYbpUrM
VwaNVyjZ5kRBJQsuDq7HmaDsYnJYkizHX4Avm+P0oRmA+N+ETZQdByZ2OZt4MoRmDiSQXJNwK4Se
dlJaqSfPGPh1u7o+NhalUWiNWQ/haz9LvkUsOeYdW2QC8nGRm+6eD4fkixwXJdqvptQbh0ZuR4ZA
sBiltQOqxERENjdvlehX3fk5rpm69mFC05dzij5Qo/gDsXUAmYkAvDL1UjxXJEDKbg3B5OTjA3kb
v8FzcBCcnvTd19TP6v4Z+r+tK5t37Yb7DRc72mMOU4cuVO3+qpXQpnRtzUOehMHHEXlob88+UzuV
co1jweYhrmCPbNReEDtZDRsf20hn0NT+vWAmPmT/LJ09r2VP1m0C4YgZZurAEwSJbWrzp3+ns4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\History\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
b8ySei7KW6UHSZ+kS1lqwNdP5ch8Wo5j6T4EZVvaUFtu6c6FebyfRMrgQ+OYYDTqN0uJuvMJ4kVOB
ss+7NUbAjI4qZtbt11EKKoXg+RlOKtQvUYrzNkDluajHV6SMMHiqlhRtHZ966fwLtgXSznctlW5T
UxBJwvO237sq9zWLkSvK4YGaiJvF24t7SRdFVGXlEwOBd3whxqOK+377QJJlQBQ2mt6Xs07bL1Yp
UPebEw6OVKSe0IQe2Fd8Sm++kEpgF1Ju9DiiCnI0AOegSATcq5sMQ3aLlnFYc4D1mHtaAF+pGYK5
Q1dvtBgrG2WJOTjK9xXNRlck0kcK+TqZoR5RaoqKoaLG4aueZJYpCJ9O4bUFn/Na/jlqtig+LOQS
hWsnP6vFQvKymTSh/0iW7hN2ohwk18gBZCNfUSXwh0g/qnt90+LddVp5wm3wxW9eghBMiyStQmhP
/1EanykamaWu6IZBYMj0F+TeZujVmx0FOizjpHnMcqsu/CU1wpjOSa9ldy5kUiAdPrBfyNYnwpd0
thsmgnPYlHS2W5CY2gxWaGI6s+81Y7h1jTr9XhP21Rmdev695w9CAxMqMMyVs5zYUltCrvAMxY3I
cJJ5PksbhDLA08y1hQQ9L2lRuMpJTFq+OQT0nyGdTl9B5GUz8djY3JseMFREUY4Dz0HLSmqLi8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\History\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TAaIFaxy1ZwbOdatqkKaE39zRpvxOaI1H0JOm/CeXVTEJ8uzSIZwKEldNUs9TM90Ge8ZKQNos6ofp
PvM+JWF4I8BNvcL92oDqdxPoa4b1S7cVcQATtenIuJuCbRfS3mmV6kDoVCs3q3Ws9r6k5Ls/ONka
Ex65Dz0ypSw5rVtxgJ1ZB3p1ZXfFDN4iT9mzQicVyy6bUH7UPKO4/0053ZR0GyTfM7H/3K0cbHOi
hXoCQJxBouSSBzfkBmMRfItA6BXb/6QP7t6EVSdl51WV17tvqsZbgjtoa8Kk/WVwWmkHiw/FyFQ2
txlmBj9vhvG17KA/RWZ5J1VEnfno2mJ/nY+CGix+xa0l5KPrKJEzkw1PfdZldxEGoH3DC3yuwj4n
E2ZMWaAYfVR2KVgnCYKFM/PFll87pYM2drMhqaILYzHW00pU0MM90k31AW4DO/xtGj0+OWR2pkkO
rgNia+qzjvpQX8mSdx4b6OxUYiM4IIjtd3jqiw7UFWj/eMUroJhLSoxiEs52OULzm0s07b2YVx+G
uO2jsI/ghWvEnz9JYXv/j9/3vD9wKDtDF3Wq4Q9IjJ+ZPirM5u4SbbzVY1ccbPNteN5aiwZtK0FL
k/BkNtWAU9o9+Srq7qg7Bz8ThoO/C9h5P4mRw8wkRhSlvhprEmyPCWs/ufPk9u7XoZCTfuF2P4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\CommandAnalysis\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jnWPD78kCFvrIVq7PTY+miGRfXcD/kpXaXSnnw5n7Nro4OOobWIkMvBL1qqBKuR6mAF6XOUGqOcjT
oJ+i4iLm+s7pFhT35C1OWNJ2livKIZSkR8CCo4T4+l9Z1MDyyWFtlsW/naBqev4p3qOS+tBpSUh5
4koLZlThQF4E8dRtNZFWkAB4QRuNTo+iJCGt6DoAC2ZrNOlgs9eEiuu7WqXzQN2hvx8I/Hlalys2
VUFoXFuaed5YKSmVCTh9QLUPmsK/oOVWWK2RSn8zsw1WUib1pFfrqcN8XnlRv/Qdlo+xC+Xp+Gxi
B3dgC8NHoVpyGrhoxfvM5ZB/CsAsWpr+UyOE+ZQ45bMZMDxFjRP+xRwCgzC6SWafqtaSwhv4paOp
3xa4j07GLp228/8wIE0oN0q3/wlkq7SwF1tAaA38QOmeEImrNOU0J5nu08W5tnVU+/qBJd3QaWcd
rkbtGebjP4U7yyYBr6tdWCecQrqjB7db+GZzhdY7U5RpR5CXdqEz9JWdZLIFdNKYNIwd2ikz23c6
qIL+x8Tzn/msR6TVIkcLm+wq2zOo7CzRSirakBsPqNteTmY7pZ8R+k+PCrTHg36z7ve5cUi4Jb3p
MALNnGTfmWaUg70GwmyX2POImQrGwKyHhIT+8wh8QS9nk5Q0qTPMSvfAXXVyqBb1/Hm9bWf26E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fdoSlefrf9XudE+O5T31NrOdPItR2Yxw1lykfVaVPKN9i5k9BuFwV7T1pBlKNENsto6YmZPBvJt4G
+Op63h8VIVms2ES9J2kiz39Svu1ySxnY2/vdzYNDDCpZv6eKvfc3KuOFM2nMfAcFtFY9eaV4Qjny
wzKDeQuBdHnCzU5qIGP27uk7WesGB9dGz8x3Fy6ca9k6X08uzYVehmfa/qBuKgUSkBKlP7D4/1in
i7omo1ULXOET0baGQTj5i/QHOLh/xhz6pgFu7axT1Z7ENltUcfCtY/kiwzwiL3FaNpv8F6gnpHe6
SGemVh5rrj+C9FUpG23Yl8Rw6d7HR4uoZox/nQ4be99+Mgek4DV95SWTq4NZJksIgVg/aHu82gqT
v7Hs2QE3xHokTUKrkv+ggauGWipj24t8AmA8Qir9WLuqZVo+WtMo4AtYxlHxxX16Sx8rkk1yifa1
7sXmjgvC/4iU4oPJszDj00q2BjJCpoYbModj7vgWT0hdr7xmRp6ph55qsulHuzCJjhE5HZI0idlw
A67Up90GPg/n96EkPb6eKa/cRuorm9seDUbEjB0np2AK7YD1ECfCiAFYiQlFc8ITIWmVllPMMMiH
YJCIUrwID+ZWq6hmR4y5GzsXVqTZsGzBx1z7GLRAgUkhsdBCPBkYYcIl6WTjgmwDbMsqv0R6Tw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Ringtones\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Rd/HKZ/YLv26nXHTSueF95FobGzNPrH4lSV4yQiEgrJ7A9+J6xbhloGuaFn404u3T0d/bqTy6N14L
ZrATSfHoV9Iz8sjRI14BqaNb4eUrEv09r18YYBk5Ijm61/Kddr46G2VE4vdaaEfWtjoF8MPtUmm/
vCSx7HKNTSSBPs7PxJ+/bAdiSut41g0pglpqORFHXNWar9iYt6KdziPshhpvA5iHkgH1VCUns/sc
IahRrIi8WG38pEX5oRVIgTTo1E8RJEybxstgMIh9T3k8NZw6Wk2nyKc8pEEKUTTBxDpxpTQA9sxo
Nf8CExnENqUJmjeXfQEpAGyGENgARd89xRzO+quM7mZHnNL6NMtqBzwMTvi3JHauVBXXFetrb/SV
FwoXFpZ/YBJ3/SyobnCyw5EIRo8BGPaTzyMxzycszMpMwWMvI4EueUdY6oOL/ldoEsbyb/lw7+F2
aXI939S13yPA80R5hsLQ2Y3bXV+nLDpWGMJV25YYwIghCGjntv5xkEQAwAGS5teJPPYDhb4ujs4Y
eYL+TIAs1L2GTlHXapioyCCDE5oxgiLEDxEpH+hOSFCoWvnb+WjcUpo4twYQgFe6KloSeCZtD594
gIbxb+cWI0MTBRCLbUlVUmwJZDu1hHgd1TksgHubS35w+VRNhgYd5mHJ7dR0uuC0g7ZG6vLPJc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25G6S1M0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MDVbXazKV9G9vdQI3GF1KoEHejfisk7LAd0k51QzjlkmQ3RH0+nj+ILJntpBz31WGRecF8SaujY5i
OC3e231jnXEsSedumErhls9IUEOqYcAwhy660MCpHndmRYNVAfeiZTUrNJhzZPFzl3SIpbM2Q7XB
MoxAin/g+l3Biq8+6yKp0zEghkFzEKzdCHYiKYSRdD6o+fexaoVt9F4Z8RcZ0MJcYOp+CzAA+Wfs
xHiq9B4fAIZNauBSe5tJ4M/0ImkipWwgknKA/GEmRi7VktOZgqBIXHi5DspJ+Vo/etTw5dQIdXpO
4JXXVljVsvtviq+fN4uM6jQk/JKcfNvrXzGV/m3o6CBJuVysFDWFWpwpWJtZEXxqICQwBfV3vNWK
/RbIJbMdaqLR1MINDwTmi2zzk1ZPTTrJqEsvZoeyFnDhd5e0ar/xszqfD98CpGtQG+hwm7IT2p6X
Af5oi7qOy2oN9SKBlo+NtRl/xFlL2Ikv91lNBiLIhmaGpXT6SeQePP2SAYcsZJPbqEkYQ10DCfcE
5+OXTcTjI+5PJhWQTH+bi28BLf//AoG5i3czrxG5IPgCCJ/3wLXDs4BagtlJhyIvbusQgLnB95AO
mzbRvPYxnsuuHNB67r7KtWhCzH2gPFy5NkJlUXnbDi8x9SBSMM0JT9+dFoDpZAkH5AtI5UQTzE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4YGXBUEA\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Mhnx3IzEUIU85fIm944vCNl1t8yrNIeUhRl+pUjkYrHFdtf+KPA35r4DUO9K/Ut9GMfHZwdbZhHnV
+STz4sXnJWwjwA+tvBpJP6FbLlTkdWfS7AKRT8utnpzOYK/h5Jr7V9rNrZkhUXQ9eVw6zqZQehek
lLpEwPUCevkgmCv6em3haIPPb+5qa3L6eAz8k1+BkMHuF9E3okAyrM/2L1Fdlivi3oEySVpMRzJM
TNx2mGD4VWP2+g/SAS4NLKlBsYw1/M8IyCSXL0f5R1svoHH0Z377zcUOAmQTg7WZaMJT2FnuoxIS
ZOv3EzOhcRkN70wsdQeTJl9qTWE+sHYo+p2BPbkXbnBenJYCa1vzp4x1rsjgvyDnDBpyevmtFc3a
fsLJ3NgFygoLTA+1C1S2Sj9n1oyubvFH6z3YVETB9I7dMqw7QptcSViISx5k9m91LMWsmlLQUawu
a9pV3RLTifqvUpz3KvLryqadTcDAmj6dr2cTPuBTx8ReZd1p4fLcT2UsFPq1XLSRGOAMN+IwPz5f
/ILk3ypBZvvJxyKW7vUsnl3cH7DVBEaOPZRS7GeqptrnuldP03DSJf9mTe05VKS/89wffHPFxrnO
+t1/md95AMsDvmMnRlpgep/O4O7TFDVce52r+4XjniI2aydJ9yaJHlWKEqt082Il24G4HLAyjU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B3YTGAQ5\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YVER3vq31VzD3mYKTMkwEseaj05Upbz12WllmeOY96T58Lsf8yiXvCmWeUf+QvSLG3wBVRby46nd0
J12+3VbCKJNNo7TF5iW7EnoiQpszDo0SHKyjB/JnF+Kvg9CxLI2spRg+L3ZrO8YMizvnzvGrVYjz
jmLX6V2WtSQTgU4mDamvgR1l93sAWd9rJF0jX62Gz5Dnzcp3cCYogX+FbFHkj+iAjLW6mgq14TT0
BrUHWDsYXtGmJ7HGzqpyRZgOY5uJT9vnGCEz9FFXHWOiDnEQgMBwVfNM2M8aVVapmQnIzPBLDM3O
EGkscpULOnmB6lhfafdkMwoWNsTwBN9mc8vpGe+rS1ATDO3HirbGs9RIDXtkcboDnlWfYENY1AZy
fj1pWA09qK3MJtnfK+j+ZjYW2HtO53bORok//JlUIglWSSUrzGZO1OHeNY0lryTb7oMaFzsvlWg5
YkCFUAeqxdt+hBz5jw7Gt7Z8nz01OlhyQw0W8P/MFH/ZekeJmxfQOmt7yygKFhOOwYbL1xirIfkH
37hdXdGs6ZgBkj4oUd2DKbKQotAvVHne/ComJb/T1Wyc6zIeBko0uOj6BG8P+W3UgCmX+h9JMuCy
HTqWd7wlrsp9Ie7uaQEgm5pFiEWVzpt8qnta/twJgx+yerQE3HGX+5GmpnkD3P6GSNqq8000Do=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6XW8L4H\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
W2sW0nKSIZsXAoeDxyRDr6y7oMKWaMpRsTq8VisJ6J962Zu5h+7k5ps6TKcTKFOunl8JmGwMToOY9
J6fT9vE1ZeP1imbtvLQSLIN0oCwiXAP2Z+GJpkAFRtNt0CrdULgKkfjoWHsqG8whz64CEgdly83z
Wo+09PbWICAIo/7Owb01EdEk2LNbSp2pJCq1iNaC3lzzWJJ4bvsc+xk8YDqFdEPBN8OCYLX4R2K+
wLxod5bu1iHLD/WC4cdLJgCPvv8Vo5lwF25uXuqmZadfFY37eNy1oiZKHrKnK8bk40aQx6XbLkw7
v1LtdBKx2cecmEsnlUgXqYvBErZISk/ZUAncIc9YI0LjBf0AR/r2CPBdPzUDMs4O1dF413F83QoJ
gvPcGlf581Tnoa/aKsqDhpmYpQmgFoNB6s9pZQgM25py0QXA574fUD0MpMPnX/5F64eOjrKdBAYC
zgt0uP/4ZzWnbyjhZ4ujUnRdU7z+Lyx4tTLdku/IFoj5v3ol+HmYzI0/kky/po8XBlLtfhfNHOgs
a6dI4lrESRMIh63Cre7A66waWpoSy6O1WXP58R2YfH/oGfy/QTr4VUzAg8ZhHPh9EcwrqAULURRX
4cJiOPcwo64KLyEj/BFSkvT8MdXWLCQy3gNP2siftCFTw10RHJ/dhoOS2gTKRarhqYHIK6lQ4g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QIP5FJKD\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fmlP0I8s9ySIXTrrr+y+fGEwJoQTE0u7fcuP9oKC2z3bv3wIJgkdb3U238ha06RKAUCAerGbQ5V7Z
LuOmWtxo9V5kcLl2MTvXtwJB/RXPdzkqZDRddZA5gPE4vxuGY6/r06Q79cMziGIug6MTJBXTvp7c
EKB2LMD/sYUJeFzgkeXK1cXXsPH03ZLiSKKfc1ok2QZPBExeHg4bC6/ygRST7B/soDn1WaZg2bUe
gqvZ1UE1r3pP4CcytWTTeTZc3gLHCT4adqOBlbvHzIUb6Eyz4T0Zr6b00rhRwVeQLQJVX7Ky5RpY
9tz6Xendx81RWQIvUcxinKPxKGwtlkFbEqjUp/lyQM1ghBVwh3vOXm99SaadsseHi7iKcaUmYJI9
nxVggt8D6BFGERrTplfvBT5NpQjXm1uFlbERJ8MVZuieZk7CwfxAtOGh8h4Yn8+Z7Ks/PLPovIKK
jaa1DGVpXO/B3XKN6zJGqy7ZfJcTj8I7YKEgQAP1sMophK+UjdtAVh4ksN+ffXFqp7NbCBtb9ucA
UUxgxY0WK1PMCpa5gr294SCqECZcumHpqUdfkzbv+cu61cPg5m39AmuCcW9+V8O5D8cVNYjYucUN
X1vdIpXXq24jcM2cu/VRvTkfeWFvxqA6ZgesYLa5kM7r2LfQhnpgnY+p+GbnkB9fQqYlqgpv44=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5IKN59D\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XfhyitqtHqDFnDco5t2SuJWPHoaav+vPiScY/v6pMretWng53g8V16nitxp83Rkd6dZulhQr43dqi
PJLGx4Z3+jQqpVNv2+xAhOcbHCS3IcqokWH/DV59r3a4odMHMMv/m6CJFIbtyrVbfldMpEjXZKz3
lPj15fuiH/1b3G7yBR6p/nnpUKt1rqe7EKeIXTJdST7CvdGpICXdbiiNl/4DrO55YjH5qUMEL6S5
waGylRO5JNElQW86N4cHbC719IE8olJEzGAW4ypdiz2YrVkbBMml7OgCMpJSBiBaxgRUFip2A9oM
sBt18JJ36tr3EidU2iDsBK789EA3ReVv0X/T4+HTP8Uj/g4tweaGtG+hAwZnze/p19UwgPr6S/GK
arfmgRt2p594dsFLXJIfjc6O3wb5ePefcHtjwx3XabbllUHBc0i4Srd2aGci0H1uSuZJOYNXcd/P
/H5RJIL0FjYoT4qPpGE6Ch0vQq98VaFb/FisOZWPP4UB+Z40bKiA1JVHAj0j4SodoR26TwQc4ihj
s4kVSVl0yXDYWOTcYp8fu8T/WP4bD7LRJmYlzYygjR16HknQV/X4MXz5H1zaIcd32XGF0Gw6R3Hp
YHgdlV9Abz3yawfubBy4OIgWUPgvBS15D5Xj1afui9wrgI7xpWtysuR79KUxFmWCLqVlT6dKEw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6XXJ978\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
d0b9ZNDNZKb9PhuacMeOHVNZolfZO066JlHAc5JfB5ZUfu1eHpYPqaYW7B6Fcrvz5lIG7PhP0oYoE
rpNING1a0TJfetTAlWniitucelXnGnb+70qlvvr2Y2zzHw8cMz6TYm0vP1hbFUlWGdRoEOWpGpK4
xQILfikrdasiOj3CH2xjam4qNImYA2IuxQRMlzoQ8lqvHzWd49LsSpxPyKI5qHgtKXh/WIOFcmFB
qi8vnibXRWzxUSZleU/KVP1IIkrFsy6JbTE0pSp9Nas273gsuToKfFXhAXPX8LDvoNjkQgSLRdQf
0uH+PcxA6XDhSZVXFwy6l+uy9I2zP085aRuji+1/bKw+2oYSdOi4uj9xXbtpwawDFrxLEvd8pVXs
zplgErBLI70f9P6EwB4XTiTxLVAB7iyy3L1DeqtPS+wiNGHV330H86v25TqGOafj6RB3TEa3MxKA
X2zRj8V2uDnQsy91dEUdIm+Ybyun/jzqwxdxK78m3AcoOtPOqvPiY+l1PaBkqPO0KlaAh8LbXFb3
/ZZOkmrNRm/afFOttjQ0xkzFAB/GACAugdyJGov9qUanpUravy3AqbtPBr0uL0w8q+hPiSqzeqEg
XLJKqMnknhxjLfDwuQ0bR78nZUfoZL/IlmzZ1QjgkdPvMrQr2h8ql4Wlu947rSV2OIDMS5ve3U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUPYO70K\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WoJ+XwZ6UkFJBC2EZAaD74jLntaFxTu3S5tmgC6uo2svg5rAmG+8NlWjUUjOJtZ39OJRCVdcgyjT9
rNa28LP6wJ/jbUu/xshnfuXCmV1FN4JGOCxHmD0KyD/puRbB+0nvJU2iOfFH0EzivafX0ppjzYXH
b1vr80MpJE42FlPpS3wloLS5joH2M8Mcq12yjovNUFryjVttfKE2kro3Rzw8FfS4+3Y1vkULIRUd
UR7VZU8mCdbcfr6aAMdInKc94uFbx0s0HQz8fAw4NY1Z8HhxDXm7Js+6kvjkJoipfo7BjT7pndwo
lpYihu7OGps/6bwidtHtctZ1i7grHF0nlLUalrhJds54+U4Z4Nn7PWCOyzwhIIe1WObwcXalm3vL
58uyoKSHSkiBgR5Pa2cUJWLgj7Ookxe0IR02dDEwnBtXVFbvg8SjDhKAGpTgdkRUFuOI4GAu8Ehk
DeAuDL4k/annBo2h875C7OCbDzy4mkJOORlWYieDYHccCwFidds+MbQV2WJLdUNkIDpL4XT4htf3
s5m9MC6qHLsH1ziMvfNQb96eYmTiy09uPKddymEnsDgYieYE4xR2jm3Hd/35CEUGOVO3/6P3PL5T
NbDr9t5Tqs26m7OA5uw5sT8gCcO1dQrO+x5BKBIQ+J6VwLfKtGiiuX5xgHfQTH5pQy0I6mF6X4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IgCxU7h8Hsx2V43CwtqFt0gwdntXdgpMhgixTWlGVITSXmJJmPCZucOlCF69JHc+9QaX386+8wGVf
I6q77P3My9QO6JUW2GCly43SCz517Fd8UPJTh7yKFzfc45L/uOsdqoudTPQQBPZbZdLCU2qfskjU
g35vaQQ8Ir6NSfmkk77y7hmUj1vyLLX7g+h+gVQDybzMUNpETDeuzid9PveZk+sV/ZTr2ZF/Vlgw
XpUnSoi3LAqLklIPJr9JtD8rnfYgu7ifE8wfeGnPT/zj7K2FYxUCmphlFUe80lfjxil3iBTrMNRO
NDhFX3PwouP6MVug1n2FfHbutM4fbISai/Mos5siUPOchwKb7M6kwjaqizGe2URj7o8KnYL2dYni
CbNozvyatUtLsg06zlHWLJ72VcovNvXi08yVbkO2JMV2PN5ovFr4qXXFLy/5Jmxb7ju8Kts7Cr5x
z8Ogo+WbZaEjTf84dj2PHGtJR3KJouH8kTdVoOgCxHEFZauPDY4lGbei2yKvYshLJ6TyYVC09rAt
jrEwVsSAGHzDRxP1/VjLlrPz1XamdgaauPzlFTGE2eXCUNQRaupIkRjK7GL7Z4+dXEld0nlm55MJ
McPDNJIt0Y+fb1irsZkUNDGxMDj2MQN1JvdmWQKO6GiC7KBLU8GF2fQdZuSCaGtq7rmH/7Dn+k=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HjPDe2DkW7EUiRCy5tqvP+1l9LIc3SHKN9EoZOIoNdEVXcWTczpioL4N2mmFRs/WUsWhyhLbz3fYC
hXg1jWkUNC54UywCgwA5WKpwb3p2bftcFWfJgamiT/buTukVpv6TZ6cg217qlfVcSC4pfmN2u2qV
AXNP1iVR+GGX+7ASj08xeHXMWSW6nvB03t3OgmXY7R7cNW+EZILXWDs4kgDkm+8gsCbhCYuW7Zor
L6gBcKIC8emZsCfXyZIC+l5IYQrIvJQsWH8eofZgwiMxI/AjZjaIsC1flXMXn64WFlypla77ZAVS
8Vkazlx2LQApo+2C70bYFII0FZwU7ATIdMN1sybWjS5bLRnRAKAU8Rk4LsO90RbDIocntbZ3fSR/
oTnNWIHkqFDU9EsHZtfgDjTESJKCWCyVgIW7LlWaFH8GGN9meHVTQkZZiul2HxYmu1q7wmPTFFrL
woFt78yXLFMrreWUgad4iOKqWdZwzOeSPdan+ly/faDl+36QZvgyrsHOyFAWfEl7a8q76RHVC24p
qFhe2cMqhIKxd8is0xNJhtjWM70wKDN0p17sODvCj07xVO/e3VKkPJ3tLcgGyCU9WCd5KoH3uDS2
xoMwirzw5mn4Opltj4jgRKZgTNlyZGj12yg1sX85rNJSN5M81NA/4GlizOit7UyWeYYNVQvmfM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DtO8xoALb1Y9lt2GV5ysUaqFFgJikjpgB1IbPZkQefyQSaPK6VypgvhJdRaVTy924CgfhwMaUR/g8
RWpnINIY4jIKFYybpjpbGrYC6JFt5mrewv+blDOwPTvUcZNsa6qk/KVJOSeqKgIYJOqLpNjhP6mI
dvFHvsv28ZWKf7GgDaE7AMMGZYWdzlZApAgBYdv1OahCRIGAs/SDKqJnIy0mgIPBYza8VV4gVQW8
SrGDZYCHt0OdaQnMcwqnGU9OrxBAgMIv38er/tBOXdfsASCAyRRRSZbxDZT9uAH7PvfQLk6R/zbo
m4YyD1d2vGuuQLq8nDdRl12VvwDgSj1k8BoEBMcm8rmp6IPPm+hZdu7HdvKfiBqlke7id6CN8v7l
EGc9UXdTJxpDLF0bSy/g6+Xn/qMg7kShfet0gXK40b3nDcOIfI6G+RWdsDyGlpE1+k31XKybKARO
FNMCfC4R3yWE7nlAT3WPxsqgPHfxv+/Sze9ZbKg6uJj4X5HrvtAInM6ZDr9NMSSrTrcr93qBVjfc
7ja3PO1E2gUlTcYxyyUw5mNvZgKipcluN8LZbBGgua2EJxeHxOjFrO5324xwr0vo8II86YeexWos
afhj4EvGZupPU7HGwqpCtBVevaDzoU2imVC2C5bwntxYGn3/OaO1FHLQ8OIz2okSqFo9d9pH7w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FEDHpp53dN0OJzP/S9R29pNkmY0kL9th401ZWUvMn1ypDnmE0twoqDMLefT+90d5mw5yztHDt8dJD
IeTugq9/BL1EHc01VrT6MdvF3sqkomOK5/VTAOqczA5p0ATdV48dvntOIppGH4f37tP1SXjWqwUY
SlXV8J6tU5cI1U4ALDqz72uetCtnzYTzYlyRJeIbYAy9/6Zryor5HUh83PEodBVzomyaaYED5wXz
ETPNdPDQaIf4VSDMghvhQJC9nK0spwAbtt7U5Ek7bTay2eKtyhlpe1etNQOjAHTw4kuGNZv6loGW
+p6WO8WTs4ytmekx5SHvCvbdOTa2su1MLASRKNKa9e7gO0c7Vr9aaqigZSqXUbfXekG/4ZhIKh7R
7GyRywzmzHKe+IXh0WMFafGcXumr/Zeo7v9BzBMS+i2WOowk6t30oL6OJcLU9ifJ0Fbu70/0kK7g
PzYaYnNHym/r9yP6OMPjzeBcIulKKawC+8k0t3amIPq0y1xz3zYTCZ2f7i0OuNei5KY6mx84sGs+
LsJ4b9qDsFr5k8xsUrRbxrAb8SwLTE5TdJHSNy467g8sgXOdaVXZlVi03SUmBDEqHqhbUS5Mm166
uHh56oNO0xJIeyh/cYV7YhRD2OeCCMFkY+yGgGE/ko27uWJ3q9I+uUeraBhWozgb+JBcV5+1fs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CcJkY2M0JnvK42OLvOQ4+zdFvSnX9kIG7fDD4BTRPJIV6K89FkQ08EdjEFewMV94iM+I16GDWQq/W
stadrJtn4d7aheHrVT3WKj3NaFJpA+0XJou9TzpV6rRb9y721MZc0qEnzSrTDDECyF4Ok9TkMCJ9
gylJYL0EkKIR5DmWhMiEOaqjFqcDDaXu2qDZ/fyYxkZ9b3YLZqV1EJQ1myVw4ARkRkRYAKm9Y1Dc
j3VswEtuBbepV4bQpZehenGFEZl15phjabB/sRg49I/S0xssj0PdJy6fwkdtAAEL2BZyuZ8jOwu9
HhsmJkyqqJDMDXFg442xL/TJPO2oP/D9l8A/0jEWiWnSuWNnIcM8YLz48mMoAKVyppDpB3qcrfoA
t5dyEy/glx4PpG9v3xhin/aisDmxUNEKzoH0j6o36+U72/vL0vy//uYEu9fLFn/qd32SmAIuuuBH
k2Xze7X093oSjVKGyQeXV4zHES586Zr/dibMXJsLKme/BDPA0OvSBhl7VB/19XHanHvGHbFdvhiB
SvD5YEGRkikuOLDVVjk6XVtlN7pp1HyIaEDaglo8oj66NmVVWuzTy0FbnJmm9lcfQhDKQC1lUR2U
ETOFjGuVblhW72p7HkUI/6wEXxEQ6H0eHhswQgic8fbvDqsseCF2cyjI/u4zQgqW+cGRCBqFr4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HFR0Dt3M5rN2v9ssobVK4ZNwLhn/OipWXjLGyBH5xRnwrLQM8KnIA1egJuvMMsEA+FhplXwyexT3v
0psUn7oOwBwf5XgH3OSyp/a02NKOYXu/I3QV0EUZgNpxWvPpuvAgndblruv2VjBhpPg8TkiG7PPZ
aFKz8ezFaWfRG94px89ZaX5TaWDQxAdjOWYXKXi9Sgyl6x6AiRH/maOynGNDn8FB4pJcFbaMD9fU
uTNsPoY0RiQQ3GhsGi1sb1+pD5BHTAY9RvFra+5annb2SQ7rW4Rq91VgiFmiqChTS/Sht77ZMJx2
yTtoaEiVvfwIXj/tkE2mU+ZOOkHAzwYQ6yEfSTcgYoXl3dcvCWV0PMCrCUSVrIseoEFUPOxaWWiv
a9jTvi591MQY7uBZF23NqZdsHLLFjugloPpgtyuH7CH1NZtp8cv3T+Zs89VPpPKNiQsrWszijykY
Vc+jMX/l2vONf0mDok48Xr01iL0VFKDhlr78OlOQ/zo3q2s5BolMfoY8DFv/D4NIGDf55Gitwh4D
/+mrXmcMEWCh5Yx2+WyzcRyQ89cgP6WNwpt4+RTSfYp3mKE+9B7tlO9C3KKvnYrPxpXDhA+VWQ+x
XOkohWcPWJUFKjT0sv2Iozexzj/aJFj12hjMEV4mm4OutxlZiVswXCzurrRR8jLfG0Y7aCQs6w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Music\Sample Music\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RB/qtYZYKnezCZGQWDtoDrb2CFgrmFuu7WcaD09QMT2Faq7rVXnJIIgkrsWj+K5jjp1HkVyMUSAn8
TUcXRFv7lxt7KdEZRrweBjo5ihM72zebQBZ1Q2C+BTySy+jEHYByXWNrSmjUnFcFoAoHuMd3tGf1
F24Pad/Nu0ZELoLc23XtJ4CAqj7P5IDWK848PauuNA9sdroAwVkDS7B5e28Pv3fJh0soSdcusAQS
pKlP9AtyBAtGwmdcRo/Oerx7yxlbjYFg+yDQjOaM4iU+ERQp37t67Gm1QH1KUnMgNDeZeuGIsJOC
ZQn8cXwGDaONVd4n8KV0Cw9I0kSVkRpsVGgDjGTvSHC3Mns8Kpo5gL2nJ2J9hr4qYIYpiV3/87h4
0iISqcT2lCQB4JJ/L6yKCspFcAxYiC1mZZPfqCaLqoirlGe5uLiWvRRodTTp0glqkYwGBLhaOZtx
DVMCyLMsXWZ2wz5mLzVyJhC0kntj+Htsl/7iCG8tlSql3aHwH+ldzeMfp/F6X1hae8XJXaTCfqT/
X35jUaP99gROsM+M1Nzqf56UCl2rjFkXwhGTj5mTow5o74QR6F8fvjD5hibJbwfuQ4nEn2AsaBDR
CyWT5BueEcD/cUolEdhqI2TSfXLXBzk4v1zPAMltUohgGbm2UYOn9Neb64fQpiISr9iSC4yxLE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Music\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TtYXuoXGXdLGP2i+LR8++U9yGwknFjyIFJcq4LyFAG4nh9GVZspapZgljxvBOVKf8ybw0WoKlgd+b
pejKzEPtBh0+B0lY62u0ZFceV8TVtmypP8zqJIQiN7Dy8WUCpX0hOzLz6/mobwwLV8kI2LteiJIV
XWKnFBAt/pPPq1Xe0oQRTpeie9h4NHI4XyCXKQm11CulLuOb+ACAQq0pPzac3Y837tFBcoBvGXZs
RlwSPt5UtvJ3J+NTg0CO3f6d65XDzhg2qHcpfyU8rd3VosMBeOzUtthuuM0p3qBNyNcx0UmwmdbA
/QqmxocmvNUPp3olDjpVK59IeZgM/uYFOkT7OM47pGiayNFElF5kwsmhpMdfmENxMV6bgN6JcU2a
/XhfsCqYqKEvPhDyiYUXGPvJ7MpLYfDeVgqY5ACxSj/pUoA9/iUMeTYvwtd6oJtyUgf7McKKJzIw
YYulYQSYQdY/m4nwburCWAcPpe+xFfKdwfNASEIvkqMFBfitRHoE3aoJwq4zmS5yOWTqBTgPyyim
kwLyQL7que2+SvWK+FbtEclx+5Fd7VI0YCodAvixB+GlgqrSHiTNHGWcUKlxyZbU5A2XKdspAyCv
Dasvb72Mwcxoy8mtg55DDqXld3Id6NWQ8Uj/+yWmm+SePYPQaLzZb2VKWFca6pr9bQkgTjVmo8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RkTT7Bcn+AAXTqDpYtH7sBA1ljlcWgcPpwodB0ccn7b9VYYMfBiQQn96nbF5csgczFyi5misvRIvO
pxU9/H1zkligTy7L7mkM8eUodi+NK9ar8Pu5U0cybLnWQQ0KRualGx9UoG/b3QaQn+JR4T1ynud3
SH2CmOsSFoNBVVRqorHx08XClnN4sUlnkCG05y2GvFW8MqzpPDMqPyoojYncgpslcx+7po3KCgga
GLTbqksnJHprMCy5cWzQ12dQNxnrM7r8tFd/BXLp6vagDurXyfcyThIbOJIyAhPIZ3hOC6ZQCNsZ
y6SM569kJ8YfR77GhNBd2uFmRNqYhYLgAS0lVVOAS8KVbKJXBZvEfh3WWlyrs95HKNLPls8HxP8Q
9Q3IBI2zEugRMkN1qIqTaP/teCx6r/gYNNw9Ha6wTV5O+JnPotmS3GBn5/6Z5k75Zlcyi8cUhCcZ
igTNdW7119nYrfOcRqXQtzLj89mU88lFq37Nt+Rlaqc3xJRjb447/Wj4OLEocXhI2QZi/83VpSIg
nLG+XLFpsaAFxy3O/5PAIG6UNKedfWSBOZups9q2eBQZUQtQhHKqcnvnJOUV0/3/aVrOdrKlzTUG
MIji0BXlwmlkgaN9jaI7x4jwi53/O8q3ZnuCG3Nb5gBSuoDCt01F466VzPNiw7nYHf38k9Vy3A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FTWKX/jYWgUEtC3MNCWLPAhLPDuY8bGyAG9GXcrJJrxh6LYv1b3oGG5TrZbVXpVjPKPbxA6kZSIIE
sftTM/A2fcE2HVFylM8s96DV4GUN0rlWxVQ4G3aAF604LnxGMGq4qIdN/ImQJww9TktZukw9ataa
sVPDmksTCGObqInKkivrnjwwTaF+MBELXkMfWdSdLNnbsA1j6LJWMVruY1/WUVq2E3sJOWwQWLSc
9cgu3Rd9KcjvNn2SKoC0TDnOhOz6sts6yQ5AsHIJNKWPRL0DELEHrZnjsIf1H8YBEgEhQYi51ysR
AgdApSqS69e/tlU1fd28zDnLopQln9QM/kJOCTkvHt8Glnj1WFa2Qff555Tbgloq4YUUe/+ZcUL2
zOJL5ergTeIz2Q5aUzFGnu7BnTmIhZkXhygjY51LT14twby5MGvUsoIjvzNi1joMypoD8jKJ96R8
oyX2tc5s8v0BqTdePa8ktn+f7eeyp913AHa96RHNnLUQJ7EfaqtQTKTwEJOWZYs4iqXXX7yhW4tV
L9z0jmD4XjiC8woNdIZUeqdjpkmWyBhhfukWgIPPz8SDKIZGpH+SFkdEx1vSIKcPm92U2me5UkNv
DB99yuMcALw8T1WP1W7081rfixD3PIpAiCYZoNF3Y8bKB3tMxILQqKgax/zIYe1VuC7R9tAsQk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Pictures\Sample Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LifXilyvBq+97YUiiJwnKZxdKPH+HzmjnFd7g2SIoCkQswpWpPZBaCNNUf8N/rB/ZlLynbiMnSNKR
4LC6nnxnGw0Hr8HV3gE9PNoEFJuL+Ds0rFTROy/Q0AlClCRLBSRmx5h8OG5bZ4E+d6QfBMYIJeb2
Z4mLoSIJtWmutv39dTkNy+/WOZ/6ItecqKirr0sJueTttuMGlbrXI/jITYZ5oIW9oKp1CK/ZTEob
o4TJMBBrSYtJWRiGv1xcxQjzqr6Elh0lWbm3XRRrac52TIXTWVFJzqneaNBkCe65utW9O7C5yuSU
VO661rgwBI7oesSiCiF7vxG12iT8lYn5knWjgdqGgOfSmuUQi1fA/QCdSkXBOLHj3C3eQv4LXPjr
ejtokoslqsjxSUktnYzR9HfMN/FEjn/Am/QiXFAyx4+BoEXMjZnMcTMrthaYeNlZN62dpjyncO/2
7DKhaYDi9XDFoU/YH+j8tkjMAAkN5hkzOxLtmB+c9+112UXWlipVoBopMSfjliHr57ax01Z22PJP
XINeEVIeakFSVcvxEn2U4qrF19bJY7vVHIVb6ToJNng0BECrRmvKeUYoKEuBTq2Z9/JXuv4MpxkJ
ehoMojOfzTwQV4w4EjxjD4KdaWP+IS92CpnhYEGkeThXVvTCT6Rkqf1iwfWR/EVoUKXt2jEdtw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IgrAPnIA3t1ZIv778tpSjBPMaKorsqjUqoPSDvLl+2bHlOrBywDOLoB6lP9jn5FzDExIRaG9WWVVM
xUnOh58YOCky7KT/F/RMUP2aqJ1+yy6hNlZYX6/56ENLdOa8Y8rQV1gw+ilGZb6MXST/+Q/3jAOG
YR43YLqjHa2TnR0JcXfhcpyJAyKxs6mLhS+DFMQ9ZBQ+VyUIkmayuTKG7d0Fhi85tUitdL3JSEZT
zxNKS9iGgjbxc3FTGXDkaBC/1kfrketk4ReD+F0LF5YES1jomZ6l1KVlURx7cxza90YQxqtEOoWq
jVrLyWuJYCsYt0MhULvrTwqkcI6w2K8EAJoJw0YEQ3LkKdKrHrTrommwXLgJQ6+JKm13byj4myF6
ajMBxTfftO2GfEPW0LMg76Gxu3QFs0Z5e+LTf1b1w//MYA2cKvkZDHVcMwC7odvgGyY8977024ir
hHbiB0FTGZntl6zdRN22Ad7pUpnwjFkvmNKHD39L09V4V1PLgDu/MPqBHYDh70Usk6qmfKik9Lfu
rotU796AtJaMMNS7TMPRVVvOKtMzjz30D5q1xnYHIB0/9hPOSB7xicPV+QV7gahviman55FaQe6b
L1o64uNq51KJopu9rB6EfcIjOAaaoaDpAjBan59z8vdtQpJpiva8dObxdEyR7+FA1pQpXIXnzo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jt4VK2IqpVqzsTJHWyxGNr7VmEMotLi+mIjmtfx81L7N1OyaEuI3vicK5caRpGD56Nq6LPoQJwxeA
hbAxyNO5UuUX+SMbYiruU6TsTwtjvQSGSv85V+f1sHbsy3fD1ZnB4OglVfg/3gOf6Rs17pG/4+xc
6xA0nJpttj4z3q29gO+hRlgy07uixA4KpFR7krDerfCi74aNaIfi2nry1C3LrvkPVLC2w1B6pezH
pcovv11clsG8Lny7ZXuLZxqRoNWeMQ1jGdKXIb6zIaQPL0ib02EZcXnoLFs8f1oDnssALoQhewQS
YHyVLp3bDFNKY4W+aBSKVScOLfk4w6rHBTOtoYcVtDqBnE02XRqyI3ft84vOQeimDQn5Q5bLNjzS
r2+lI5TWi7i6A976LT9/w18ahZKBVBs8GTSFSjGcmPC3CXNpyO8HRGGwX6kwWLnYJbrLYK6pxaBq
Ci4uqUjmPWlKSdoN/FT7TE66hQZB61+ppnHfpsumTFF78XmBQr6Lu2p9WPxzab0m0PjEReqfdEkp
adno5gsEp8xbfF81n6Jo/ICBrZs3ecCLSgyM/f4g3GIWK4rnKWilREGpd8EP/gSIWVuhE4ihj/O4
psQLgr+dseHPlNlz4oQjx38OzDfvbBzaR2K+pjrsTFT/VHa3Z81JlNHGe8KSKVkJ2aPiv9VJCU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Saved Games\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EfEMP/AQAJBVnQtdeZcVVa1ksQfgN0KA4ioM73R/ACvexGfldjCe7uKKM9qdrdUSlJqBStBTweNW9
JZc4VblVncWmZuywANkh18BEmY2huHVZ7JtwGWTxDzWvuvAbGVFGwjkoHk8eEM8ThX4TMKfKiNP8
IwWKxF31kbaIazNmYQIczLtk7Xu4gSqpYL03M2oZD7tWQKjP5zLvcv6aZdQOWtKpoI0K2N4JW+Fw
2fS7fwCpJVIxJ9KTxSr5Rt3wmMHiRD8XOchkqHaK7x60SI1TR/EihLCjZS87X61qj8EDlpNa1xjr
mpOJi6d4EjBJPTfx//Nm9qWp0Ml5lhFo2karxVh05vR3EFgradBflFhW+YQxoKTTKVRLBjtTc/4r
f4pborJLUxnHwWtoBdpVYkeQxs12pyy4dxRI/7gcBVrMbVlmZ9laQEvL1hvr6XBsBZBledLxqcVR
MXatfL7rYi9XlX9CDpK40aAhmKaV3gx6qLx36alPtlOciV63ddSNjcMj7rESSfwoIXmvf0LpoLuA
kDc6wonDeTT5m2q15KQvXLClKDHP1LBz7CeGI3zMdG1TGJfJg3IXbXHPeR8nac2iTOgr3lo+u+VT
fVZNVKEvF/A+NWdkGR1hbd2q1igljUaFS6gU/Ls3RVRcUvdoLqd95z/NmcfrCY3lCRdta8eFpM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Searches\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
I3ZmiX/Z0K/V/33lodb/sktzBJZzeZ9WU5qmeIaPdIpoOuUxVQ7esQdbhoik8LbYhESTvPTy0G+IW
XCnrFq5lNiLVxfJQJRpuZyXNIs3x9o10+fixikZgOBvKeiXMrWkTbPF4E84L+xXo7k4xaL3ioZ81
T2nX7mPSMJ0ozIANTQ6GEl/zGgwPGOUIkBSH6PuG33RiOhQDZAr1vBP+h8XA6aH3LqzDYB4iSuR2
b8fFyHXrQOHkJAjDqzw4a0Pt0RIANkzg72DhlhJme//sRxFhHWxUlt6JoDhmWuO7ujPO272T4MQj
zmweQfN1ktv1DkFAwR8LwTSBaVNX0P83NGhFj3yoOrOcQ2Pu78m6J/c0JTtRsW+mQoJveZHP6G0G
7ZRh6zQsxx4fE5BcjxeUeU7psM0S0SXlojXETrXZstP6oaTJnC8xaYz3IIsp1EUg2bIf+a/FM+DE
9lGe84GX33XDPF5Uq6jg7gOYrK9PlnbB5cdEVIqbR9dMQocdqeBANrdMaRal+Lo/QvXB6+RqoDNv
HxYbQlzwN23hbqGE4jCB2+Xt3mfWv+Ioqmp1j9XTF2Bo8SgCKWdPH77iAwl+xCE+kDJyMpqA/yLO
7MVW60M1XlCjV5zK0DAv+xeHkEAF+H4x9sTRvyNm+2/KDdJaspL5L5dCkzqRmj67qo+kUPG42s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Videos\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CIv4I7LbFoZwS2Y5ul46WecnIAgNA22AmMkDuUfh+xnyE/nypbpDAYlmXFPUAXpGjK/lcPAOGajeS
LUBGmz6ongfj4wzbLnaj+2yJ7wje/2v17wVsSudgrDzd+LvzOV3deSOChqquc7xTjbmspbOO50YJ
JJuhcqeRoDepDeTwn54jwlGcyoh6W4rFeoLLZNZQlcVHiBbwJrgzGFxjW9VbzYj/QjAliyTOnDXj
HY18oNrHbqGDVFwCa1nirLir5Xbw/u626o2iVu3zY9g3qnGZxev7Jlxqy3G8odxXD692BcPAtYOc
j6zgLL0h3S6GkMRtUDO8P3QCMarHb7d3L/lqHLeyXNN6jNNh2UHyjCiBLyndJIuc67GvThsf+U43
tj0y3pZyCOPwgMygVLLaXkWFYeBCZpPwWp4wUbCqHPVposdeIjHI0Pz9DZ8CxgPxYX0iN9Ob6Qt8
FnCIBXxsYxV+g6f6tZbIMd0O7ViFt7ifiTuEZwSQcqrT66vhcvNuY6fqaY5z0RxHpkmI5LAKYdfn
zK1kML18FpPPjm+2YfYWTgmSD+N8r5XSugqipGHf6dzh0pcL/wg06NTbY4URtuZ069fLqxDtzNnk
oWdJ1PpJZ644rIZy4ag88qKh2Sdj57ftYuNnH44PhqqUHlxjJt/rUvvO+059Sjxjmo3kW7oZ+I=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Contacts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
R4ZsAwY6C1A5TO784N25rnTxm6fucKfQg4x0nLUwSmZOWWW+m0lemToLz1uwbQOCa5+pgy26h9qQM
J3KFwCbWHUGGyi2K8AKfkdEaPlF/NRay/rULD+3yXfyRUZQhidQDODkO5a3qpPrnkCuAnSCpm7u0
3dahKr7dBzlG6IWbbfFXVVWvRcWXkQJY3PbeyO8f47uwo5w3slSe3kS5os6kb7Y+L0M7kC9YxatT
ltpFNGwUkEo2jsxkJ5rmULxoyy4TTHmXwRQ6dgA/tAx5MXRXtr/0qDjHmoaZZlDF09uF9RDH2KKq
VZsRBmXiQAfQQJqcTAmreKMT5I9SW8y32l+uFJx/TKDRLmjL8tZ3Q90ISC+M1KuV2Qh0vlAjLH/7
EIa/NGwv2qrSP/f0xwx8IFg3JtD59RkZ19Lk5/ZhxAw6UXEaDeKDUUH5194yZL1aKIR6LWOuUj68
/ze4Uw77XX2CvZ/uyYaKJr3bOxOePO35KOskhuxgIQn9cDIntWYclx6Ruvt/l2rljSyaC8vWm+3n
Ql9ahk2LBYbpFue2DGcSuvPFFGDvynuadlM+t7FtIavc/TPZzTMoy6so8TPLVGmJ/oC8Rsz8fDHu
0s1sA72I6arvg6nfcXkHEIZVu3StRIhp6zSD2CoTn9H0WE0jGJK0sgUZ6h4wmNgcEiFJ5IEoWs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Recorded TV\Sample Media\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ss/bIumWpcmy/69ufpPJAbwcvmfHZhrYrbvEo0ciMFztkFtRNZAOBGlV4CpPc4jJIy8kV63VfzRMk
dKAFCrwkPNeNEg4d5xHDl5PrSs0p0EySQbtz91WZssshNFZm6dKr7XpE73Bcb/rnYO9Th5wNUxZI
ck0uWUUAEjpFm7x2DZs2XFqtZjBnBPGdTMNvAe8A5c9+SnBPwDGERrT/3b6wgG7t9Mw3GKv8hl2M
SXZCy/GV5SZyfithf8uszQ/eSF+e8/mJ0anCgWuySTNW5hbTv1s/t4/B6clIHUai3++nLpG7okow
14yKFqgKQUk40eJHMeo86lsPZZEI3tBRrN3R7O6EGXc7YgncvyzqqyQ6Bwl4XXCjw6BOMXC5ACyo
WShtKEBa9xHk2qj+8jHZHsW/s4ZNS/Bkha2z2NhsLrCCs7cXBvOUJSWz/XIM3JBdWYGBPdhfzHH+
U0hpT+nNnuw/uNqeYDTIXzptnf4ewhnZLn+Qr4s0Pcq4Ig19zMAnahM0kHkzXcH++WARyvKH24hh
GJq+0aMLViQHxw5ZSpvwefvM4CChGjY58eJIGE9n3ugOd93nLtv4b6Au22Hx4JTLdyvhG13zT+SZ
iaPDBACz9iK30YnXGxmtiKiPxkLsjxoqVXBS8qT6WW26Ln3KgKNDjLYnkeSBvZGjkhz5xGdATk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Recorded TV\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lJGACZjEZqNVgXa5e4ZUNv8P7XWnLe8dzkjeSyCvOVOK/5XM9B8u0cuSXeBdr/KCuP9PbzR73WJCp
O4qzYqFP9nEhUKIzeBHFPeb1WUrbXOKg1wVugNebCvN6uc8zZ/B6ER9MBbM/vwR0U77Ov6fIWUx3
/ebVC2hOXlHNxK6xBMlI6YJGxPBv0Lap69McGcKoa+kkwpVNslXSidKiLL5IfuKwFMQz6zTPb8pE
BQVXbvHt2ni6nJzXehGlq7CX3q1oT7HspwZi+qXxyn5a304hffjPAv83vwADfotaHLpWamxeCG1G
jKQGfRiSfnLaEfJTAoqHPGIUB/asbyphHEmCPp92sLR6YzUehfkJm2BbPI8j1Z/Lz/5gFn/EInmk
SZwYrCLMtN+92VuZesCDdUS/5tlbHV/Rt1G8YCl+28fg2QerpZHrVkBoX/AfTibSb/jyo1TBoRSZ
S/gXzcHvV+Hy69mqjB/6foGyM5QdDQpPNfJqRzm8W0wq7BVE1ryr98PLZEwyOVkipJXaIbE4XfyM
EETgqfNkf7WLf1VzuuEp3jw0YK3VJ6DCV93Jbbqysz5BB3GfJMUyqKgDdWX35057QaI7rjBdMg+V
AG7vzBdbCgvZiIewLUluvzr4B0YDvwFRqCm3uvMKebpfTqEaoRbAhTvWTsFiuhcxOoGtLR1ZBE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Desktop\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HH63C/Xf1BODx9rVKK2fW0KKOGK8vYUVXkmPrzXA6ObjsMNjMwQYCMFk2OBj/59JDGPOlCd7gvpZ1
7CpyImJsDh8q+gZCg6Mt8vNmNK8vcrSJ9F/aiZxWDi0iUAJk3Rqdd6Gnsmtb3DeAQeOnOWfiR7ng
K0ZDBbsOxyhxQCfWbFc3Yitb56jJu/MUjIRrxnA9LGRnT832Mfi284T2YEwjss0lt8930kcBdDiP
0/fCJ3kLaoGuJBL1YrjQfSP480cp/OF3kDPlHLoQj/eoySv55KVMut0tR7+nUR1JGVp090SR0G1h
IQHnCvCPgPIc88MIn1sC0z6YvxLzr7tkFGJRZ9O78GIDBN+v7VAt5vjkjN5OnR7iKvPlS4skgAx1
DocIysYOGM1QgeHvp0/1qjSZKsrSEvcMWOeOP2xktZZPdoONo0Y5cJint0ARSCZiTxWqeBs5kJ63
tHSk8fN+lzlOB8xoNfFQzRoWIA2kc5/5C1/tbM7QZ+b6LDrSUFJtdSDpMykZR4fCyUbsIyc0aGS1
j0lrW9/UvSh2tIsOjnjYAb2jFkngZiE2FIdiE6yUEVZcxWxqf+T70rUzWPjhi6Jz9sVVKHW8Qur5
G77ew47vrJSvNPw+Z6JjoZsQR+KmUMXPxHmWZkNnaQhbZT/Ym8ZIUW4IsvK5KQHzeHTxxVOALk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Backup\new\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hHnwpFHviHiupSmoOW3G674RT78v60iv8AXNUPDdtsad0dMM+G/hmgg8ErqEqRBH6NsFR9zFCpaM6
x69QeO5dV+PIiDmZ5WqwYg6k7n80dtg7ilX/LXT+BGaej6sCcYbZklZgAjOPpnKzjv25aelnqoq4
XaVZ5f38OPltuF/Qb6ljHzW7sRn67lA+M4+8zgirSJpraZ4PC3uxIjSVZs5s8k2yFdiHxmNm32nB
sxweAZqOWgfxUDKQvNR3oik4UhN2XRcBmu6SOMVEp+6L5nj6uZxgjF2wP3FnpZFqH8DHvmeFq3HU
e94tisHUukLEMEpkNwLK2hEzOeLnWIRkeVtyq8B+21JkjLXXBKOEy+ACOw6GWdjIdEWFnIjRe/1I
rv9ErcGtwb+Fr1K3P4tlvHT81GgwwePXLBmP2f9VXjU+xvTqszImD+BSjyFGEX/GxoXmxkUFqNWI
gSgIAG+fC95Moc5/Z3SbSBVhzORAMRtV4qtVPM+V+q7kpPzh0FFPrUdPrSLkFN8jF6uYpjNt+8pH
ohUhLHkfq7QQMYuPyW8NXKzaGq/bhbiwqrWkrShLO9BZfJysRDvdvxr6KWfczwodgsnZHAasELDB
9MmSOrKMOLDwUQu87kWfJ7I4J3t5O8XT8Lts9fQ+P/r5GJNtt4HteTRBTSAzS+8ljeUMl3laPc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Backup\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZnKM/DeOFLUNdaQhhPAwn46qfRGes+kSVvxjQ8logyt1y1rKsOek0Dx9FDVFT98tPX7K0sBLWW6aT
gE/7+X4lVW1HzqLdepJ0PsCODMHGaphqiYGmXrj8GM4YmxgYENVKh78u5H62S9arUyeP+CNGxhv5
iixLVrK4X45klKWbkxtcJuCOAR7403Z/d/rrzOZhNkm1BZWcMOFL//+yo+yGjVKZKctA0gK04Z1w
5bi94o5djxwk1tL8wekEakTuw36E5IEX7XMFhiBg1WKi8baRwQ/mVmwy4ttnI9gO4xjPz6qvesNT
mYrgv7f0edjag9JddINElVM4Ax8qMLnyiaRxPpHklMELr6Ucz/FwHkgF+Y1gpaAdz1vTeVbR0Yjo
B/krvLfMTAtSNLsFySTw1wvwolKRqKbZMCp/frTVTIVFJCaTAa7vH771PXTySN0ZL45McT2QjZ2s
u4JAlO7M+1EHNwOWQCAGzshiRnbIoVTGqdKVs1AR9fiC2ZtIxTvP8+a5S/pmaKUTL/reA+W+xLJ5
QreUGNDVOM+YESKSulUd21r6BWGTpH7llyoavPLv2TN3TMVrzdj59nK73wEQZaGymlnMClFPhLVP
J+cWsbr2awZwundWZersey2k3WQPN0sBWYIqMDhBQAJbnPgCl7fur93XEGEZlmZOwFkUwi8/vM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TpCJqO2D5M8H16i59A/e2V/JsM0QSHvAMfyhD1SSkLxMZN6PnQXezC9P+e5tQbFtyS36FQfOrrim6
wlcLLgnKBXlPJ0lmTkei74RXieObe4QvLkTm1QCX8L22yUdKvnRUKmklm9nE0tQYDfI6ocaubHsm
+nFaDReLa5b7kWSqoF4yUE5Jxp9Ibp6uTYLUvHx0Z0xEAnFq1yrFSnRW7exGhDY0g8NVWksOx+ny
/F7AT+AlabiirqufOyLDUhtuTKysqkkhTcTsJQCDW2iTkFEq6Iuui+Ob+8uJe/VQidwG4vmfvlyW
x74q0WoZGi6Agb/h8I7MzoC7brmwHSBa/VbUmepv1iXSmoC0PPTzOB5a+LbfwtXtzp3+ArkqeyOf
THi61rsGebFjfzIcGhirfZkmqZC6rGHVRlNDhPscPderJqeflzreOKjFTL4w/LF4pUFnBRCXgrx3
FMLTqP9GKW5epTHMSrCBr8uU//M861QeWz7vWZEmJIlsGFWRJuSGzrtlqYjPWnQP5wHPXHMyqswk
oOiRPmdZIFjfTFLDPHSqe5/FKT+oEv/jD6CNgGwU5eg8eZ85n5Mjw13I9Y3hASFHrkInSvrEKzoK
Nj2aNJszeacD69nZEbSSdlYoH3Sl90Ur8H5NAGUjLxXBP+6TxfiD13WTQ+3NQILElUxjVxNRoo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LDmzDx8ZqRirBam9EsjwYt/hbyTWVQUULSzEIv8ZWBImSAp+TUd7POw9siym8+u8Vd3zY2Kt8MXOS
qwB/GjRNxMZ0aPRN8TSpB3TEGQSZBz8Ho505M9k1oLVe5RV448T+CgZRF2KlogMh7MMXSF8o85F0
x/LI0t2Bu1sCfY1Sul7ULoz7FAI0b7S+f9QrF9oJl8rTk2nIRWBp5nTPPNQqQF1cRHfYqrsi+4mj
252qqNYg7+jRzaOXnT/avcrCHFe48FQHlWUF7qaRGR5wqiE+vlG1g/zxQknf/p0s4Xr2bPcxmvhR
N8tuQYOB3bjzMoyu0Xr80IISvU2sp+xd4TNU32sKHQJwJ9RhLav6Mc8vpJtvt7ncVvoQ0z1mp5Xy
4FDL/B3hsCmKATUtylGt+fMVKXlkUIU95e4K0zNreCZ07fKj37qrnCAQ1+xdWp51V1veEutCwh3V
S+WZuusqtuEoqNEnknuBLh3SdpBqNafV86UCPNM42N0YOCyxhLbF0kYt41ipJ7cct538XyxRh+iJ
wGhSFYkjylbYQYhhDV4wt2/QlJ7BZM0vRiL/zn925SUaAljBMxe6p/iukR9QSNT0gMv9PIQlbFei
KHj1BQ78SveWUuouv1ObozWxnplYyZooKCUuYaf0H8hlZjV4SOp95ORcSKZIankEggM8Q5DSB0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JnHuRKFHvs0O8s9z9698Szgvr1RMIhF06FKaXXAYBQrUpkqxgBvtXcqhrGf2gtx5YGyOHUAPUFUrz
Mf3HS/8aDQY2CMQf2wBXEkhuGARkQKWw40JVoi8CBPJ7UASo2K6uRHEm0izYLleZgzylZvPoTr3c
i/nn7/2xGrUiE1I0p4h0Wlzv3Bnixg/XGSpKZCu42p7+sWRrXP8z2zNgdop2PvNM+RSRy5gkpQR/
9gJPEbOGfy+ZFx0Bs4ONCIupI/gzeadHUPXVzv60yU7+Dlf+3l3ZDRoY+iExXOh9HXbss9xf7JaS
qgwZ5VxmxhQUOLmIGKYvoBEmXDSi8SzJ9feZtBAg91KBXBInYWmolDUMFImRd/RFF4BMOolyCAAC
TQORc1Z4QKggYTcKEzqt3vcnnGqndQn4A2DCgsG30y+THkpO/Ve0Dbh2jpo+r6/2ZOqZAltfQacH
3Jloz1AS9E2DxM6TrXCPvswA9vxX76eLKC2YRDLQeoQCqwQ7XkYg73hCJ1YpyjIRPaWjvpTU10lD
btBUxT7VuvhCgydEvLz3p7VOz8sZFi5cSNhEBJOYIuZjTRFHUgyZrD2sd+c/mUArbAV+JfqerZ4a
k55ydpey4lCfekgZNp6aK6463jjFIbI99vvPIY0BdWYoYNDMimB6MiAQH085X5YgLYFJeSsydk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SnDyW5o6GTzxf2Ph0XmgIZSmbuUOh87bDn8vfrwc1JEuciaYNZRvOvkQeoOxW+RgV7q8ubZVb7bX2
XHoGtSI6pGoOOlRkGqGF7oTMM4GudnxWl0e3sVgv9EFW/BqsCmKEW94N3ka9mQDT3PhT7Rn2cux9
5S6XGEJmzaQ2hnkgTiilM1Rq8crXa5M0Aw8/ZT8vV5BGcivVJ3wgHSXQbR4w8f4INYuu/YFCBpc9
2u3tAIRQV6bTgy0fX5w1lHxgi8/3RzJuXshw774LVVPDDaPEcJQwd2Ss60mgLaY07OvLuXc/1L56
XJEb3cHGDDi87riH9cw6LR2LBjWgsuIOB+gcPzxxIxW78XVoDt4N5Dssg50AzJaIL5k9+pKDkY9U
4PcOy6zPj2/P3cJ8d5lPSqqJDTUt8somB0jkeBAOkNJVuFv1R0zC9mTs0/ANWThBI8Xt5KTba1EZ
BPMpmN/xOvrCYfahh1ygB+ffPb8sc/QhSmxedMLe/lf70ILrQFU/kEZbAyD5KbxhB9/euQMlaWAV
j96buB5DfULcWmjql1H4hMFK16adc4nzCXe2B7dGxjA/7dOQyrwdaJj8G/QRyy5pdq9Vxxo4wNhx
g56e7t2Xc6rzsQnbH2lVV8X58JIkaVq/E1ivzNwH21dVjEeZIyUotNM6ZszMQgWqgHCbScbPoE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mUW21sQVK1iHbUtEHxolD+jKQdchNy+lNv2oZ9MK3LvB8u7rJoK55QsjbpyuyOHyW7qGxZyU11sA7
NCa085giefNg/5UKaiGv9e8rLhCn+jHM+p+mzxcT6g2zYiIWfyH/cdxOOBC3j64MUJcpky0rT+gV
SiCh14XWBhc7by0e71T6yFo2BU+ASwQ4LgMbTsXihoBEh7E1ldhSbFh+vgsxfnIW/dPHLKLO9eWq
hsfNbv3mYZNLAivz2RJDoGlpsVkThLxc17bEegpGYqybSwRc7WnxXGmOvXyuDkrnphwigPN0qLU0
gqVnnKn9d+AHtSEIi2n8IoJ9V8ndpVH9vLw+mgUbkpPleFA0gy4tOmyifwcag1MSSwpQuvTZ4Rxd
02EWIc7ieTIYSpdWO+mowqJlbifGNgH4dYXtshqo9NuKpQec9W4mRcxF1oz6pIfNmVEp57U4oZ8d
hPq4Qhfm/UBqDQpkXAVJ3aryox0jNP0fg+3cfqfpVdEyLjsyhjMSAYTMe+7FSeubkkQ8SZ6LeX94
hJxjxJz2ga3MljIEHYXAaaWr4fBcqEs263AUZRwel4LQBVWkhPSDrntEf0kRDKhYPWuvGBEicgj8
uewhoMmPnekuBqzSXri+E1WZQC3GhW9tCTIOGhkpRqHv+Aa7tI36FfUtlSl0BcglYrlDIUTHB8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iw4AZ1TpG9X9YnmIioW982syiFbY4KWCmobFPPoMRSk2xBH0B6rWDGAhaqht9wlvJHMKH9rpZ/yhL
pP2UewNzY2VQ6z3SaeO265dL+ajo1fa5y7ZoBhzhJtW0zjTgXBUTBez3/lmlYCdoSC/pd4fVmjMl
fA2tFbm+xpS7MtVCpkeMuYrlsGN4YZf1A9IiduUT2JHboci3N1t3lIi4bZbjHVuyYR71IB/NwGDu
4071vA1hQluYkb9IX5fmTHRhPGzcRBT1dlb546AtiFbramsfEmDJ5gvxUrS19tQEyFniTf9TIXDz
yFGk+PlOqMScGEdO1CwkXFSQ9Q787WXcdLrQ3o9yM/t1aMSrbHavz/tyKbujbIbI7/6P0I8svtOT
qgcq/1pFcThkblSYgRwzZL4pWLfunFwX75VgABdGoFRh+EZVBCECYBizvfAKVciovpNYGHfkma5K
HfN6g0CvuBNOEJwH4XXv8MVhpfcTii+AkQauiADDdxGgzHAEaV1dtK92Bu3S0tSG1BkkaOYCYKqB
hNE1HBcGnSoMVQx1laE+6f4AGRAUiYqymejkyZwWDSaGz8C0wjHzqYAllHqhh7yrSyKRTHkACmbB
6Is9BZZJvmWlBTUExt/g/a7uTgIEgPKIIEXr3F/6FlJwVaOdZcUvTaLR9viqEoPPeD3Vnk/cCQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cJRrbXgrjPbrWZVB5t2U8q3toAGQyvkb6rYWLvSBN73cuSrZd5pxFtPTCxWXYeNUfEIWHPIluw7oe
go4ohBNbrz7DMBLpacCh0mHVBvi+INYrktSAgrPLXKBYRhBpK0s9giFtcCFho0CQSm5l3mz7zeM8
J9t5uKzIF9vnsc3doHpjBpMbyiwgdQD6mATzqq/Ezkv9zB4Ea8mRBwgSe56ed4epfKRMHTYtmNzs
G6wRYpF1jT8SRKvf8BgNhOtRY9qGAP8Dt50tgrQTDifIzFUcj1Y0s9WbPt5G6Y3z42Hx3112LsOQ
4WRpVmevTV6ZfY6cQOg+wc3gGySLR01ieKnyPqZrE5VHd/m2SWdUM8PgC9tPW5Hdjr6DY3D/Lbay
52SYj0YKk0+wKujeVZlS3mi71Q8fHSUOQgbFNRHxJ2AE3ek/oxkQaVm1QgWXcRLiiDUbyb9seh7P
TZxQWgASZnsFM5oNkrm73wUTR/IiPsj8M2tNBqvM14Tii9qBBjPUZWmo5SPLAdyQfRJ3lO60qMKw
iT6F/bq02a7JnYpw08KjBb17u/KwVIVWTSSJraFJ16474WCAbBiTQLTOcEtGP7pQZCJw+YGqARrQ
Mjy5Z129XdVG4f/iGyMF+rm6NWMErk3c01GDf1xivOOxLSc2hLchHrAiDlluN+WXHHbAtrNAzg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Microsoft Help\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KYd0ISyKHtQWGp7IkNgz1oH/NrMkNqmEfieReaJz2ItuQxPVScD0b9QwV6Ka5gqRO9eJAKH5JELG3
OdQphv7YWyJByv+BrcOKlGWxMadK+V0A9xMNjgjXl2PXRSpSQrVv4cKPkNqEOG+mQw1ImgU9QW71
nKWukQtGvTybNfWU3jvOTfIxv17FtjwKygRK9wDrIzUdTqWCCpWuRog6FurvkTnOtpv43KyUjRwC
c1wMdvMqnLWQAtjaByrYmopNTlQ2B+AcHe/8bcEIcdnxGwVeIwGyI+YLxMtzR5S+zBXq4UqAo4wX
y8ePZe25d8V4GIEEDBHSdIx1OUPECMBWdUIRllKUqHOgRmp28SMml/EfpwpWrSVVKoVWit+NGmXn
e6xC5Kt3faJS3m+hVkYttdXhC38YlW4dPyy82hww8MV2SIq37i0WWmyw8AYZY/DhgsQObA8/WHxq
xU2lflIdHxcL+5o8ZWlz4VWpZC9LEkNQvlCVfu8oLQ3Jxi9w9ztLa5/IixxmojwyYD9pgGRZY4TJ
uFhd31UouNnEmDypLEecxemFdFpSi8uMyyNKGkNIE6IRot5bBKmblXFLdG9MKVxVCUTsqiO53nq9
7XzTThuYq17Rg4wHJW0glchm1EPHwI5WPpnEMT1bF3SbN7ERb4k65cC+ySLCwfaXzm02qYo/7k=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\cache2\doomed\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hTwnqgbQUeiu8vC1/lKuPq8DMnyyJaelUCZ3xWAVcoNY1sl0iCTllAcvZvPJHDTfAOFsZRxc8zN+P
gLxAWV0g4IF87rooJOr4n8nNs8u+2RdQxO0GEi3K2TV3+2WdkyQwYqkdvXahxOwuRwufBHkj6FnE
5wUJGFZZwEM7HjVmLBbVA1bMOebbe43I2Oq3/FpgwrSOW+NJkUptWGCsi/VbUC+YB0k/YXN+n2so
iqph0CX/Ub5q/iuKI6Sa6e6/xsMYCC5NEkRrn1R8HOgV1Cb/ZhbJa5/D9DQskQJINa+pkthTJUEC
NFcibQDMjQuJSjw9daSIurnbq99spg8bY/lbJI89JJ7E7Uf+JSJ1obs58NyYMJNQI1zEeOzmQMf9
2f77VwnMFEsDKLAtTNFqwnjESl5JSRZ4dQiEN0T23FqL6WGxoUGn6ms5IpoxeVBU+8Ftc8VLW41q
n2vGUWvpRZURr+tOYz+8i6QWXihAWR8qhyyTB0WrbwtyDpV1vpAO1Nat/8uG5d5KT6Qk/Y1jGCs/
Th34p1eROzrjRBOO4oskkTAjNLVe6+def0Zts2t368Hfzdjr5fVU4501NHhsKFxLPYWdbNeNihBu
EccdAii0+8RMJb5eogmsf9xnAm5Z3uT+H2jh17KfC1+DgrD48zwgbEiOOB6/Xh/+45KCW6+Cgk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
clQYMzOzizQ5hyWfjhITSKYXoEnSk3MCPmEbMe1ycQ0bZaTed7Euwc1Ly4fpWI/zQfbaw/MpvBKe0
9LcuMCVHgqfVWdjrpOP9WgvaKAzoF8mMIBHNgGl17+NjF0IhqvhwyeG2WO9XUMwDGix1NJF3ff9q
nU2dhoTCwI8RzR8+9fsY13djgeAuC6T9Sq03aEapRDG9iKxQ/RX8N0b6RuJfAgwPHjgAge1aINa9
Bv2R/Dt4YLVuPRfzOlsrmhp3pXIz/2Bd43P4VrMQbiojcnWw07SwKe7VPpYvpxBJhfU8D2AYZopY
sKoSN/eVvZ80a6pN8IGhF8olfPND+C8OW1fYoknDbbJsfx+qjNEuxl9v2wGURhFc//AKF/1YzH1j
lmqz/RyUJKkj/W8WbMdKM6atcyNs/MHS5jzdB4Y8Im02iOrOT5OGpSA6ZfTi+Ypm40RzTeyqLK0r
9ggyB+IyTwS+Cv/RijP6bhdk77jHqcPtGydMc9s+Pbnq0rHUmCJx47fFSzw1IhA1k19E7Ww+tC/8
pMHzMBqw+Scw2viXWlRHsnm66zL8GGvrqSw5dgavqdVB2aAITcqF+ovWuvSWR20RJALsP1olX9j9
uKd2xlBQiasN6FwxLDpjyNd2jTGQQWs/MxhyEU3p6QgjkqBxPAQ+tSULE9uaXPBNluhzvqQTHQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\cache2\entries\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mtQzpa9TfT9oT+dWBQOCRWCp8HTYShcRwY+IuSS/ie0X9ISTI5MLp1fGVT8xNRwMuzdlbQrGCosqE
0MNEbJwYD1qd/F0IofJsr8K4BWrt3jJ+1wD3/pc4zRNoJ/f/sgxWdWJXrrVftpZtBy37aADSQfZs
ew5x9XHYKf/chUM/rNKtTmp4VQN7/tW3yPYqc++lFIzMorS75HOIwpqJhgRqu7vpZfV/8+srA2lL
KD6r8STKH4PO+WwgHPYdxmQ7+F3JHCBF2N49mf9GwcneNs9gs6megmod1Nl/USJF/mNjDWK4VFj8
679FU5fI88+8VWR0TK64OjjUWzU8CbIS1d4U5CTNw7+Vc0BajKFMCmp+WtdbdqAcA5NvfBpso1PF
T5oOkuDfoZ5hqpydrvyldHfoM0BW+p0vFbPjOr4RLQI22AhfOC0YW9oIwEN5BENPhX7lxyZHnl0o
pbCvkdJTyZyLPyIpgmY7XJ6LDuJiAnBMGyR3ENWll3oipNLbZz87rIFuQ8b3UTCgB+LI7gE78tuC
HDl9dXF+vfe6ICjCZ3up+vIzA6IRDk/x7w5g4Z0pGA1baR6wwg7wiTIzL8K5SGq7xlAC7utgSv2o
9Sb3wMXt5gA0FeBY/sOPtb/VpqqQMUbqTAr7ig6cKMe/Oie2aYPGOCz6+61Pzth4H0Xjnix1To=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\cache2\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iWJWikNgZ3zeAMJeioCweCEoMCux/wXPoXiYeFunfK6u8ey1ItreXskFhGScDm0fZjGrgQh03Dfb0
nnnY93aOphtxSnONZ2hGFdGopX+6uPK3aXBinYZLK0UYILfFZWBBdlED5UaMqafeWUhrVGBKxMYe
eYUwhI7DAyq0Jgd8dIP2x1HHAq3GG16z1mLK7HX2HQ7LgpvweTXV5GVVnedQXQQMcKkgI+9B8grC
UHbw4kStV4IfYvy4EJnrPd/MMcp52M+rDntGxb6iQBS7zXipSfOkV3qreHUMyGqDNv4sNu1TsiqJ
lZNQCcH6vCgJohtIPoO4u0WGGk6CfTmIqR/1G45J7vS/9OVt7/FcQeJUhRR7UyGFNrlv+yzznQua
vxK1ZtpYQbCakv2v6RmD+Rbl4haTNXss1uwJroSgK5Sif2wzChByaccc9t6fSxvXW199i/uAudsc
izadiDixo+sQ/MpaTBwnms1cq3bDoUC5boiBrKG3/dzMRIz/rOAzCOUTbH2f9QPpIhyWoOoS5WAZ
dFnoTpmExEaXMOqfUCjFCH7rfIJ1709UKZlRSoDg0BVnIlqSXuuyOHoVkzwENssQMIceEp6tpnG6
IN5lXYRM3+0dZ1QQBCYc/j/3w24NaOAD0pjOiosY+YGg5Tj6x2TzHEc3Jdk03KCWc0UgrhIkCE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WM7NouKe+oTWWQcX07J+9zUc4/pW+PiBqtREHrvettmhIqinp2URZpVPsYluF0sld899jQinrQmcV
fkZCdk9cg46VTYEfyEB8EJUQIwl6rAHWhFRF7QE4r8P6QsiKyps+VHvzX5AclTiHyazzX6bmq7H1
4koV4hapJvf4I40PNyCk65J40F411EBeKPUQSf2zezV5i241Hc2v+Y7Q7pa6z3Qxx32StcLrh7Jg
bEFhUYHNU6RKLl+jXLcAsfNrLVpenZbkISuYQBrSR6LtVl+4Rlfi2a7/DiJFkQmbgqSrQEOtFTBJ
qAzc1TVunrNZ0VoX7ltQsPQYZr1jFjVI2CsWnTLWoXA4gUapMK71ZUUej7ZySlzp5vA/WdTc7YNA
LEeSH+tRRlDNMeS/iu7bL/P4v/aZQVOsLRCkeE3DfCjNQ+iJ1hlBuQY1seBE3njTiwstmbI68qfZ
968QomhdlJsheiyJxvhwNCYHRJZ0nt7bTqZu1zPBZ0Kn+dHNYomWyNw36jPMyyk93ZFlXj7m0NTU
s0UJ15lrhe+exFZQMrLRdYO01UG+iKbQ36ZBZ5ZPaXeQ230qL/ms2Mfq7GLgJ+eJfHiYSMV723N4
3PEonBI62lBYZqfjsyJT45TN0bWohaxv1C/1PEP1G2+TYZWm0vFD34uhaUc6f4vrIa82AP3FDM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\OfflineCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TxzGqvL2kmboUowU3+FkzL/7HcmWWeoIQKQ7ILvGwYtVQlmtga2atUz9bRgKPrbZmuPtSFVFHO5Wu
Nd+BUJkDR4Ql7+C5fbJ5JEom+onOHSixSj7EkQSboA40tvh5lOnBwIgBAjfU4dhTX6+xOXV8qlO/
HrrU3bojNryEugKTncoAvlpGML3Bqp3CNU6+mnZVglJudG38kJDktHyfD/X3Z1FUoRiMRc0lFQCy
Yws3ASfmf0mGdXStGQbhirr7c7mkuJ4UydlJNBB7MaHzI5fpNPpIOeMle4b+BTfQpDka8sJSTlZb
Hjrdy6J9iyVFl25PELgybyjIRVekkGsNMOJSuqW1ZbZE0x35ql/t4XWGDLBn5FXotY31x3XU+nSr
hpMhGse3fiHulH2soH59l2kvSOkynZfieymEhULb9NLISqKnvWi0b4Dvf4sKuLKEOn06gnYtDiI9
/68/gh38tSoY11qXPr0x5Sr9GmhvT9wsGEPXXHLBsRsNmYssc8xpJNtAvQKz//93u+uVJ7+bEn/P
+qfz5mSD+dEMpf1brfn2VRc08aB86z5gXMCZ5VdJZWw6QVSk8OXJSNyIEZ0fF2ipTDOBduh8nHmf
Hvo4v9Zjk+Przuy4i5Fif7CxbJmAJRI99HjWRua254FZLUgjApCNBqk63M0F09WEzasiw8lUS4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\safebrowsing\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fevUYSPQ14NGoTrIrvWoHU+CcR8w589FX11fxtO8AyRD3L7nE9b7IQmcH9bvyZCbt06x3WnVzKEFR
rygzf/ISG1mjytzC5axVuDlVVF+ZRzNNM62Q6lSGd8t9ASN01CpADVNVjaax3/v0eMzkD9E5tIzn
P9LpXPC3FUVeqc094jhXvERB6y/HYIyKEuFHylejNChy8K3jceuGVX4M+Zv+sp5bSunece7gGQ1+
GPnbLJbwbJdJpdFY292WqeY4phd717UQTzBc5LeF8iDdWg4vnsggqdu+Z5en3HPYVw8OQq8ts63n
Zv86MeA3vhfuEpeiEjN6ZQ2LWO6SCEEjkvkT1+8r36PJk4X+Aph3Q0+7fGxVedFHBNXyPMMNOUK/
DuwYfT8Gzql/4zoyzuceks4L4xcplvQfv/Wz88lvv9bfVofLlq/57VD3zEvSGeg5h3WgYbAQ+YlO
LR+aBGZjJgfUkCQdhXkljP0h3D74Z4eCNDTKQ+ZEwtOyg79IO7OYUQbYOeD9gPS1m/CBXNjQW0MB
61HBu74UkCHk+gGAxdNmrblU8pOK3K+kcOWnpYqk5zjd0t2gveMeElqBowjfp1e7Vq03+K0aXafw
hCf2d0C1RwVbrqN3Q3eSZUxWTElc87SRZUV3GhkepD3em9dUDu/D3wid1lR4ZlSWtIAsIq52E8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OtA3yw0bT7Hf7+9LdNXY6dw+tr0d92B0msXWSsG2E+vZZS08wcR26T/WIbx25w72/xFSdCYmmGceL
FKGkp2I1zoPD1KdVjY4cP3WyvTxb64gu2LyNYXg+/F0/q7ecFZ+hq5eZZtkfp5TKe1Ij2MvZPXAe
+DZuSAx1UOczh0kD7X5oZwPmGcZ95z1USqXZvREqOsPM9dtdj/2t0yImePJEeAEB59tgBE4gn1Fb
Yv1YZAxY538jMwNJFYbJaPIVIHJQ+Aktb7OEdGKMzwp5HI4PnIdBtpCaiMZKVAcDV2xfIvo6B6xh
TF0CTuNLfOFZ86Gzr4kDLTDwUj1R/OLuAwKqbYK5T5m2XDdqbqd/XF7MQM8QUxKBoGSSBSdWT9zn
iV2jpspGiCa2ovU2Nh7vyNQEr1Q5sQ6KwKvt5+Oo9HJ2a3allMntDXoE3m7RuIOAH6NZYvIm+Npd
8GB0VykjI2E/HSTpU+QyQr6lFrch1P3m1vx2Dc0i5SecDjur8YOCnUtXV89ZhpXLKmT2xAabntLy
EDIZzporskDRGByMPiUQNQzzdPfE4hHf/D0TdfycHKuTMgN1VAO6xJVCne64+OuubSCvLY768MEe
ch+mCB1x5SCmJZZ9VBcB39B6bekFEB161+zf+H2E4pIfCgicEO739ZZJOhg01aZaibPB5M4OcY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
j79Pm1t+C4X8eJTUWs7r8p2L3e2SdCi+JetdzB/sUCELOzrHQmV1IFlkKKhePmz04vqylxe7HuYJR
9cW6/k820SiXcylGladFjE/YvWVAFcLaDG82rHuUNAub2PJTfcQp3ZzQXNgGi7g9g3G7zFhfrAUy
wOkbvIc0HejJs/q+XM7DGqmpdLvEdFeA+1SyOfbu6esimwbU03d/9KKqXdStNGWqn5NtSJtFCsxP
cHkScIfPkDkBjStuX9L6lLz++pnWQ5WtP7J8v1JF40yr91Y7e25ZiOctOzjUqyH7SrtUu2Nk6j8o
aoyIXxZLLpyQeDWKmR1bil3q+SD+zwNjwESXJWrnArAzbCXSdySxgkwo6DbWwqeDNOTZNlAcbMt9
cMIio0x+Sl5izngq8nww4ypqUWejiO0gWPBrKg0IPedX3hVY3oganBvcEZ2tVdm5OBBFbFibwjSO
tYdlqkkirGP5xjk6sI0SLBbs5mr52tJ7sZUkv8wAWel6GTyesf3wZUsCbf23vwoSg2sY0i4Fo0Fs
tZVgQhyKNG0Tslh6DTb58H6vz8qSiYJ18ZbkWc+v7OCgJQRvIWOelvQhIdpQzfIiF3E74DQfp4Yr
zYgRjZP0AVo5BLd9gD/GGSiyNTydMmvKfmoHHfF97POagYzAEqipJxVyDONS5PgH4+z89ChKOE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aeefvqVvN1PzfJJYBISQI+NaEsZI8Ji+qNYTtOBJuiy5gDfxunKNJlSTX1CNa4D0RJUpag/UelAz8
VeBqqSGzLu+nKNsXlCmknazrZarPpESaFmUGelKVcnJb9l/UIxlx4D7O8uJnbxmLMSzf+ebJDELc
TtM5ZzVq/C8is/aRW5kTC/xAa0WZ3ltygn5alwxg74NF9ZV19Cbb1E+lNNNzvhycDFb8CKO8NSBU
R6tQHwiQi7jx5G8589tT+X8Nx/W7a9aKffO0fdGL9q23WIEB8XpsCzNr+WPUd29tr4+nLNTX+6Ub
SP+bTifq51MHWlQqwwpurMWDIMxSzos4MH9l9zQFuT4P3sZPYGcxr5PhuGWafWvZ4fvWCe6Pphzl
HbP86KnhExWIIbhItgzf9NocVUV2Z+MOYQEAJNFdfDXY4dZyxI5LYs6+0HfcM+cxW19tPfqxb7Gz
KsN7PfeBhFXMYDdkzmXreUEuIPyyXRaWZz1qBS3QqOJMBQypet2XUloWbfFvmo913ovrMQYVpbQw
vhv66y0IzGlE1YDOVYPt2rte28VUGv6bdakBdebQLuDoEhJa/Hp3xNEyPHjKXMPy6LuHWZmXQ5Oy
+bYFyIqfCgp4AejfbfAt+B4B9v+uPHkYSVkvxqXuh35/wJ/YkPjQVMtX43+qKvbisBAgdx8laQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XnFzzwObo7h3tQs2Alf1wtKTscS6fV0sNbhdRElT4jWI3kYpJDpGuJR3Iz/Q92oPvRtfizb9BXW/S
R/vaq+eHvI/U+4Nvwgm3XVgd5I8r3+4awAx4pmbjU5UXEWd1G1aq2KIxe2LrfdKKbldXNHbQrDrK
yfDw6dC2lclT/Sl7GSqAlVRzMPLG8BQEo5+s5V+puUhTum5Lol00A4+fXADL0eh2NJ/Zuk2SbgHB
yGO+ywFg2CFPWV0GxR9YZiOvGiO6xbbcMO+V5I06e9rEgDTwl59rpCmLy8Y2NQCsBUp7G1Ck4iFX
TbM0SwGJj0+I2UYRU7UxdWZauSaHZ1CgRZtWEh606sgftdAgSat/aa3NpdIdAACsG6i4hkp20zIM
2VN6I33el4RNa0TJQcLf1ZXzbM0muQwHrWYCyqc6I2r/gT7aCzcGBNFLLs8hdR8JI7BwOwzuDR//
ZG2bLhSCQnR1FhJ6oidnjuKvFvb9+3UD/7fz5Hp83a4t6ficZ1nN9aqjto1SM7GvtD+5sFzJWlBm
0Y85mbek8hbQYJtrSI1iVgvujhCsQoStCPmQKJt8cVbOFSUF9uZW48A3oX4QCskwiuAjC9cBRXaZ
ZsUl5bt7Z/nYe1xOeOjXJqXk81U8wuUj65cNTB6T7GN4nzzZQhjoU54wouJRnHEytbyYKWrlbo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EBgFxNGyj2OMm6vuZu53nBom3iZJ/uezG44duIYnjX3mtePTslo61V2Rn5SX3mNz6CvPwS3TOnQl6
mYl5vcvjTgPlXczPou8Tc7UFcP05oXNFnF0MQzdns/UbH0gEVCGY3kBOOIg3Qm+VfXeg+qyg6GBU
qS3AI5OtmgDBYSzDDbcs/LiLBCt88navzVrCtOyiz4zwb2HdKGwXvIxyrKqqRX3D06m9YJM8DRLk
WIq+SPcnfzntwHwP+zqPGkIApNiGUNN1wLZ+mFzVQEpDaq4PDQB0x0+KfJO+cIKePPaGmlgLKEXP
ztIO2NVEe/fdf86SLK+kEIFPfPnKTTjilM89yFVXcbXwJefbYnJF0xfSdxjquVjbsSkHvNo5nnBT
FO5cjiQGvQfzOe8NNEEG076/5+hOuoVc3efgNKpnZI6Y0B5qY9WCwqWWojaeUdNRr+mkPQ4clo2X
/QxHtT9XwmxjYW8+XTQNdM7krUHzBmu33dgzkrKI1YLyOSr1f2Gg4D58eRN9AUdDhNYBTm18c/nY
pj89LZltLXmEWOM8Zn6t4TobSHAPJfgpnrvE5gxc47e7cSdSN/5JZUz+KEEQ7rzyR+k12OhMUj/N
xWN/G5C5SYyxEgMwkBxCvmIBiK2P4LqXbY+F8Qn668f5CvTunkEdxrxKsemb6YpPVlVYTx3dHw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Mozilla\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
F+WJBv0AzFqabQ7w9eH4Ah2gq7swtQKI5IAyjprIFau8ErrBwluahBqZz6kOgn6+dHGPQji7+CjeW
KMo8OzfShVifPENDKz9dTFkBkRw96EqtHOSOudOSIrAy/rqzyRr3JGPhE6GUDAetvVf6SCMtSEpm
Vkyej5q2Omw0kx0R6oZDti4BdlSX0L982Rmk/9NqMSRJrm35EOyHfPVZyHPcZMUAqXN/gBdt465B
6X5nGOJf6bb9XfzZgjnQUH0O++BmfJy7OD96gkH+tWKR00VOU1cBJ5hziP3nXDO4PM+Yh8hYLTQX
ux2nI7pvb3RzhJ27c/+VLaU1zaBKtTxgkhaT2NZCQ3Mzp87DFZUZS//l+x8BcS56bTfWMKOUwJm2
D6LUplKrZ5izC5BEUSurTIoXLr+uN/FuVGMiPMxezxHVBhFH9csahX6dAUTRHvIeQObZw7HCxcjE
O76F0W0OoWYSUydAKYbnm7ZhQv5uwuqZnfouLUUG8IEt3FV6FQo8m6RJyOTHuReIz3aoDnHb9yDe
/qPSJObpDTr999C7aOw7f3NAeHlLwtklT1GvrLiqe/PzsMr0/mdF2ZQt7E0hMOR3Ydbh9HZvWOKC
OR9TkrWBMPw5q5jPGSbarDAzPsSNprhS+IgAU+SyiCYy/hzkeGXAzaiL67EYfKDN0Z6TEnIjYw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
koauEZzGr/aMlD15KFmvkX5AvSXP7NFM/U2to0FiqngqeSW/VI4KznhrX+hmCpeUkzVFT8S0lmyZd
JPi6RYymL+RYftWcgD7S6HlN4uteF+Mhh2GoTNYq1Xzp2CSvXvX/MP8Dc0tPQzNXfCEp4yVYD38w
0Qvi0MvsPE2oQds/r8SuV8n26ZjmFtXNrsVOwbAxzxz2yzmH2JswWICXGChUBc/ALZu/QB0gxxKf
BJ+jQTQmrKZZD8KGv9gL1wF3a2QN/GZ8zJitSoaAncstWqyKzD4ztQb2lztEJ1a9gTgqaMGQ56U2
XMTMQ1gtxecpBzwknKWMf9am51FhDz7kYaM4b0U+iklZicrgmoiJvclnmsrBJ63EIFOf9YBjUXSI
D608103DoGvS98vja8ZHzU36ADioYOdOzpiDecNARLbNSb/rYX6TqveEIhsTMbHAsihLIHiXGO9N
ZFeVXYdG353Qmbp93wijrYWspsafCYhkOmpiLCIBqu1OnwckA/N92cnCGyXhGZ0keFKJcgS5dSLW
C+HC3KwH0uCibReXumxla8tEgcli7ep34opwuWJCBoaZ0OL1Nim6+9vI2UvFcszF33gb4U4nBFSl
93u9STlbxkiepWgwVz37ppjAcuvYS8YUFlPDQL1QpWVMsFgoqsEF5sPFkTGf5SlDSNr551/SaM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
U7RV39m/WK3kMm4B0/yiBdsAXoQZcvx2d2yXEKf/mKHCNhZK6UlMYlWKdbE5Ckx0NEwYO1fxq9x+k
YVslqqIBKHUpUQAQGhJdkayyov4Q9myoT5BNCiWn5HO/MDC3/b4zr7NnUaMpw4mC2Lv/wzmDxMQd
BzeLfLzEtrn+ynvSe05z+1CtTRl+3Zh7nGnDobDF+axrqkGpNqDmCj7CduzJ7rPor+M0v3qwgNs1
awwYx+w23gxynrBxxNQql8dhfZKO515iieF4/EJ2pPra1OnKhSpajE1sX7xOPRZbU+yXUlSKPg7V
pWt3pROSs/ggeghxxYxuJWUdd0FC8a75BMf+PoYU5fQDLcfYBJLy4IyFYNNYaVY12YhNtqyYQuS1
D8+F5Vu4kTJ3QcwV6Qd4f0jWZDMvj54UOoupCpKmTToSHrnmbPt4obm2ysLWOXMaTu19SqbafkBb
4kpPAcK3g6QhEvQ0vm7gbNSOm5CbIGESWKWQqTjxy+eFCKtPYAUuiluX5YOE9QGl0MgvrKLxw0k7
4FuobX6HevbXcEH9yCuITMQiDVow0+CvO7UKCJIlq0UwcRrtWgwz502qpsm9WUIHWKWyZW3gI/+H
bDureRGIUoo355MEhcG0UG1WAW55slu3hzqcOJa7fo5CCIRisB1yQweP+nIc6WfI6ztQuoK4sM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cpVVA10MjYTneYh1TMX2Co2vmQdfklerjLnyXAkGHMhRKyzRk4gRqUWOlu59SYiLmPZXpUPEZaqtR
rUyc3OUq7vDR2f82rZAE2I/vVURKlu6LVYoJRz/pKWr6pRO3nr6STulEhAqKrPsnAulS95YLaSof
Dxnm6dv3PC4kavAj7UKKQD7YmbdhBwHLjI8QmzmNR02Qx9fdWlZ7jMNC6Gs9kKiTzcEZJG/8c255
wTdDa/dqqGSZGbLJYO7KCe3h+U17zTkYn3E/zTXZg9XE9TvEB2ZCZmPOB9DJeOtJ8SNJU9TJXauj
WB0vhHPMUI2oOSiOXNdVc/ZgYEbR/rBUyGmflpvEaPe/TQkBbJMdEW09GCsAKV7uGwV+WDQ9jVMx
qxjRIGDF++W2/Lq5jYAiAVEty5v9p3jFXDXiyX+KBfjMlv4icMp8texaGd9NWeI1HFGp1KpD7Ejc
layp2A2cYoGxhbLEpucrbGogyTuLJYeXp72Y5wigkxxHQQlBoD9H/AngimUU89aq+AnUUzI+8BLY
9gTPM9Xtw4RA07gwT0rVMAzTR2rg+4jTQsyCAdx22kD6m6v5TT6SVOt469a9CSd9/jLl3TaY2T7d
cXB3o9lmUJG5d+g7lrikxU0sV6IluoPScLIsAF8EzvbPQ+PJ6PHaaxlJPOf2w6m0nIdVdxnOa8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KayHuw7bGZ2vxPZRCB69xzyGS3GgEs16Zh8t6/Me4pqgP3uiJYf+3J6wZY5E9vKXQc8Q8QpYDfz/d
aoPkNZgucdKxdynKnwmH0ENiGvaJ0eHSL3C1Aj8qBNxHmCJU/M9/PouCva4kP/VlWezm2fkzAtnA
rU6+qYFV0bXYZ4FL5pLyuSsi93eTeOOotYrV+iTZ31ezvUeRmVTpt8dpW5+CaqkWgIQlhIK4msqX
CmFGzMk0TP8vQeBKN8YNpiwsykefnFwRafDyyZiNYZZ8n351joVT6qdds5ypgrKIITYfY5gIIS6u
mdhv2mlg7ps6MCni3qLxM0U94dGF72342e6pHVjrD+KN5kegmiLrdn6lDUq3djkTC3aVKmqMYDFs
Og1g4ZvQjhe2Q8D0SQ4sZWYdaeWGqwAwlgmZlfVfeGwqL1GdPce1A605vFPopKuO/7NkSct04vCr
PXECSLEQozV9wbx21xZl/qN5k/1cWF2N0cEsCo+hNxQku8Mj46srB7d456nlvt4MO6z7f0iRTjw9
QYbItUAAcajnWd77SHW33O0gShPvFqtmfAxdiib36E6TBOfc4zcfXwY8PwY2LoAAsT2gNQjlOaP2
mUgXQ8DHLBluGeInJyIcQvGmE7aPO9VW7KPvBaAikJb/bzkkpgpLmwvxVvIzXlP3fkgQj5r8OQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VmFB0Yfr5aXRFh6BmDwMj2xV/U2NGY8AGmWLvCzMdwbIYPpWg3Y3PD7MZcN4M0GVAaZtowkN4DM46
XD8eqdh7sd6zkyjuTiabQKGy5A+T4nYsQSN1e+LvBZ6rDF0JaxQM9golX5DE96WHuY9MAo1vZjoQ
47u1083zUa2h96mIxNiSHlIaeQQVejB/ZWx1+1TpJPoPyXXsCEg8KNVOrgj1/fqCQHkLGmRNnWxR
zOtqLXkQa2TtUqkBl17NEWXiXu1Kbp1n13BLNGGPCPxiDNX8kbTlwtLcloGhVUFgDtB3aQ14cy63
iAkumJeOGvJn19lQfCuXc65c4LYrEGS6ehS2XznyNv+EjxHSxdmRWoN0bZTlMunULeE1tLUhH3Ni
dnycNUFzW1UACT4f2N+5o/c/olUVqDsT+RBTqoiSCwJ/TYl6fJyEcZ3hCc9WuEfckJsq9gErLRWe
lrjN1cXL/154OxLaldpnTaHlMN2hV9wYBeB68PFMbohWSmhvHD6l8BGs6pNDyMOwBlULcvSOcbhJ
mFZDx7Pxa1bD+RwL+IcAIKleWfiEUDYCjAVjnavnyC0/KwjnWDaXh8G6EPXmddKnE8XqpBu1GvYo
B7JN6C2QZwMBmvH+X3N+nSq50iQyT1caik1pTSvF1qSyNyUTVxeY4qLEit8z4XTt0gOrMQS0YI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZhzkEPTEmIimDhLf2c+e6n4ea9H6gpypPWPxa22zomvDfTHsTIkyZ+dezVMp68DBfHpxMdSPHdJaM
WNewlVsYEocz402y8F3RaAh7DPGQwoVizqWBDOfnspXdJ6BFocgquJ675OoUeyfw91dVBV4arV0U
VMaKnzo8vCCGctm/xoezO0xUCukGyFOT/BLl8sM/V/8PZbmTCrkqR5rnV3T2CxdlwgJ2WGHSVzqv
2lfRLjBus5Nqtg4MY+9m+2D4STYna0g5JAh/r15YAuX2RmB1928oaBEJGTOpEPvEJVfb3OrCZyha
btIg9T3JviZ/Lk1dT64ScKheM+IAMLNlfEex7NKVJ0M9cqnJBoEe7phUg0I4oPuHNMwM7tyKIVni
CONJvDGvY59tueLDgeOwpUwaAOdKo23e62PmsoJNswirEjphF0BUnC0b7XMSPXZdnk2GcmFGgiIc
4SbwkZdPDHy1zR0TAxzQ/JLGYNFoKWH00ud9uF05bkI+jwrAWDOoBP4Cy3YsvbdqdVja60sIU4AO
4jnGsegWdXGGr39H716cRhp4bYobp1iWTsmbH5CrSfDzT7nphE8+oFFcvS24ZaoH8uDHcSZFvuxK
RPz66O5bfRVwAQ9pLroccjjvuKa+jAznGWLGHh+DFBpduqZn+GKjTxbKrq8SRwQglKckQZMIj8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jQ8ISGAR7XmhvI5z6mkHrF0J6lFRNkYrBGgkoaBbzyyq7zyxZ9MsSRQjez/y0abVDN1mWSNFVUH74
JI9C0qV8pZnKa32VuPyg2RdLt5kULBiL9mVvJ1jYX7PbdY+3qyxTlPjh0+172rh/ChRpsUYydkO/
1HdkQi2LC1CgIz5oahViiRK2pDexYSC+qwDsSnurdeK/yRflgER33SPc1FDL8N2qJqVAsQqxDJoV
80sANdk6iKVubMtEWSyLpARHQQGcng4/ZlQkCHB4cnnjeSyVtGS4J2YoH5VLNHDuctrwk09gX3mG
sIYAscy7yv+kWiOV9QIbfI0/EfSnkVtRBBnANfZL2IL8UAsGOdXII4vkJhygKTU9SIMrB4k31sM+
SGrU5OosNQafsWWdwNvTx06zzPQ5+zHqPxIaZT7cWQXWR8OeTeW3CUZU98A2XvAk0ksUTQZxEDtl
cm24adTRhu0ozLJ3oUopCrMtbKhh9PEWTBnwTLuyhVmP9znqtjJMemZHu3EmeQ71h1FwdRT8r0Dl
E2TgY2yM9HjOA/bBQmtXgtom67oW+035K9Gcnrp/vNH8qNPNiWAJSS0w0GuPFjE2o1LDPBLSMR8j
3p4Q3bysrKtcBruB6ylSsoXSrgpcbhiR0bwARLFqaWNEF7gD38xSbKa0hZq55D4c6ZpRRDAtFo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PYZX+WSCXaVlzIPkR9CuDAERi/B1SR/mFjfY4H+YsrXICVMohdWQrZMKOYpEUG8qhlgkN3+kQGSem
uv84B/VV2VBUBgUCle0xYocRlepO67eyRVwTaF0vePVsh/qDUspHjeGDXGjYDGoxhws8koWhIz1f
cZhMk5pN+5bx1MtdAUJayNBlOGZ92ezgAjOnZuUaucQBCnsaoGO2hEeq3l3rucBeUAn6uyOoBlQf
zNjpz5ZR7TBQAH2kqDjdTOx4cA2Ct8njH6BgY1HQbGQdVaa3vFaZoH9vfQFVo1mWgKDOdEdGo+rm
em0ihUk1B5w0+sL/QMG2gnof3DjAN/Eohd51D4eoEi/CGHWADVLbIci9tESv7CMgsCdVfheADy8p
6hXs27WMFDsfToUUD9+uQYcPF6PSvuApGlpgsFVkywM7Y1gKbAJck07DquDwOAUaFwg6l6vyGpV3
N+hlgTbb788CZuIyod51wBXj3GmRfAkWtKXKpGTIu/dUXYDLwH0zqHOEsjm0Fw/HkWFveFtT7SMK
29IWBj1CIxHuuZovYJ3BE65fCjCQkvPy4jKnQWzzDv+Mm0r9sTWZTgFYV97B2lNj+NcIEipsGQQy
8r/+J7ER1ffLqMjKHNU5hxTbyFP2Gwo9cv3K3BIlN2OvwhHQHd3UwzdoAW/XScV1tgaezv3Oh0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
X52KJLb9L25wcLwYw4doUPqt7EyRWNVNXSp/kxB1znEj4AXnmT0z5kh+O1NxBtRDyoSOjvcT+gSuK
wgxfsoF3Fc+MhG7Gop/QMSaj84a9UgMFkxZsRUZDG4+Xw/u7gZYcRAyF2p53YE7UhJQabtEhr6xI
DYKjPXfKbpb+DJw2kVHsbbqD5DEdVKeHK50VdAV3nT4hx5yph2DTNzsG3xtGytYvvOquSsendsBs
azeiE7aVZk2MuP9O6wmOHuqQ1NbKBCrhv4Q45JxLwx6F8XETG7L7UsssZ1daANOggMX31k6m1Zd1
sEQSARWYnG7oKykAMrlt89UydUOYtUgX4nUoe+QeUGuyIWURQTIClyhC/hWPaHKcwqGwDGY5o/lq
sY1L7yj6dT06+/APvnp1VYbQKpK59C0RJhhXxi2dOadQGrd8sl/QCe1aHz21nXKj5GuQPX+5Zdtg
cgOcbZqK1om0A7BXEMGVpouJexhEMo8idrxlPuZuSPNHF5gBtLJhxFxsbzYzGbNMShfqZnBQiDU+
qa3uB2Ab7qD6Ooj9et0SwNhhyJINwdgavJhJGQSd8VdbEZ7O6C0Ak4gHDDU+Ro69tvoNhKLIq2VN
qCZKe0waEnDLJuBZxFRkxStCdl2PJzPlfx+WjKJ7iXKdO8ABT0LkujMeCvEspsxkZ5xgULCkWA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PNPpNffnK9AdoPetCckkWs9jRtPLi+9P1csoONs/AVNDor2SoRcbkBWLK4VoVt3NXZFDy4KnUuAIW
UnH4Ty3qpqxLKmusY0FQCNRkmP16SQp8RYROSTl9K3s0RZp937T0PeiaVDUmNJDxJOZ2pWvbhqnq
GPnZe8vdW3PjNgb+PCLy7i4A3eBNBj8XhDbZZSAP0v7TDzICFsyAf2arj8UA6Wepclw2cbYlbUBz
3XK83moXYi9zyM6m0szy5n2g0F9n+qJy5zD2yq5UP57lKWjFzIO5FY2DLTMT9TW8K0rBOrqlrghq
slp7Ja17Tdsk+sFu+hQWuY6+E/Hwf+RawWP7jo+fxpxz/BILPFiggSCKIisZlI8tlWrN1XyRRQbu
p9AXgDYS05kswl82OZIWrKfxii+i/eurLcf+WsZJZK1jQh0qBonpFj0igZcXyJ447uzO69tX5T4H
h8ipKfRrx6fJ6yjYbsJ4eJk1xk1ApZDsw2dWn8YcSaA703i1tdkw1aUH2EVf+lytlBKWbmB7cFZr
J1BP2UOvJEhZhvrpmPXlXGBZECQQskseT0aX+4ApIurt4DIIYF/JZhzWJWzwJH8LmFHcVnhY9Moj
qy4kW1oTtO/rLMX1lBKjo4wN5eaKQ4Pe6plYUujnvjhhICo1xAW8+SMz8DMW7kH0o5wRNFBwGQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FEqEfCHQSRQz5pBQg5q5ReKqrt593tUclpnF6nMHbcorb7Ovbg190zfrub5ZpsIDCPehbAAGieNkS
byL/LO9PjFBQJvPz+V4us/RZB7x+vUsY90MlBiRZw+4rF28TgkqK0TYNXPvj0RfIlmD9RCos4mL5
OWNn7OkMGO670IKuVucWgKNjdzdNRf4gzeMDHNcY7/jI9kzZGzkDTToVbx6Pv+0fV07NePb2mTaN
ZTtWpzrxjV/8m1J0dqEJbtj+Xb205mmjgyFM4bacNEvSYS5+xsYCy879bPGp2o52+XyjcmNdEBYK
qP3nH6TfhLYfrKY/qP2Kf5gRLt9lPBRE8jxsNZ1w7iRpHtowTfaUeuzGpMJ8syK2wYKRxOo5/NA5
VwaeLR7BrPeRP25o4R6wZfLOGYPYas7XedrOsM4jhwuxRhg/Y32u+gPCMN7Hvb8FJWv5Lhv/B+9F
BEhkIeZf9iaom6LJ42jFQZn8mO+v6BnkD1jwr4d7Qlyb/vfrC/n1KPSKY7P86GFVG6ioGRw8/RR1
qQUaOpZVEkDaUEEvli19Do/4PoRFJDEX5Ker46ihGOjPCXb3kCCyPzvY6awVtS5xBYogCD/rmiQp
BR1ZpA9n4xuS55MgL+QQ87zhs39UdDtq+6O0Tk0gG6hgin3Nu18ay30QGNljIHZbRNkkAqpq1E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PglxyHihhPBlKSIXXk3/siCvp6PShRIIgCXhMqW9Ecew0AcvhlS+kGJKshkPtZz3G4/SmZily/4Q/
ehpfq/zAUCB1lPyUwoAzmY62EGIMdwVvI6YomqXC7kDeg7V3UKSyavTdNmdwJNleWkOQRwqb0Aq3
PsLRLW3UI9phRol2CQba2fnj8a/spgtxAFsETCLv7UDbAxW3FlZMbap47WXwT3qKEiFnQMeqZR2W
Yx9FqvkqcMtHQAVSb8oVBOVw/1Wr3GnYqaIl49Z73dJnkY3+o3gZsgKMJHmxM+Y60U/nO1WPTVTZ
jvIMmbjdp3+2G+p6fWRjuNrHb7muC+co9cvoEuOhGRJsujS6DprAi3ih3SHb7oAf18EhHEBhWL0V
ksglvK4GFeXipiDrMwzgEfsARl30K61cOnGuO6+P1Ml5I70wcEAfvrm2GH4OWd+cY0/moPJlF708
J/J28ApQGepmxeLDj9Z2iITa6KGeLAjvEPvMIwbJ0omevTgrAw66hko9r8ulQemkwkBIxV5LgG5B
JNp/fyR+k/x2hLAAfFTTsfu9oO7avPRHLmUCXe6ZsGkj1m66I03blABrVi0jKbPEXSAPBQwAzUS+
K7D+KvOMoTvZ9TtZaSVxD54QonJuG4rQjoVchobzPdb6qO9aLF1MC0wayAJrYLYfzf+eXZhXk0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
P9fRRxh9iCpKluX3Xl/bY0GntS6pEbBG9HfVa4vQLlvwHyyIVpAlX/45fAc0NiUf7aveM912T3V04
lxgBcgZQtKAodn+0ODEJJIj5rPhWTkVBv3KotGWcFtahBHEDMJ5yzKy0QvKXkMlD2f9pA7VsXIVq
BH90riRfUGAruQlZr0h12H6smC/sMdgbrUSbx3EqwqlUic2Bj+zj+jbRqPCY56evYktQVDWfX59N
R+1ZSMJbHBqnu1pNha1mFPkuXmuW564v73lZDHJXkV4UNWQGVqfEXmD4f5GBARqT1JpNCG/wDMmO
3msWnXXhUrVblVHT60BbVsvjNO1BfXz4m9zIk9wL1g6pTQzORPZc5kPD9evnXoKaNHFym/WMHbn1
Lh/HnSjspu6MUu9Q7jlqCoDQ+yj+OaSM+cCPS2QGuTLCeAktxZfnGPfMpkoFoFpjQrCbd0LjEroq
ayr+O21ovcafy5KezDBEFq4B33ZNWLEQL+sjP6RZObBdJrqhMNCByKjtLBNGy/yjC/+le+UWCd2I
FX1tGW7dsR5OBevl2i1hVUWfnuCsjckE7y+wO9612TwV47cokYC2XP9ezogkxv492GVo2sV4QovS
OQzckdAwDmpGpmE9dTIxyeDmEc7QFcxAId88T+YBcPPTZyBs6GkMP3GcRZpkkRu3n1Kv+KDckE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DGAhRRb3Oa9dJMXBiE0xQ5V8rhU4U9HzGfiJp7En7VV9UcQ0RSRoW+Xwu8ukpqtPSJ0N8Mv8FX6PA
Pp5QucpQtnWRBcTRxKtA4a25J+ztFIb3IKb2Ezm5ZKtXh7agabjnhnEVVTDoMLKimhYWc7YUUSSM
fwploaPeFGlh0YVao4T40kzVH4sY9OIxNTFAENFzCFj+9d+juz1dChUsUhI1troClZhXAOefvupn
TB8KlBX7uxZscjtwCOxzn3sKKyyo22Ij8uEjlyQogpumJymk77LHiFVfi6VD1ceT5aqwTYBLTTKJ
sbSiQc0jVqZN5of+56UCrlaxl5kHWDjAqC5KwQhpXKldnvtBh4S/S3mC984BjxZ7dJY0ZxQtt5JH
MYhCtSzGI7AkMP9fl/vvD5l5SMPf4J1wzkihOf/vd8s/QtzU+4gvGR9A452uK1tmw5TQRpNNFT5e
4wu6IE7xsmoxm5R49aiw5hS0zZX0rQo23cQIRu1Fee6TuYSpTll4pPHoKHpOZRen/v3p6pCePTf1
QPWKsPiZsJx004CFYgnXm9pXU35xzzR9haGgQwkxlDWG7gSxbeX0drm+bL0+xFS2BIgx7Zdp5DcM
rZKv4sbarxNPzZAO2yXYOeeTPqFHGzbQbLGT9dBtZNkqxB9O7hnucjD0TtT0z545UqyjhQcPEE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SI3y9RDGNtznM3LlKy18dtDjI8jBbKnzhs4hqFSvUWTDZWPypoP7V5TMMF+V8ALufmMqRsxPI+buN
yue8x9reiitD9RkCbQ6KOrqAazHC69tXZi9YIBCbIciEflknYsU3J8dVc/YOgtdBddD9vmbxjmj0
zK0tkurSgSnqvO3oyW4IvPZXSNvKsHxHfAk1sbsgCnvhWecYyaBDnEfqdGLCF4jsvdiYm0tYLhp+
mLsPT6z9btXW7P7jq7ag1WJ0yEUIL655K+dJcjc5o2nHCUMMb0Fnw1hesGT2FNhoNqe75tVByxA3
fNh6pV2OIGHk+/hrxm9TchDEYwq6UF0QpdN4F4ZGvhVimzSY037z1fb+6qhodB1LlS2YTGDO+zLv
g04AHOqJ6ENGqcJisjg+aW//PxVIbn2DALnw6oumkax6S+4WkKnUTU9R04MTZ+hZW0R5JazqjNJw
+gmbshQOqy3TB0/d8a7sFszyAEcjycz4YdaEs8tjk7DYutqPKa9kqxXvuBPEB3YNVNc6yb8EFHII
E5ocwLWgjW8+a9Ka0alaUtnyYd2f/5oa9Mz5sR/anBby3egThGULm72bcSdVVe6sXM/0bUGFvpgT
dxCWnTuCuQcPH9YM9d7qNkHwyQYAy0L36bg9fJp9az+pBspz4zmCdiscsfQ8sbJeh2aUyiw6Ts=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jdoHsEbbSSLeR5byCCJ6siL6faTFfeohg21+nH0xjIfgM6aaRtf6f134VGuOJMWQf50mWUtDyB3f3
O/vE8r80l6I6+r0P+Yog8eggot+PDtwhhG3a0Mj0PzQr1RbOtGSefoP/ju6fOFEgkdQNfphl4fzs
9YRT+317XxnS40SXAbSIGG31UgrdmKvi12gNXQLFrbRHzJDPxx3ynp30FQSLsTmmOIzS5194xBod
v6nrVedYNoJvUja0AR3AhAA4sz98P7kUknWo1mF9OMyxq5CXPcyPRaB81oUtRtZKKFxT204Yyml2
7kBnr7DYQlEhsU2ByMo0cK3rzjT2CHje+ERJCU+jmRQIqFLrgPJ9WJdAa56eZEt7wgGL/DyUaBEe
lbXH7FsFCI+ANaJpCQUHg3INdAw7vERZkTtdsGhY3uSXo2KO8c7ON+jORYRZuPkEaMiniTHQ+GIO
ZMPYkI2pByTbTKJkyvlQVh92LloFLFWr07ArcBOQB+4XX3IelOpw52mF167pIWvaqI7LQYYqF871
LMf2748uK9P/JSFiZYe7Eiuc0eXf8zHgoLlLofDAPbZVGikFQYG0QpSJUgjdHjIZqNYaR4bX0EZs
ph8u4PSaDpkAqm5gTzo4ORys8OmEDW8XjVtlU13Z2fBFg9EVPgE/Z8ZN4eZ7GnXvvNNo70BC80=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
B/pVsljLyXh4yxNL9lVbrMRCoBumY99kIeY6o/bzEUGhSrRGjkW0WU82DFaB6eo6r/LzUgvZ2RB+b
2hCc7DJV+Wblxzr/jvao5LwjkEfJWNceoHvsHRfRkSGv+/5llZ8MUpIiLZdKUKobfjjW2+tQL0rc
ksm1A8/szbq8TybZJQRBqkyXBcf6UIft62RsZz3HjdXGLKioqF+y/h22MzIOCze/TYYg0FgOidRD
045N1IiNBJU2dX0wkpNfJ8V5hKn4nebgtkfMOGfUJ88r7gVDpaPup8aXXT0LW3qhir1mzdvjl2Dr
cmq7lY0fkCdTAo+9jkoQzAiTUc7OJCSUfr99cnKd0Owfld/luPT2rZUaG8h36NDbhoQ+fQJ1xyZ8
L/oWEpp0wKnl2VSP/7qVdDOM4QQmD/NhbQNuWmhyzGnSXnkFYq0/LK5ZojV63ivIFJfCLqePfhB4
KJsUr2y1G3qHRnCcj7v8AwGFd7XGUx5gDX0GvdwNtOFD4mVDercHgP8xT22queA+zm6L5rWATf+r
ma/0OmwKh+Pwo9HT9MJWcALTxBDPc3sGLljx6e1Aec4YUa+/6wAxqkqQYD5VyQljoEzSlKLFoXDd
l8Jh/0Gs4Dj8QKe2fM9BRIWWCP/uCvnlamK1ChPAcesUFAx/i2VOTxxtIwHaF1Vm/dNT5sTxfU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
V4isk3j8SEeBwU8LdibaTJQ72RVOVsq/1E61p3l4/856/FU6F8GmjPC9rdPciDR5vZKJ6GpfDUfN+
7O5op/PA/anjzKSScG4lrXoYg87+U3KXO98dG06950P3FU06LPhm8KuyT0Hn3srCN25XiggN3dFD
I6HttcGz3uxn1LShBeGALkGpRR3sN0fQ09g0tTcz0oyITC5+clAD1DaGuDzwzRcc+sUQY2O0V5yY
r73mY8G/S4o5yRQz8mHOqyMDRsoODYxazWpWb5XOGC9mn4Z/vHyT5gA87S67y/PPbsvizgu+vKAT
EYYepNVJxt86jIN2XSC2ZlVEMqt2/ppdJt6oF7ZW5UvMRHMSOAxXGaWNZTGnyZKqGSV/oHXXTTk1
QhthSvGKY6LIXSPhYsTvgKcMYdV8WMMrKqpqQecRT+1JBLSYVISYdzRW0AonJO5ghhLcZIj/2WD/
DYRZiI7MZ9cA55BhUd+fe3ygEj52wvBxJXeOD23i7KOx4N/k6mbD3Gt/UnvrgMo3WEFc9kDhSU1+
CibUWM7o2phJOQtNUqMFQzl/q5WL0Xq/BNj3Jzm6XqNLbLhDozGbLzpyI13ksF6CNYKdrZ2oXmOP
11kJnLTTxpZkPdF3Ae+SQhYXUHLPx6vYlsB8d/OK3+DWCc3P6BsZQ4uXH3Db0p+fV63EQz18j8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JKp4eSnDcQadSrWVY+G9bxU+mjGssT+gwQxjF8lD6EsmYiGWlX8cn2dtmueUKox/wc9xdwn/aboRf
PbqjGtZIs+j4rcumRU1V0VLwW363LECUrL+AZdFecfHMImBQNYMORFVX+V1ypKjdewWia4ndwLMs
u/kXe4vmjEd/T1IX0GhD668J8obG7zRO8C/oVIyBYBhyx3rKeaOamnxPRjU2jMDvHDaGuhy4UsuX
vNdtpt1Z/FjY5d3o35t1pWek2TIfNUiC2iE+R6XnjQuOj0q/zcW8tiDTLQ5wPa7/LU33aUHd2iW5
pJ8iXoj4EOHTUU7kvcRKf6hdWRWHRKRdAHtMjsfjNRIMep+tPsJ+X4SGp26z3UiMTb4EC5cqXYVo
0bkMwZbTG4H1xpfFOCCjxkc0TAwMDh+Qfk+kdFmaGjhBBZVmXWszwkAItXRY8AZXL+oHO1tPlMXK
nzsfiDwLG3gzZmwme6ClJt9em87Nkz8pGQ5mAGxcwxpq2mysUXP4Q7Oj1DIetmLYuCBYRr+LKNlE
9aym1b+Y4qxLasyYPOXgA0sOKoe9Ww4vax5Vj2y98iIt20dxcOXe8RDTj2hwzao+lpNsDXqZeGNT
HPOs/U6cl6aBkSkIQ7nEArXJwSEybJ6YyfXQT6ivFOkHg6V3GwJ2etFzDmE2K/BnsGNo7/t6lY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LpcytNpvc01wBKYNvyfsLYdFNzUGaVCgM/ID3LSNmqDR7tZoeKvHCIARefccgos4dwCfSVk6LUA17
SK+pK/Hxdp8OYyywAsMZciXi38fwcXJ0q4RTT67LuyZruRNlWc/oUk3l8y4EdHfrnLJ9FrIiUF4X
5JlRx8vnV1uKSExbuy1ufkHL2rV2owhTN4xJsqNb/hG0+f7XVttIA7nfkjdhIKoof448542tFcW7
ZUS9JwFiw4PJUSJo9hh+bNVbwBkoZ+3+uvtW7mdr0PVI9bsH7Ytq/xiIKJJmO+kbk3TDglOcGdfB
HGSOogIGC2wU/2e5/VI8/pf1uGPycyeWjTnYztWxB0qhzc0YChCxUlODzbSRCV5qoSr4ixLpvgcX
6jWPhpCJhr+TndeZNv3wsMtpLMDhtMBusEmQLamQMuARE6fIDnVVLTY3bK1gIpcnWzSv25H2mX2X
SuunJZXL9BPQpR6dX5zIYuwvjEu/ZMuBuCwaV/lnKpCUL3iwuuItOLTVXb1CMDMIGbHVIfyoX32X
X4WUxbMMckCgAewmOk0UspS6S0OFSP+0+GS+S8+QPetS1s2jBcKrR88omjgyFe4dxPgVvuHon6A0
yC2dCCgM+P4colWFlGr6ScaD5cXfglpPFfOK+OBvLDtWg/LunFu7/ef7UOLRBtGocDQNfBIvRM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TXnpvVB+UhOukAo8uPmXyr2px/1a2r/3CIBbnIYnA1bpZWYv2D/bHspJIKKK9ukFOK30E8CYrK+TM
C5YqoFqfx9QlA0PIrHOYYX5rLt1TTbtlKh8Rb7v2HeUmtxZFeBRNu7u2Hd4Gc8zmJSyIaDkXZ4Ux
2DHCyB7hdCwn99lBIZ9A3TItIKpiMU0aBAZR4qfmCrjwEdSYydw01z6SoXnUfq0EG8M5d+XDAndz
Io4b/uDft9ssvYIQP9s5YH+FlGhrpfsRr47kZTOgBG05oP++fYMwoBpq0yEJY8JuqkXz1tQcmHIy
yW8U6zMmFZVfBHVrVt654JCCJKGO+K94RM8Tl2f/KEvSx07h1d7umG/kGk0J12/g8wbtz8zHQc09
fXlF+n5cNhDmG9kOL/MjXTuV/95wEEw6sG3KI/0V0RHXmemcfbWgn+9DpZOWxlYEEQD8B55Nn05H
i2KXveMdQIYbk9020rN/EdYKLcD2LHP1Bg2sXoGnfrCdHsNUFtMqohzP3WKGSRsGoBdao6Urr16O
FlYsZTp+x/cg8lUIdQd9J0Jam1ayOM7DyaOizJ4v6a+upEd8C1QvrxsdNzDeh14T++ulMg5u9tKP
fMQKUWiqrunbagMC7dUdR3r2KBFPq/kQwCWJnPeBaJsTY8gTzX0ERfX51LxjLkDUv5STQViD44=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mNCyytpka7B+dfUaFd0h5swTJ8w4SzSkmlFYpvkMM7TOWuLnWfJxOV+YuWo1sfr25LfB/TSOGvUpI
Pj1sQzqJD+Au2zYaWmp0pu2fmo4IeVJmW3PvsDL23giI1KDN3aNqPCHRM3ymX9Lcpld+bC5qaKkN
nEeOfMcvWCHOae7zHYJg/zw6NoI4HWENnKPtSbC44D4QDKM7LXsqVqX7cuyAKN/Amd+Yqbv3arIJ
Rph2NEAgNi45I0NoBKzHkZCTonTFxn6mG9lllFGMJB3Xue8As+WpO7xJMwhXY/ZJVSfIq9Zq61hg
4Sd2CzOZ/O0ha2ZVqZ9Y94ueFvPHfq5pm+FBpXy/k7ByDy8PwW0KZBBt1WVcDcvbCH9vM6G4/idV
lWXdGzeImd4qNV4uPrfsLHngQJszwZKsu+7ltGVv2b01OiadXpgOeCFPZz3P9g032ziKR+VTNaPA
puS4k1Lu6thE+pSiKaKu9hMeiPe/XbTjGnRgOITLr+ryVcCBEZk6xf+XA1aqQEM3p/VDECLXGDHp
rjL8m1Cm5GMqEjVOHXk7D0KFGj83RrpvrgCoW+msjsIryuKi6DVz06nfBoyr7dH64wppn7o86Nf/
ebJuL+KkGDag42VzQ3/jpL2cHKTJeUfXDjixFjObc56fKL5noGLh0zIXFRrMm2UO5RJgtXLkQs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
I7Mf4lmbZ4iG7sOddai1ohWM8IJfm2yowMzpmepjl770yL6kmPsiG35rKn1NfOtaBRTD9whPO2FZu
Pof3Jd70+D+LOfP8na++6rAnMzLXwonNvKtI9QMtWa+Gbf+ZmcvqGeIFyOd0sRwPR+JgMmhhcAVQ
feHk9BFzdAJMou5ttAHjf9XaooglrrgNoRtZnmKi8B5UVLU6FfrGFNCNwBaBDOYKNtoagXMzy19I
d8bB7FCNXMNZd8kxiZgTP9zL9mcMaqg59qy349+Et8945V76CoFeP2Ed4o8GVjMZaHv6r07qy8d1
jkgWGoz7oT+hK/U9EhBbCoACnuccC0LSZWGJJ8HKsvQi96mYdHTctAPi98P/hOSNisLhYPHt5FJ9
akhUKvIZXXbrM1JskZAsWcFsq/eSIYhRXWwUHSBSRPVqejRr3HBtyOdZxgHfwOGnj4T3j2/Ain3o
iPvwE9bdSjfg7euGLnDcyiOLjooYURuOMrW/QLPDyuobtfzQpTw2LRws5OV8ZKpTChafkPwB7VS7
rNcLgBRfZwcF4Nvm3w8CXxwW6GXf2fV3TABIYJY9h/tuNMFBUbx9WVFE1mklO7GQpqAMYSnajeOA
jCJbQYl4SK3lHTEogofSEsPjCj6Z2ougZmhu2rJwU10rcSoE3IpiP5GU82vEmJcrEU3JisGjDs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KNrVI+Comxf3cYNcZIk29bE6ce7a44Abdxw7YThp2lYMFKivtO+LCbLTfuH411MrnCQYOx+ooHdR6
9VKlvtS1govtm7gcCArdGEfcBzvE/zuDnIj/UCTs2Q48ZLeP0jXyVePlf7T4AgBLn7NhggvjvY8h
KVJL3+0z/890ZMGXI+3gbnkBrTUssF+9gH1IC/DPcTJUeAFMKZe/YWMbc1srokwD/RcuItsPlMl3
NnUslfHUI1QKR++VrrXOOWxX7qjeEcLJZo7jP/WVf3JtlYFO1FRFIa5zkf6YLbCTUPnJ8ymqLSR7
6N4C+0cg4iOPQbyq0+os/SJuZL3KZKj+KSk5tzCwtT9Z3jMLTfpiikYXam2yR0jAp5KTxGcano5h
CfLjdZfp1nTsP9M9nAefSw25DROwNikuXvKie1RcydRpanVAKVBP0GQ+eZpFTOjt4SxyBrfbP/kd
Ez+xHhChxS58GxnktShtQouvhhqvSaUMh52HLV9IHc3M+z8/s2pL8S6TE3uJ7edFTycJ9CIpDJOF
j1m1rrhyJp+SnENFldkACkAaaeTnXrxjc6aZ29J3gYVnPkgJ5U/PITqd8W6VtIp0omcK5gY1Pble
pcHl19SdF8+77HGSrdBG+7CzNTVYmpqkDevLRDfnGJD2rmTLnLDuMqPJbmxYLTCUY2Kw886AzQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NUgYmJ6Ma++R/ayAfOnIhhsVRAogsVdYxrkao8adsCGgvCH8/K3nDFh1zKazoF5PMySHphBxr/cji
mYt3wpetFemtwinH94bbLtoGYUipbdHKGAusvOscWzhHlqUrgyKfiqWu4DOEhnjKDpCVVKSN+lp0
E6vn8QcDnch//4b5+tyKhLXmj5hsyLRcubrJT+7HKgOuD5Rlt70jfVv3WA1LqIxSYEp3ZaxTI2sr
201dGLWEhONXCvG5mL7X6Hl3chqhdiM8NkqA880Lo2ikDOJ/XOfZ3cMgqfWQ5D1+uidoYWWT/HMW
Dk/tcUyHTZMir+0rInwoIlwUnVcN2Rp0EQvgE5iBWsZoahVqT6lflscZpaKaiwUiSJkr+UfgWLcz
4eV9ew+U4LkZkSFmmdrLETwohqtlXHld7TV9nUbYGqTyJjvUrW3Bb0GZxed3qYdB2hy9FI2vrFGS
/3BO7i23SWzL4YJC6ni4LeurWXk87EGzqJWNCx6zRAeqZzI/J5VzXOjRIdSJkts15JiZad9DIvuo
LVcnY+1vztwCpOE3ja8VyXPxjtWiA5+fq5ePa5Bt7WlQoSYP1ra2enC7gaoCmvVcPdAYzit61h9h
qUjzm19OAVbukji6x+aY2ns/Kro8clnuF0NBSC2yU59314EM5vV0Gc2np24Q3nZ6zVHDjOaDbQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fO15frY8KSMz9WGcQo7c7mFDMCO6WPWI2c6OiQjK7xZCmopZ2eM79a1DurYzTpCMMt/avs+YrVzJq
/fZBdhHhNiglCZKFHaxIdYsHzvxeqwCZaPwvwu7u+XsSC0pVxUGPIZIN3enZHfDGbwMEPw+9hYiz
N+ADpcYB8ohJ0jY6Gupm7Td7udWKs9cMTnaEVqlMv0Z5NPwDKpUb7WVNThFuPE2mQn79bK21P7Xq
4KhSmj+gnfRJ02QE1MxA+WLfDMlyMUX3tV18foBrpicwS2lSQubbUVUviXp5NhDlr95p5ZQbu+U6
32LVIWK4TYD36m6PtpfvMGlVclVoyERC1AwD3jrYLH//SctixAKxTkUUpHRLqA1MPWoTYu75CM8J
53IVODzXmwscsVLnQfLZuaOXhagSwvA9JhROu+lKdTKUVQKHH2oZadT8hNEvcl/PtKPzaD6z1SP7
45HzpYSd0vPm6BdkaMLUWyI5/qexUWNW8UZGMqZNKE/MF8rReIYnEGxtY5UWrS5TxMQeykBfTDNj
aaxzVt47keazaxYXazyi8pCJ4JCKXA5RWYrKBmViOJTyTiKBpdH10lWCd+gngK79gkSk5E2wlI8T
R2kavezy9nt4Ked9UwgJkGhsgjBhY2g68A5JRfuPuS/BZQ9yzpolEZ5q0MLMUJV35rXvbWCqwg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Oqs8gxGJC+hYu2+yKJ16wUcWJzEt6d7cKZReX72LKjOPZHUgQv++DbyLURrxYl722K1PGj43EZkzM
DhmUusSTkUeczV8LyRsEJFbmVlWht4GzFw3aT0EEHNf/WCSbEGxoi/s5/tIgJdFhSlT6fzxpyV1O
njPaDjVbu3MiLBtJro4O83O3ao76KCtmG1iHQuy0dSqVhEIbO516mQoDRMQxI13VXHRQ/CEHQNWC
uiftRQEqjhke64zFLilwkTd8erSFV63nkUvHJCsAi/IYSr6j0cuvPK6vjtqoy8V0oC15u0c81t2p
w6IBdaKFMbEM+6klnFexGo1927UU4jIuS2dr4XhhY5C1AwXIzx9RtRcXOHHENSmIoEwhbe8dScX8
z3B+I6NhbQb8LhnTcebVHtEiRUVEJljRledq6tXEn3/yo/6ryNUyc77k1Izq72bG0D/WlDsTRjh+
0rac3ZGB9x/mkKZgvuZ6E05D5fb+PKjstxImuVrkAqkVMBQTzFSM3CrwRQ1QoS9joFJVEBgXbLBw
Y5/jVSXtQLUWvPU5fVV5HqehZK/lk+5ng2ZiB3bwcjcQb4WeCOoOLxjYXu/yFmGpVykPk1gEsGzM
49PG6gqutsOtOjGK9CsLgLkspNe22cvD11mYESNH9gdPrWcGOr/wDB8gmokQkOGL1hu4jjwoRk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
czrTHdOAUoyiWRlLbXWXWUxbz71d9kDYKkJkKaUTr4FZz5KbRJDeqVEa+MYWZBP+lwPEIYG0pMhP+
pqRoWA8eenoAx8KmxZnufiUC1xCKups6OXqWwiHqE/8sT117kf0ibJxCfsSmiGZhuekbrZRdIfqN
pAzypwwWKIuatZYbUruEYX0AxxClXVsp0ph/XlCILu84c++LPseT2JYWWmE8+3ofc90kByWp4yEf
8X0XiRitwQTN/B9qaR2VDWC5KBPSMOyj4BcVAu0mnFt8fruYnBG0bP9enYdQNYnECbzmAKPK4Xx+
SaYItpKIQYvbDo/uHbTzcsxxWyKvoVol98i9yPqskrFnhtRjflbXWCMhlvrKtTR//wOpfd/YMPBR
jXWc63eSku+pwAvveV9PvQoas7UMQsUtD99f5EW2PYwY7MjFG2V0/RMWjx+Tvo1blkTznyzikXtG
EbSAJIeIPO4917d0tsvEmjWKLOdRWSxC5BbUpsXk6PEh8n+r45jQQ3oZWwGU3PFxbzGEQZMOz+7D
b8VerR4Ux5CEUyzmcaC4nyFy3hugv2QYLlmpopnM9i8lUYJoJC/VjQrCWi8VNr9iLVQolnHp6vkc
hIPoqZPbV6JxgIKezjhX35k1Y9ZVTDxue1w2IrVipCPTMmEK8N7z6o6rOWJsY0SHZpjLcD5rKc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Oj1PJV+wznpdxkEogFh+ipUz3NLBEHWDz2hyDYjD9vsHnf5YwS9VKSLjJGKp+0+kGKFQvOPPrSxLY
RcZkfdFC6oY+ohRTt+WJVxSWB3hEM9XEl+EuccFxovE4qs3l9zsLShe/8bzvQxJV7aylYkP1FCc3
6LjJ6SnolspwSt5TWTBWyxxihwe0SHD/kRTwvSFWfPfGx7ZJkPDct469+QzkiSImHsMO4/CLOP9E
nrFLVT0ww7ZgkDaHojwp7IwtCWX0czRJqtovcmL7MUam3QY2LewwFb2m0PWx2vnXp/dlEcnWfWmC
j8mNkhVh3tOc+iaV3SahiZptBYrgA8RbxK/ani40jCAveXq3jaH+d1pMqxSqNboCXjWBd8Yy/ymi
Suyuy2FwDNg4FTUOJ3CgJhEKqOFeHbqSRGgDXe1MuyNka6pHPaneKQK3ggbL7ybTiyF2wf/ZzYoi
rLwjla9Yi9Qlz3B6tSBkLRH5A1cPnJr+AXNvEso6PvU4VD4RCY6KH4YADsNInCEYDsUp7RFQuXBC
m6YBNxR/rGyX60QWqcTrKWmLvCN2lOALQINRsHy4GfusawH7fJ01W18A3u1GcJaWXxcg33Y02NsS
V5Do8SQWOxL3W+CZlgE6oIBDv8Wts9yMxWZGkrN3Lr+YzSly36xs6TeHUmXMghF8ITCUyhKiZ4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
itIS9n1VPmopA0zvKFka7y9FupGLlJLt2/Jajeg2a7f5E7081AK9hP9+374nCimLcZjMZ41vCsNxX
s/CpGtDmazITuBBwJFuv9nIn2kLBdQvrdFFcWzmigQiLX1tEqDA1hsShjozSitjjw7UGsm+9IOH6
Zc8EjVZjR4D/HcF8tafFcEZ75VjhtoeLTC3r87cjbEgHebCjuMHPfOI5UdizMF0kVJAeZpg9kc7j
46X9xIRGwVO5YFo33TiMsXKHpy1N6Jpdd6n/dLkzMzQjjqVks/0V6OflMNETRISE0ypkvcWd9AUA
hTjV2NOQD07NJUmezt9fuRCSzm+yZqJRpNO2RhsWxPMOH45kP3fZ3gC/gyuldwaoC/y8UFVqLv6D
E7Q9PvG3zcCNhow57jd8/YG+rxz2DimDBbcHkzKvUxCTe4p9PFNE6XvyuCeDVVa8RoA7Mdrd6G3R
ir4Ds/iQUPr5AYBYGGrmerMw9GX6R8AYvEPyianPE3DefYHhlgcM5fIv/7FxLb9MNkeg6YqQJAhm
exYqfXpSIg7uwbFsQT/Cxt9LsmfcQJQDSGvb4jJMgq83bSu1bAm1qhmpTMtm5+NQg7G6YNQlUqWs
sFEYtteBKN1LqBZWfuVYoiRZUwx+ga60PXiXSHK1T3iwK28rgusUC/9WL0TahM5lyip7urPWPk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZAMc9fwwDyqbuPR6ktWB0NqismUKfaFOeHazjvRU+a1H8ZFQRwlwD51Xedncs3EqYEhBVEXq/DIyN
bNCd7g5jSSV4+azDjAr1BIBbSQB0iKrZ3al48rIkcH/vpgoFmG3ExLazxTApo8yAVp/eVuTmYv+P
GrpPXpSE/tPH1vzkJH/u0SQlW3vJVulvko+YoKacCOgLY1tXccHvzxbm09R1TUxwaCXF/Drm45m3
qDBYw8DrQeRSeG5oZ4cMac/B1zlyrvWJOObGJGY97WsAYLx1TBHb8M3kfJKKd89NVj3bFrgkjXa7
g8i8qZ058BZ/D0RcSpPrEZe/KoWNc6SzvZwwuE2gQWAGnaHUoH/BDZwtIdefQ0xfPU4GCDoo/8Ib
DiWqo/4FAxiVg7OVzu7qb6LCwT9aX7cTq889VXr9FwRhstMVaq6v30DKuA969PfuF7ptMrNLeC1v
9umbe7P9waU0GaeKTfmNSXnyQtuVwi8f2a5yDbbvv1+uTbwyw2lCzceYK5wzr1oeTwpCn0kavZCX
HinOKJfmMLn/wjTBzb7cljseZnxLNSdnkNUoevnils35en1iU+XwQnuFmB3Bry50vu7NfbBKqwF9
bOoBT2RMGRJ+30xO8HNsX1Xqw5KFwQeh81jtNuT6dOMOaC0uba/Fx8LvQv1Fw5RMUwGU8ZBl/M=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HXL/UZSv6T0vop74n0k0FCMvO9luDsyOzW3tjXG/ZY0JzpgZMxNrpcORFu17NsY6vwHgp4o3pJbQB
mGC6OdE/bzdpfZnxkcuH2j2Cj/tDnxoFf5Zg3oCS4T9lxYAWnukiWwXQqlO4OtB7RiJvN9b8uD9f
pFWaR1TmsJXuUkashMtZqFRQrqT0gGp+kSunP3BDauUGvHkM1lKH1D+UVp+oDuDv++IVBcb8uoNn
2oqVeBisjnMzMOwCCmuJb63orPBxcddC3njaevlLpTjjKv9OtJgQueS1aLLMvN6UfxOl3pqrOgLs
j8UmfMjyPi1KESCJjfJDqIsbETrOo9yHGq7VbrueYHD+vbCU0RoQJKc6BxDkT9YngdKzj612gSvR
OgHSYbqWJS+1ifGvuw2iHBrgPD25544+RLmX3/o0NxH5PGq3U6/O/RLzFR1V2Z9pCKgKaJGAndnN
OkKF0I8/qYu4MyGWFUivRhwYcy6FfPPZ7NoMCu8hhRZm/lkgTBhezWgKFMQcxYtHOQeQokZ7QNVX
iOL8fr8CmCi9Pzx5W447PwONDtyar5Lc7NOUSxmaMIQ6n5uE6ntdsHgQe3cTuhdgj6vFdWysTi/I
2fg2UBxWsotJvDzMo1Dh1c51EuS8jHaNIlqTSe6LeXNEXbYf6U00HW8qNknyCFtgRucMIZ5H4Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XCyZCOpAE69GSdl8x/EUjpdWw6kcOzhMTbyyP382k9au27gZWhdZ1bsfG1iHz5+MXdbeLJYO5AsyF
4GV3Oip7HHjlZLVrcjvNhbkvOY/VdoG52F4lq5gnurE66+V2Pab2/o+s7GEGyep3/GmU/Ob0P72+
W4Xt6R8+kHvw/hMeZiAtjZkNPis7vrBUAS22X97xGzHsbjSzAoiWOLieldpgCVvtTojRRpMNsXkm
fe+QWKhUuno/62R4HImFZQUdmAzTjae5tPX7uc5CkQsTGTj7cGjV4r05gvOzxfI9G/+USsu3aPHr
z2VWU/Ikq2fVG6uZd3AzD9CX37zldB6H5Yx58pYUK7cTyeyvdl+vAt1Prq7C7I+7nmr89abiYdfB
As3M8/+ILcJJ3EeifZl7fMv0xPpKQiUD94UHYP18Ru79xaM6AZ7c/DTmoenarEBxZY5Xi0LCmoZ7
NNRW03DTKXYOlr1WAZAdcceSLj0VebIQ2ufRvlOaMRcB+8GwX0zz69+q5ixmDA7hTOothRV8+vD0
r2jkYjRt26e+Bg/pAJw5yVRR3R/dS0uYZqT+OeIW+yspPWxuCkibKinQezy8l5xoCeoCiRSKhhgK
t5/iTyPYOcIcOC0kieWeqT3IHxKzc4zRH09vZAXthU0T/xQx5DvNY2oU0dJFvHBRTjUfC6TbP0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AwM2+PxT6pgrfTEHpypT7H54GT56l51Uc8Mkkv0MrpTakEM86pea3VNF2kt225+0lHr6gQkypp7jj
xABH/HOLO3rARVWzfDvVGAxyhJFUNXnb3H4Bbi+OmYUlaZ9j0O59tObP4aihPNiTb/+l910MlmCy
WmfXEwz4qj/r4Bwf4+9f/cZVYzqqlUPVK+29VdA7qKheNbesuXyIobVwauFvMczjk/pTuJN6ZF3F
aAaCa6ECibP+jZFYfkFdqWYZqr5ombNb86x5jpcKtylqmTFl1iPn5RrFVvPtgj/LHdRSlv0zeZlb
ihw5JW37fQeeEqWqU9xOvAUsO9iLScyc0MF/18pGbmZngIRCicBEXaCWWnd+EuoE6Aa67sLgimsM
lTZrcroMnRiA1HFsarKBZsIalEeBSNL7IvjrW4UoAml2qHipyVlRgNMER9RN4dwWmJNjM8Zm55d0
4vgLUXo/KOOK72cXugCBkbQ+CNygTUUjl9tJPsQznYYM1mPJQXDTBYuZMxAYO0mXXBFqC96i0mUv
zFQLcWcni/q3nyLGXul5QA2y+FnRhBbGnWqeH3Qf+QxaY4MfaV9ZA2kO+vjzZfp6eR/bRO0y3lgd
1ZXRcoFAgotsJ15rUUZrnoA9jNdFaKrZ+P5ZYNtOYZsqsmtlCRDYV2/9KxYD0SND7R1EQ90uQE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
V1fHUKb1IjHgQN3WqC/d9i8qXGO+T6AUKKDTP+tiivLJs9D89IghVmGdBNmynqLGHyZPYE2J4317h
Ej2AzQLErvP+1DkRQyXrq3Slj3bAP8uUWLMA1PAJvak5wOwUazvGGzoS+FJaDO54HRwfE7kJCqzj
EnHWfJ+07BnM1kqCo6coxMJ0eeT3WysjdemIllMvznlPw2lhVzogHb++lZ0NDu6TdtUotqh0zG0f
x+vh54Eacbe2KK+XRnYAGECqzen6OKMzv2aAkgDBm238yhM/44TF0rkcQxKFFJ4jBMWE/GcYDwX2
D7gYWqXJmzLxcfcBf4fe2NHsOSAFks7FKHBIhvE0txoVvE5PIxdx/a25Z5AgGc0JBFmg/c6XbOA6
+AS95McitPotVmfsbXixXGWKkpm+g2K5hvq3b+zKyaMXfOWwvCwEQVI7UU6FeKsTqDEtZDQhwp5V
qFnXAXIzPKrlyMvIwiSQY0ewwcuxTza8uHctpxRg6mdkjXMtIx/DbvpYyPwMMxox6VZvlam2g0UY
lO1HU5GnC0lmGfwLqWecYXqDCSO1okrDm47S7MuAB5iTDiESzLIpp0gpHPKC1gM0Wp00jAeBYsfc
l5BI05gzo1DQ6ehxZMJquS572GGMC6M6JW25rDkx5A1USK6gxUDvMaoMdSGe4q91ZwxLlsTYuM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
j/qoYoMoj7tgtthmk5sXA0EPZP6MHK3es6BaYvsdX6lSrmOHwWYRGJFqNstP7JaFW0+nVltnfAobU
4ez/phooNIUn3QOHrVRj1gD0rgckNlc9bT3utNbS8v7xBkH6tzODv0viBbfqKJmTArXGzTBN1nYM
RIEnAt67Vy4p1+N1gdePyTi/uP19MKqdRg2sP8+fBC6FabCED8POrlqHRpP8a0pp30pTnsO4c4Ry
jX5h+gZWLFMhlieLwNJk8bG9hHdI8oPyNOCJbOg0QrjxIEqyU8FGrfM3uzZfwsKGoUTlEOxDqiH9
4xHFeynjmxhmCMs3Ky9Z9ugWWbGwIcwfcsookdBCcWdzufv68NrTCg+OAizLMdJsZ4vs/D44/cZ4
4uGJsYMVR/iBp7XzmSHap9tfo4VpPpmuOs+bmUAIqJIcbaKSgO3wqkGKSevcEIO4Z3HWcK8zPO6r
2lJL4l0ri5KLN3OdYWbRGEJW+5zsOYvOd26oqG8Z3NhDKKAlEksr8GugrDtkEbIlUVOfpSFRZphG
ZNyDfe0p4b11v/MJCUmaydmpHvcpShZsu1DARY8QgJbivjdG6sLXzSaG7JZnNxzakstjbF5iqaY1
dEe6pMhvNfjg+2h3gQOaCAqpdlOTMnuMiPre9ycvPTB+AsWP947HLRj41U1p6SkPaAfFM1BEbg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aOIgQJKBH4IMNIhnPSkGaXdVDe9xPc+gCEHSr8tLOGN2ihHb6IGsBkxs35P/McnVo6mt1ic3yya25
nmmWAk9cwhQoHHKyE3O8cFCL42sdujzEGPJZp1ckcwsHXtENRXGmIBghW4K/wZK9Q7g+4F+rVbRv
tkagbWzcO5cbCYvauuB74wVvTHPIlA1DmN2lOl5hUH7gpiMWu6HH3FJA+3VKaEPQZl6JICDYEetq
BkbOMFPTCvslVt2A813UjtgkWJIdEGxYOU4nbl8OVQ44VhGd0RQIlEG1IVAoscOQimwp5xcjpUjo
XI3lNSko2qdkZliNK7ibHiFsnD4iTlBvfYueLufhh8hWRI02ROSBcDgomjd82tMwCxkHy6X+OyNv
RQkbajhfMHQOOtaBcWZ/SdTxzPVcaevE4FPl12/hA0+dHh3AMZ3/jJxvFViVc0kDZ31pMrB2vHvs
WHjd2EKJlTKnGfh6/3lGqs3uKLKU+KVeNYakXu9Ezs/zXTb/Lol2oDAJ2Tvj/WYfSKCYu3zfgosY
vHku/g/+sduaIaW4gkMmNiPub9r7FvvrWFUmDE9q3F84CKjSi54WHkqDdpIdGSZ12ON6ExUKslLQ
fWQ7rcL+MbYYLNNon46cvWZzpbxrTsaR+NirLt2jHAHb7hm47jjcANS2zTNW/9nsHxliioyf1A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jvVkkzFodjjjJcRFMOQxuzCtqbLrP7jBWO0RaO7ukjA+2hb3rqsJlmwmYAHabPHbU3tYsns04Vza7
XSu6zoQ8tgOOS5LstY1z0nFURszT1lNM0QNaaoH+8lpdbTXHrkUDPv1QiRBSD3DtFM7RCJgnh15O
29zbxR8hyHpk07X1yOBMzAt8OgSQe6eOyX4KY4XdSTKPq7lKqSEbN/xJEy39s818iQ6os6j0NHi5
36GsuLBl1BhbNOaU+RPHoxbFDw/c8lPjswtFYYz1WMlx7IubOJwU40g6ywpFErZ3XCUAxEypRjbN
M19D00hqKaIL1lD4bYAFGpOIvlZnsVm/gEL5sPSGHmTMyW7TSz6LptgIXlcF0Mumj8kECSjEBQWH
0LIzd7/JUU3CAiK9vgbsMX4Zw8ofq9Bl9/eaTiDyE9INRi2n2KC0ymbzuCvQq7pg/HEIR2g2sJ30
sxW6V92Pq/HSfvN2Zl7eKG5sc/LZNxFeWWO2a9B142xY1qb25a/gleHeGvUdfMUfOc0r1wVklcpg
MmJyebgxm9+ITXwvKr0nDrKjcZ/JmgtCI/LChjJyvCTn0BnoPEYcaP9CP98OcWM4Mr8UWjOQeJL2
McEifiQmVhBYw29x1d4WJJXvD0gQD4QUNWKqRdxwkPOcN8zeFwvS4mXFXL003AsbQJKwSNsUcg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ijwXHMGTg4W6GZmhL7OUpOE70Ud2x9oqh3AiccJZIv0PpLJ8Tf4ysSZ81mfPkLFsGuLPuT4CyvH/2
eZgD/sJcp1YK7awDr3Edeq8iNc/SyAzqOxLLOu9qm5hFK9d+gjjaqxt7kwMQA2KLHyHjWpOfb0ES
3ydg1gGFNJXZa4YebTQUOnLX5tGTYPHzatN94aPm49SJb7kg9jcN5816Rl0/mIxv/uiIJbnicakH
UcZqEsMoeyPh1Of0W863dzvuPkx/6zoJV38ipQkjp1achbW8fNqcVaQ9JpxScD82ZFL0Q1EwdKd5
VfhCcuU23UwhJUU5QOjVa5E6Gon487QDSVyAtwIpidPD5uBvAW+O6AkXA7AdRgeYtN5zRpOgPlrb
opCCEfatPpM4Y02oFyZf2C39O86EaEhCux/3FNtjqNt6wKt5uktjfDq666E9m/nTWpLHYhEUkhow
klMO+e71rep+qElKYWfjODeiBxV+p5ghyCR/d31jgdm4qH29ogfHOILzqtLIyDt3VZnhrpL/JOAM
bBTCc4tSuEH00So/XPQFBzmCcUJTaWtOr05IQ86t29Qwko9JqE7+aDMqJk2lmbM+KG7GAvq5nm7Z
ysEI2ZlOgvxxiSZvSVezByxJig3XspVU7gR7RZbARsWZaYsE6AFlfsIVslPmfM4rQkLFPldiZE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
H0sZyc6Wg4Snv5f5oftDW2vv4Xi29iW1pey2znl6RURNCP+npIvDA/KHFKJ/sHmsLNwpyMUMoAxI5
tY/+4s1RZ9ZYoU1xX+n4R7TvD2WxF637XDbItl03d4FznppUDt3ie0bEki43MLHZnpWuQ3JxZ/Ok
NO5cL5L4bZlFBQ+6sQ2lj1jvezR+FlbpJEZmUTIjnxCNm5dY5xf6D78ueGK1UZVUCg5uFREqQ+WX
oTAQLoWjjhtPo3jDMPsF7lHAK5BFOVJWwqFvb75ff5MOTNL2IpnFVCZheKwrUdSVLZyjsiltmTv6
JwBU+bSLsY71YXmhbJUpJoD6VMCiYpEuB+9bA2q/4xZ6MZu3ChU1rM0fDlqgAelBGh1JLAwICZn6
EDI+HBRF2a8cMCDz0/4AnuCe2bBxGId35bo6HCcHsNpjG9fOLezgYYa3G9Vl76KGdxo0FOIlv7o2
D/wKEOQbCd5npvIS8D33CsNXgEoUnn1/eqOwBnvyRlgUnvl0uBQ/V6pj/GaDd2Hpd7so+Y1LtPr8
HtdFaN6FERy26QXVS5ddWRj9QE5z1HL8tfE8LKoaTRx1uYQNbBK0kGMMJ/XKKF/DBPVMW8gmURgI
JGab03SSthev9dUDnYMC8wEbLl88wc01YBAvZVVSEZJic7RJxJp08Wxzgp3nmZdtSuL+jMOalw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mtA0DhhlbZSrEBhvUxmt9D4IdwYuErkCHU2YdUR073dOL2c78Ht4p5RrJzQB1AhImQBczyPq2EuBg
vsLQcBfzteXW46nZiA3uvZXCj7T5npl6OJffLzsACwO5mab84HzKWO0FrFxlhe9iPfqB5Ug80zci
gKvXVewXF9TkLsfCRUrCvQTULrKrTEb2LawqzlmjJ+1gw8uve9pbgUBakNa930HJ6VXdHUzya7N9
JLXVAuULXaKGv2CO7AotgOa+yX8HZW4A6JR1n2o6MPGgII13Q+0B/TYLBjmUsYHHYNV/6vD8Ti28
Y7fQbafhWxbWXTgjy4/5Lw7RwAb0ZLuCVTZadBtFZtKb/wRDC0EmgdC+GC5hWUwEJTjUScr2cBYr
/Z27pF8Tfl5yamz+7c2AdT7wJ3tzlmzqt5qe2+rYS4yZfnzb4VwzZWlRHNtvjMDcyAyn6xsfOaY7
wO3LS6QEuzUz0hvkib7WKmDW5/GGel08LNVf8C69AKmX9Kug+4nHZEMU3fcAlMOdriU97MLqH77a
833f+Yr49AMGwWU5B9in1N1FDnaFH1xddMRaGbp/3sBW4AUT1mYdlGgxfwjoOAhJIqJkdPmNbbUK
pJkSdTEdqCUePn9G7V/LM6LDw8UOu0V9p7ZtTpOu0vXteWVOT3Grb+qKPcNJ4YAXLlGWLQz9O4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VuEgWOUOcJ4M2vBqgfGAc4DHEkBezfb7oy87GEBg1OH9GM7yNcooA8PP8JQRLglm4uZAeDqCIMi+X
a3Z4NzDD1oJunKosAGgsgJczk74AqzcM+1qmFjdZbBZoeFqmyhqAU8XKKgBU8MnE0pESe2S9QHE8
ZytSZY0nxwUVHCgQQG+q66i3VNhn0ziLYm52td6aLUSJEJclTGsO+VKUDMNoV+DtU7USAFR8yakR
QvDp0XjVdMRLncNuQSp6r7lcSEAIdWbT48B15GYqPNg3QHhkV2L6X3bXttYpykz/dsEjgOHgS+jd
VU0XV+WmPOkIfMFuurK4jn3xxYrcFRuGBMmFgg8/+H/pQlE3jD+3/YrH+4iVq5GNHeG/O8WXjLIR
43Pe8P8RtZ0mkWmgC06bUecoSZCbVKsW8i8eMelW7gGlpagEGU2Om7pooCYuM1H/mXAkEDB7XvkH
3nVIYCiSl/S7jdaHxGD4b8vCr9wQYT3X3KWt40vePB7QBKlRkdZnEtv7UaUN2ODfJFrdT+dGHRC6
TlQ/70Md+jhO1JKIvGtpmCelN5BJYBUPDgZhRWRh71rxafmqczZ7+te0Oe+GU6Thu2CovvxmZ9oU
6LhzgCO+eGUohP/cCVHDK3Ywcu8wBMET10ML0Gp1QJwMXc/m+QAhsdH6MofmbxwsZQomkayQLU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
g2zdrf7r3iS19eAD0OaERfnBXzmPz5FJaKaCwE9YXnx2Rv1H2gzT1UhWNpFczBHj3cViJimZtI1QC
oMvtw/6dcMJILuFfViE682qr/C9qbbVS6xjYO1UBGyevlbwgLWTHypsvATfLEFdJ9vHryZ54roOT
GyPFKNu5F8LWMDoLIOYrx+5TDjgfW9EMflEkDaSkGydEFtqyR5tYjb2+JNOJxzTjgGn3K9Rz9+v6
TXhlzdOve23wzuTwFjV0p0dJahvC04rWdBm2sqgf+rMXtWXLWrWAQX2VtHfza3tq/FzZ9Ypn9Tst
8/meiNqU2TvqhB5nwHMjKdAJBODm2M6gPs4UzwE6/8d9tb8Dl8eq5Tlq+qt2GcBXiMxdasjYndLE
37K19xtLtFEGDVmg2c1cOulJwczNAjGuzkej7BLfPsuusKC/S6RT4QxEtOMc/PemdOXk4whehelx
/JF/Gc70BMGdzcWf8TbWcc+GGRb2t4MkhdxgKl+CnMx5gGBvqt8UWdFGLu3Ib978hVpgs5JemV0p
yqsPSTt45lyO7Xxbzb6ubfQ4M7IC/YiPRGUx7UVy43zm3lFUP5akfOunJsssLL+nIg8nHnd/cljA
KkE1FMcSMJDEL4HPRP7jL3bKln916Qd287t3tKr55HyFv9sQRjwMkdhU8+GTRsudxWlMYXt9ec=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EAMdppIXHhKziQir7nYXY16kW2hVmHwEK2b1uhFppP8ojM5prqobY8mXY8vTjaBZuuCDUoiFw9+aC
w9qLIVnLp5Hptelb1uSk3Yp5p4u+ePo9+dTR5UH2l4BgRD3seXK9suhcuwviJdAjUdyESp0afUGH
LSnCCosBD/KJGU0jZuekNrxoXENP8fOGx5PTbS2AfY5stEVoVtU+YWeVppP1MIhoDmUp+YzkE0D1
tRkJaDxltfHTy2DZMIlzalh3Tp5kV7ZDOmpY5jzCn9LA8JgToDMKIHf4dL4OnKzDDP5c4MG7YOiu
B5FLQ9fwtpVHHvF5bsBVkPdDoD0WPJHEIZ7SFGXcUjL5iTaizj/QrrkIksN5gXY9xvMAgPMOsJj+
e+W1NG+d1R+zoddhFI5sExzOToJJITYU5wvNcN8RWRXAUI8uwyF64VX+HyKAbG5S6dsWVHnj/fRi
OtpZQE4u8h2OhSNGJ93ZvZYqA8HzUIDd5z85254yJ/sptOciM9dSA3eaBlD3CYQXsdKkU1PX7Fre
sfzSnVOOvBdPyuFqlxDEWZ3nD/MIHzb0AfGkM5pYd14/aGbrDXey3qNvHuBmFTlP9lpTUPR/dy61
KT2+/iz8NMpYG8ByBTXc0pO//T7SiCJi37Vl373/Ry3wZhLzgzrWDiPEo1SqNn5iO1QR1dGGt4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Videos\Sample Videos\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mR62Qq6VXQynGUSvDfy1HIvhWbEF8T+mp4mqPrRN/vdhWxRM/KouIWyZ3WdZJQo3gA5kWtgAUphck
SbRf90azq8CwlvoQjGOFkgWMPTzyUvi4JUFu4sl4O+ZQl7IjUbenHo5VfylyNGW7bZ80HKxEcHsJ
Mxms0NDVrpco/2CkYXrpRGKMbFAHeAPCte460V06V4MIoNAJapUpBX5s3bSGwP0cz3SFg66CdQfz
VRDLI1dfWomLVRt5iPhzDA2LGoRyqUHpUPBmdXyiQRGwMoZlOxMECW4k+0AsN+h/TpCnMoS2NgKq
G5QHkBDy6F6Ho6g+C9j/nusbBYrRLRSzi5+C924d3hLOnVaY1cUgBZEnllVtWr/NA4gP61u5fDoZ
KUE3/Crzp4kG/hCFbUnE+7N1uVf1luyJS/s2gDSrwIxPIYbkr+uFlpzBaBk/pTqI9uyxU3ehm7sD
Lon5wvlu62VCXwiifEtItGOmYdF7T20RM33EuUrWJxn7aKptzvPnAG0gLpG9m3qpCIkOzXjXTO57
yYvnbBZVIgCJOP4VfHtxgI4EATmgzDQIAinMzSemyV3l9a6g4gmO51yjvvJbVflgmT0IvGbpLyZP
yiikvQdJwBEd7HThGuOFHEZgZH28ROnN/dGDk4D7aml01vu/RAgEFUvylujqmLZNFbJWOAZg4U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Z/+QgcfSxRAABx10wxIHGXfTbjpIE8vMSi6K5NCPkrc6Sjp0XD/yiMoCgMQCWNqbPgnEyxO/9AoS6
iXpiuhauUdKmynH0KAAYgoIdW3dcbh5pS79gavS/DEl10+8/q3LUJ/ts3Wt3daq4/BqX+Z2mFZwv
jLNhepwIKzhB7d7zzvc7BRSS8B1DQsUuTS/lDLZnic7dOQ0Cl0v+kxN7miOkioBcmFwO3bJ52Hhh
fKB5fJuDGzQMfY/82+iULZ+GtaTXrbaai2YOoUeK+Fs+MWxUlAdMaCUY8zIgxE33u8oNJ0Er10yn
NR7e0uUl4Wxjz+xjLRT433QyLs4byV55hriFg3D/4H5eWYBg2jeFbxTd+yvJaMYn3j5hV5nSclfl
g+a0X4wKT0OgWpvp8edI2g9tBmoXQfNumSfRyatd0rLVm268RBdCHxt4m+8CMTXQGDrrU0Qh2Hxo
0CZq+Z6oNxlXk60kQjWjla87BRUDMAR4MfKonhBwv9bZIVpHGFbz3zcTtLOX42qgTMpO58EP6Hyu
HVDfNDTvWLjKKbG2OHTVD0zuXdgdM8pSJeMNktIwQbVcgvPUNX+HbDNku+Z9ZDop0koWHg+A11ya
Nnide8osWVlm4Wfb/F9ISmAdQYwl7tXWzFg+M14z2HZ21E1x+3FvWVPP8H55Qc1rFI95vcmyo4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\Videos\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AGC/kehNFyYKgG3IghiFqhRXtfl/6i5vmUO+97tFhclUpEzN3BembCxmueNW2BQUpTy8hFbvBvy/D
ztHFg9kbcI53J5rfQscSHZ1K1ZtTX7X64Li0aHt70nGGgkQBVCMVvboLRYo5aVjuXHz+lTm+G5UB
aR3ajPsGJzuj5Ie6ROT0Rchdl7j6xPTdx4LDhGWCXWTWlES1wLi1qrMKBoX9CFbD1vU0c1qdtwSC
dMCoXmNKTzJGfzploc8JFjFEbvL5TEkiLJnLExKDIEwg7QGACS74fwmFV05wA02aOU0MO558VuoL
MC+b1gmTemwivl2m1+tLAA4KFymJMRKxQAj+ctP8aRG0YsSS1TE+BxscUplzEqWKTw7OZJ70SmCD
gqRXJZH8HlteRiW5BXEgDXJ8HH/Kv6Szi9FZ+sCWG76uo1xPNzJ2yXGtSjLwgDyOOL09w06PDwVX
ukiUiRfULI6sxXd0MUo4y0pvl8O6uCF8/FrmgOHdoPbP4/jLGClxdkDF/13k9sIGqUNA3rRPrB1I
r78T80m3KC6TDvKlYVfw4kN4NYkrkSitt+8SqlA/gvTpy7fzigE+IYDKW28bx5hYYRRePy5boYC/
vlKkHJ3GOJL/dEEwabQAtk0/gHyEPnfmbBM/5qrb0Qb0FFV2d0h/+W79nVatqZUfpbAV2cQGgs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Public\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jQG08ec9uCfsFwKEARBk9B8rYx/sT3loCPwxDQZU1FPMfflouIMvFMwuIfRNwNGMa5KEpzfCwuMbl
dq1f71+ONTjF+KxBC8ioGOUw2Ccy1oCmPgS5WC5bxtOTod4RsKUEvapY7vi84Kf3pkbGV/HKhPB/
VIrEl7moeHN7etPGvg5uBbP3CmdEyourWeNaz+2Yy2Fj+p7xsDtev89vZpKT50RxsyVdVzjNTWtX
EzgdO3GXGd8ZheKPBduMsGZrdRLa0JI+8L99e02mLuheprVJwwFu3Dqka7Ut3APwPcTCEDjR9ehM
Znq1YLWTSzdgE5J6lI3B5JdzXRyNFyuiwgSeSvphaeHw4l+HipvYZViDZ0lXuUTBUUQBMDGJX0Dz
Eb/AR5ydoAWFs9vQQk37P33mfohMiV67Cl80CxRpk0LJk5UF6fHgpzKeaQ8VAvKCk/5fIRhzBa04
TPkZSMiZQvy5sA88ZkVJ6aY3CEFEjs4vPUJgd0MREPpWHg69Kr7imPeNBaH2eItDVjmpIj7yNWg4
dkVB5b+zUZzDA8EdYT4va1N013jyoe+5TK5fDWTAHiZAMh+Q98hQ/mwOTXEFRl+sOtAAna1qW33e
b6RzRqqAfszlekB/m3jWGIN6tuEW52dBtI1ktmr9LpAGnECtl2I3CrYAJqIdbDs+uONXUMsg4k=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
eslPNwKbL3N8fP28o83SOE6YK74A6JgbCreNpOdxgF8X6vN4rHkE2cJvV6+KZPLIKtCwaCPL9sxh2
Re5aGVGcripUmF2CDcWLnk/K9Ul+7drd4FXqCNDjF0llboh56SsJTxRjAdeFFB5k8BoNzBV7CQwB
cY3ygOYYw72ZQQiY4bXk8DFo/p5QJjWxLtJkSeKcWZuwkXtEdb9n2h52saOE80df8a1FMKcUemAj
6e3rv1w11CiLBmMDzaZcmCtUkPtgDjpWzapnLFWq0RONRWVoXsNwEFRZkZTF2P8GQ1lTXLp2UFOa
PY+pHr26o6kvvyFy79JZwr3+46GK/e1hJrZzSgfYFvwzRyLoRU3uBlmk/5YJwZ3DH7xayjhbUjyq
I3hptQwCWKzfNffpl0NWj64RAdN7402wUiIh45H71UBeFWhBj3Nb3S1kW+yDxnobbrwBYYjCRFp1
Azxdog8MGfUASjnVmjrvqj546WmHDxSItRHpfdAcd+91MBD27S2Sz/mIqCH3PtZBDZsTh7IIdzEU
knEBWN1rAqxTw2G4JHtUJQgcamjP9CrcC9hWqEVzNESGVXwxdUWK40FPoCu2AnCC97XdcQ1PCglL
B60S3bSArz8dLs+SFndFqYR1aPqQvKKCnGfNJAoV4WwXLTEzXnbtni34FDpVzj3vVfyBiEPsBc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IGpSSNNMoLIWg/oAWM08ulYPJhvb505SbEzyx1N4+qty5AhdFjLSvFGReQUgq2lo+KvptfX+beZpH
eySDTt/tBjeIyzhnOL8DlSgGrPwalSJ7EvTHRFjeooKVkNKHXwtuw3HaOeOV10jjHQWxP8zkF4fv
DQWOQcQqIkiAh/3LEGadYvwZ7tD3ms+05wXZaDd+PpDolak8TnHxjS00qBIkkKDMdxwfT0fmDV8c
Thz17RBY88IZEX3+pvrvRRTtRuiellEJaiSKs2HJse/qn1pafWuAzAgtnHLX51PNqZrgY5zCqUnb
cW9OT98fN7vo3oQScfuKGP9DzN2NFEXakTFQ7Qqb7nmtgJ+Es5BNDzBRqny48dFXIzvyCQqF5gkw
3JWWipp+d99mxtuzP6Vjltq52duWFgLvLm4hSFKxpxW9w0X6W9SenpWBtRi5hBLYzajzDSSJZTgb
IkfAcPc2Ai5CGrOLVi5sFsZh+nLncNpmKhN6OEe/Xq/EX3poimP0OX4pTgrKeOzQYumt65wLmhaz
AJVO/s+Le1cXKp+aj9xHYYO2/HSqAQyQF6InaeScKW87wT2lr0P2LPppQX26JP8fpIgff/QEAslZ
aNzHhdaV+Hrg/ZS5vxSu75vMR2Xfk0VBZ4NfNcfaRACQ9fVYM8+XO0ZWXWVpLPx4JeUhmsPS8w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
m8Afj2MwEqzM7bBG8F4S23XV6MDQ8Yyx9KuQNXYcBrhfXhAOgCmRSKv2D8jJoiAyvjszxoQgTrowh
QeNdQNtDPEEJeTTOChstqyXk2Qy+STT2SzeZKq2e3epqMYzfnUz5DJIQZoB3QtTr7UGXaWyn5SRq
HkA5BqEKPXRFkJ8QTY2QTFnXBtK9WpWxUos8KdpS18c6i6ToTJSjOGEZ2d1zuNtxTQYCIuANdfRY
HC6sULrSfcdD+/smO4AD3saVBDb74CDHC4SofgEq0CdFpEwA+aEzbKrJMDTXno6nYneRwOftVuJ3
qHl18ehtJd5v+ln2px/p/GRL88tIoIVjUzYzqleKeUDeMx/wo8LTOMya53/ZZpy8bziXln/yUpiR
6GMFxMjbYsILS+bh46odKgKqcJykm2rFBGkAJym+vwce6A7AAbs4CSsiJHk9j5MZYRKyeFEuTD2h
n/BF9u+X3qQp7buXbC1rNDBYMF3VAlIbviY26L1e8tVLhHZgDbNQT+q3kh3hq8srq9RVlZ+9vYZc
5bIA4cB3hSipQjH/j3TR1Uumb1/vgpaacRkLldPggGiOWlnbsHar6JtzJ+nugz5M0AYOmSn+/YzT
QPGOcgpkbLBPeh7E5rWCAHrzrOdGutgYKqQcJmw+Z2m+BMXQjqwtrolQkNCazRG+B7vx4hjaAk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gtAfERT/X7doSQLOnME7YMLB2yRGANyPNsMRtVXbBwe3cevE0APZDDzxFrSkpCx6aMOiJBDMGjHCn
9OpePsgmAib43HXRsxr/szIIM85gtCUjTTsaKwBnJ8BoHPIZID06BnhmT94g/SQuiiMRdkoAQtcS
nnAmgvYynnLDH+cB0uvBxYjZq5oJG/tCO+pZV4sJ11REvjZCtDkbDobFr/JUo1GH/n1rMoy/dH/Y
pidCvR03/3dIALqXbTiFDwqfTbT7zJi1dPtJmZWuaH+OU5MbpHoz1UIfKWyR2s53Lu215R99CCEF
AgKrXtqr2P9TSzV8G3g6yA0VNgf5M/3G7vov4yfdWp5svMt331zmIg/x+pJ5AcNuDhhWzHmz2+3+
kjStFVgZ6FiCCBUmnzvAtcMvA4TQiHAB7hAB3ElkDusSSMpFFIBLb4sMD9kPRRSFNidXp4jvJyLa
CabyE5WAZB2vKWMbKzb61L1kZps72SOJ0QfS3e+Kv5CKMMwDvAwHy0Ezh0zZLD+TPdtw1J9hs2YR
OqePf52AT5pzglCnV9RzW9IAl+Ok6j6/+MsOuBzhyfza4NZ12o0sl4TNWlEHqoLZq+VVE5L7nVdJ
YNu/qAprO+Y+v20ikA0W5/qNgGV9MH0d8JK9bQuaEOxnmYgWhbUYh8WOPXN+pR9vgLqnEDRf8s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
K3gn5ut5jCAtmt0JLNVKbtnMwtdr3c8UQ4D7WoS1ElMuOeg2lAQ4zZze3co3djJKHRRbwJFVDfPXq
SNrg9v0WmF070wJdNvLjzQMrSRGS+fPVjjnJ61R3XZ/oqgmtK4BOKGC4m0vPVEXnEe8KXnVm8xQ8
pfPCdN/WL1uQ6JNA4FkMZgcv13spmYiXoNgowNLGn6TjrnGDAYMqwF4bWBlHwdZ6GD+L32OuRkRt
nzPKyYyd3YZSZ66hhLkVCf4xjIh3YDnMn6r0/BQUhHtWH8AK6enH0/zaENRlbYfnM5WbsSENqZQq
H74RNtXoLSZFFPXN/C9eduFt5kB7mvQ8o/GC6mq0sFMrneiXh25o+AjIMZ4hEuw3H6Is7Ae8ZTdF
Zm0H1huFoLiJ3C9XJVpBPrMm3KWDda38UAh4fVl8kdRFRpOMLqyHHwqG7iL6GtEzVqAAl4JQcda2
B04wtQ0PA69m/iYxn4vtHubHWaxHQkjMCrBOXJGSvG2p3nkYCWd4aZto6gNHyOQgc8mYoR4de5XI
XO4R5ZTQO1gy4GcGQN2GGEmSDg91fZOkGvgKCuvKL9rOuGpl7agGSj3O5Uyj9/t8ztiFA99kExZp
4vQ8EL4koyiyPUQqhU75rqJWVM0lWD205cojrmb6sJQPvJ0oYrPeTI/lHtTZ2mQkdCm2BfC1LE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mtxMLXZIUBKL2gw5DVeAtR4isJ4Wc1/4Ly0k++wVcB7UVKCHChXhxu4MbYWfiv9I+5sgR1GQ1qHVg
lqOySIKtdFl0g/bplsT6XW+FQZOckfOmIa2CKHH2iYWo7EwY+uNPvJLTjyMHcKMFP9cFhTgv+43G
UOTEqcb23M5z5Y/ghSJ06tabL6yTIcUgFe2wzmy/dXzGL40FTW4bZ6NnYKQmPfuoiRpuisj5pJn6
cNr1iKe/KnRgEVhQcowAV5keE0QuFcwhWZaITSn6KdK5EfZg0ZJivbR40WybMd2kQosvJ50yr+E6
ytghMA88NkeBxGiSjQrirDiZ42VjIzvJk9wdpg85SEAjKL189gnpNtThik2TEBNl8FSPiQgAPqH9
0IC8L0uCZaj6KDl2getp/zpeNTz3SlCHy4VxSSrRLjZvYkkIAShkTZ4tOUF2ZNj5cswjLr0sONh0
5086eTpZ2U4GNBwW9sywh5FFhMhSoM5j4HqK5GG2QP8xnEkmrf5xUjHTDdZ41oKdspsPAYoAXJvn
ScbM6wvNem8HwJZgDnYlsNRM/OVl0xIOtLQWZg1Y8Yl3pA6drK2g2dHSwIQfIf9EXS/044oJCdsZ
KmI+j1R5SHTjLJtpCLP4goMGilX30nvHssf2qmoBStbCVkat/6Tnr+3G2sU41HBFhVxWosNDT4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QAVPymzsPqsYFMf8k8crPZQlks6mEx2oNpjZ/EvJATnv4kW6oUaz2oGToYrBL6btrkMLRp0TgWKkH
4/qUQVTxMqYr301i8I8xv6Fev5blYnQ6Cs5ZYu2cBdyMxs1CMgYQMEJYZn0//NMW6SFbGrco9qS/
qj0b2ZtzpUfK0i01536/PcYB5dRxYXNSmFWvnffGSK1YTWHLu41IEne8fj+UX4pQMoc5zRzSdlQw
P/WCSgTTDQvW9lJdpMhUiwp/qCyyhmYlCW0rL9pLqn9rKkprKwLlgMA1FcApKs3a0UXjdgV5gR92
wB5Z0eXDaDuk9LTh3NtiaRRizmukrOPQGo7emIYRPka9qMl+RI7QmpdmD+h2lYGAmUnEw/lRWpws
s2HxlT0W238jqBXDKwkgljIzsyzlPbqFueHDJh0ZraomluSZuFGxcnpWW6NnRG1fb/5k+U5EQ+aE
nUwWJ8bjIxUJZhO1jHmFC9qHAge2EzQ28dEuztYAyONSZl1a5FQX5TWrUgVzHvj3Xi0AoiGLVySL
z/y08eiI6ihE7oZrgfmAAYlnIdLkkzs/2KOUX1dqPRM5t5CksVjpH43MZnM19xlODZi7n84jjTQe
LKgj8yMmNBzXeStVd4AMRbMmKnjkVAvzz9bCsfoqX9AUvZHgJ7llkHVgeXOmMVdqx+7OuEwuWs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
i/AM8w+41LuTokIrQJAmfD4IassTNdHvZJDxLMPGE8mPYZvSiDCPIZbt/2IO3XX5ZqctiUfjSTK19
1b2gX/82Z3/Pqf59pGU8/tYlj9fvxSVJvm+vUw7HBoNY8d5fShahidz9K+rwC5tWTBfNTEtYKrMu
IueD+N0493ckBu3ojrdjMXyYWaNHJu4e5SRGWgxNT6b//yTDuXFvoPArQnvIMtvFbpgVlEEu9gB6
30R6UP+LHtQIQFn9XqgrZ8HPotlXtrwOEo2Pm/XZAwS8EagSr1kH1pIrpei1hJzkFeNRuzimwgWW
6XXiTI6hcUBIdX9jBR/dqKrI1tcd6o/JBxEY4aWVSPunUIUabaKUPvsn2yzaMqkC1BDaJS0xTh5q
p8oreVyx2M1FsvgdEBGQQx8SmoNdM+4WUZrUVlwIZsj1GUzB4BH2ZATEjUFyDa7Qx8Q0GhEKgoTH
/ajaHLGqO6XcmODbzz+gM4pNRUKcFPWJg33rZmQ6Kjq4EUSrD6kgRf4CAHTvM6dby/ILvnBs76Cv
z9QTZIzgE7aQBikrPE/uiJDQYtKDjL6umEnLpIFhMDlSrD+OFC3j9aWT+7SlfJErzJwmpWRUM+/6
MbuZUK/wnlBPcRubX6xbFPw4xYnW6USf2wppFxITCYqS0zATMvTRMAx1vEKmWKzXpOmVU887jY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gswIZm01dafbfstu1iRo0DLLyVqFqTyf5GnVoLw1xKQLk36T3ToDmmi9IrPnAU3kNbtocPfZy3PMh
+OhZVtff+pei94jLCE/npR6OP2lRjUUITlm2Zh7p/+ZvUZdMRHCz1JeqCfKPOVTx+jaXLskkYTv8
nn3yF2w8prl568G5Z76A+R2hdftFyiqFxG02ygve9N3ohpW2uIwNUxmoUBo+dHhVD1zG5pAJ+2CK
ZJ9fMhjtdrCHArJRCrvlSK8Iwg2uiv6/nGMAQHtql++7Grv8FcMYNjIKaa1DNfKxRXe+IIEsZ2+Z
ZXrPYKl2Jms+kEFqHhGTErTtj3XRDmPCn/J1AWUq4LliJT7SqwBwcy6zdQZubuEGN7J+BaYSUomm
pXRAO+ltbXtCbeUcHTTqhWVisd/9yANX2PlZVkOgjc6xWmNeZDtY2wYo4ZxTXZNwX6jzc9U+I6bu
32LBoHBXd/BL4e4stQTe8MkkPb6T7tKvCdRui/nZAUHl60P68Mb1GqTJ34L42BstHmdaqNMNJpy0
ZQ1lCdOADpbIQKzofRMKUzgN7mnrD2Ifc0oiu7a11QrOmPveaMqtA8F6d+3QhkM/z1tBHy2otrHz
EMXYsKfSODVIk38GtmW5uvDTLrpbBU+ezpuNe98zChU1sPPhScGSyJ0ET6HmkztJEMxW3GFo4k=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ktmOW9tAgioSEwmvMLCGikciZu2sK65+Y37EE996iLeFlf7fcgyEV3PxLUSGxss3Nn18ubFT7OsEX
BtCNMqjQuhc0510vKOel0LO96ZdZmiPzWn4oQYIY1VYuoqPAOMl1xIjRln8Q2e9Rnxe9IfLaiirJ
jYJJCFDHEFEnh6L/0zRaQmGtolDlqf4EuyJQsKyQ/aIAlAiqG94kF+8ZYBOEpItfRnwJwniWMTgL
pBE+rwEkXfASjFykGqrJkoZTjt41f04z1fG/3B9KOW69fjhiYUX20PskK48qJo4B6YpSTxfEUAZp
VWN1a+7KO2tg3syXxz6IrmGKt5rtTBnQNYAQzrYpycic9aWOrARq3UyKKYE4gho/1wcAEabthgfH
5StgisNEsP8NNYT+f443M/RQhFvEthM26LuJCcetZoL3aKvfIDJId/Ph6LVNjGgyTYE2f7PQvBT/
jYu55PdFXhaZXP/nIsdi7vsJamIDk0VYYzRQxTWNPcnGCmP5bkmpMOQBjzy+O4Iz5pu0Y4zmyMZM
QvXzHnh+cXFs71XsQqj2w9d6Eq2ZeKtX1pddUPoOHExxhxUTTKfa9vg6mT1s1QJbV9CCs7zVGl2W
v0sIn4JunpBN++X7E1MmMXRgb0qtHr2jHWdquQh5GQBrCS2KRkO1kqr/YHd9Hi7UfxQjzHASp8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gUcq9QINXNnHR3P+2kqb0oKEotZbtYQ7L+47LAhA0Onj6TQLzixR15dDQN4lvflFFIhVXIocoHPHc
1zbdlvRRZ3dm6tC7aiFzQWnhE4QL+MrjZa4Df/cLDrXrmLPyZorO6YCYtw8vl/AnxNRGviddzNQM
0BtKjOsB8FDibMFn8vW/+RwCDXt1pD0PKGXxobBksTttaaenr/0NxZYoBFBBs0llPadGWvtq0v5H
exvDUb3WKUgrpzTD4ml+1xM9EPqAApmGh/pOAF0kPiCDQMevJjhWEiFfVoucKohuQuDtI1ZO8bFC
f/jNOUHZ/7S+z4tY3iRnlXQGOsNvsidDTXOEYcTjTxjGlT6jf1wVAOOUuVYNfFN/HtTLO2vEV1wS
2Gw19BR338+IVm7s4aJEMRo69/qUrTOqUrPilJIngdMP27tLQEB3pOuxy/+AxRTWxqYSAFr5owrl
gtvQQJftTo+p/qXie+4hDWDXEg4gApzBnD5Sxc5R9+OddAMioQyX0F9TEyVyKCThThRJ86wZHwJS
4TdWod6K1DUvczPgI3yd1zm2wgQfSDJBd1GmQPaZ0u5CjvGa9z/0SZyV/dFgQ6Mk1E5757EfnK7O
q/jY8EIO2eKG6769T1fKMrlYPx2pW1+pM3ASiW7oehoJjOPB/BCGpsFuoK34lHMqwvVBcA3ZEg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iZdDeBxOF9xoA6HCogxpE2RffVD5rBIlXxNvd0Zo/EIHHePs49md5HnrbFETtbXQri7KCvo0kW7oC
bpYJXJ/q3c/vf03bMXPZhRF/VTbz7+YiWB9L9JdiF4e9P6Bxu2rwIuKyRhLJFXpiqMqEZLHpBT0a
lV5tn1rLGnt4DEbdSYuXbPngQdbNq5g5Siem84gfd77OXRpwfRgjw6aCUQYwZN2JlRvG7vNEXxHC
PfD4+P3SxWnjIzFuxBwcCEhk59ul3LVYCsTDzQtsn91OMpmRCRg+gGf1bh5ewP9UrqF2Qt9ACB6X
xE/0BGXHyW8dPPnfvDeCGO2OdHEgZu5HnJ1kPSbYEie5fN7yyEy7NZoPgrDCuCGcNtgX0f/EY1P3
AhLQLaW+qT4/6VqU2NXPilk6HEDP/S72e6J54eWi+FlpFHil6zjwHWEK4a4WL3t0JCgYZviw6Odd
m2kLUAq+kt4C0gDTwDlom70Loa3kD3Ba1L3xekbyAtGgbMA+73v51T8VMenUc8huNwYdfze7SWsy
rifWqA4lkUveQF4bXXnZ99/Rt9zAHo1lSZeAdmR6gR6QtXuHuvizp6cWQ2w+y53zab4u+JNSKoYZ
Igj0rjtsWFMTmyz/KvqVXb5CwRxjtoO/2squj9ye1NmDcRH5F6PxdxYQtqNMtTTLO8l59N10ns=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KW+c5Rg0XpFcXY9He9dgYb+ZE0vh/xRD+MXo3tLPkuJ3GaeMqHKHubFCBv08DLC/nd+l6MVGlNLj+
khi4moGtl83FFgMHxRgAbvCir0hjyjzgKIqFH199lGq8AU2b6cbklhZ9LkUb+m5oCLVDR72Dk3c2
RlwFNBBFEqlli+gXwbFXeuwL345EkmkFm9QAwl3IoQJukfQtby6ApMkb29PUX9yFbQKhgA7ewmm+
WqSGhjdg/RjG5OQccyAJsMG8qngCwe5kps4j/I7IBGSR1fysNdKbmXYlVchKpJKbuVLvtkNuuGM8
nUADCvcWtRHZz1WTYVzps7zyxsliHqCSCef5MwXzSZVG+Gx78KkT9x/2opcg6F/1QWey9nXblq9w
ZDsRMaHREuSv2aviHI1rZaIKhiOAdJYpxdNz9Ziw88JvLn7oiUbPodoD1QYsVEeFvhcA4crbxPy7
+rjZ4/M09hb1hSyi3MapBr4QYu0yahSuey0LSYtSy3iTSstyqqZyLjZln2akzURdy02ls4AtCRmY
6N6/L7934J9zHzGaCwRBCTvtnZ53IfbPauGslUSACUtvgY1FAlFLezT5WV/28BT3oOR52n8tle99
iZVsWZnaQoJ9JjweK+q8tkg+hqHr9mqOevMD+YPg8SfoxU8FluPgYhUdZqx26LtKM4gBu2/Z3w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AptmZXX5BEZVYSjPVlq5VX3uRKufxnjkJbROULV5mL0Tpulaj9nqhITN08o/e7qGBXvcjSTMwKOs5
7dExVtO8N9z+nhE+1rgheOwIgYx/+u7YG4mEDn11iqQwcNmH+Suc8eqSqUXPGkx3AKwIsvuO1ccA
B4pSjltIGIlgnDv4DeQVoGuvDfUzzssPUuPgZUSyrN/6qw3fnHgaXMHuc6MPZltaWi9lut2R0Pg1
G+yp1s0Fm0LzyAHEEGmCgGGNVGIZ/cDYEka9Wh/wtd3UIZ/7+iIdo6mWP+4vPxVucxHrELv07+TS
t7bwXQlG/3aasnPjA8b5HcjKmZEHuzDLVDAursMzsoQbDIZMvBZxpNhC+Wer9XndOiOPcq0SGMGy
nD++aIw7+OEpp9M3hG85HmK+eiydbMljE1ULtTNBgpe+HLOpSWi8WLnYrKD+JItH+hBg1CAol8Uv
pxwlKoJVomXWlzn8sssTiCVyYqLEG7Pl6OVouRPUd7sDHjwEY9wJv0KFf+jiJjzFo+/DXepdRH66
uWU7zmQTi4g2fs/id0Uz+QuJONUVm5V/n5NCXoG3p5pxHuISHpBe/mi6H8hIOXP7F7nu7eqZ3tuB
VVFHKE7o6KF/8KLMmg1hbT4zw9ibeHHQhdZzVadbvsiNct4sBzM6hBfDCnUBQYkUD8gtFb6gb4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\startupCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QoX1/xOcIVt0OEY9sBx8v02pGtU0zziXqWOX+jXjDdvje8IzWY68P5+9x7loOtl8teDclNjHzU7Ys
30bv4JU1vuWiMQm4xBPQtAY26DrWBdPNmMdpJASjKtRTDHFtxHOMkglf/lK4jU8JFnBw9Kv8m38P
FhgkVPkZC7sq5EJWk5SzL6UGpUooGqtmIk37P+sm3CMfR061NSIvYzvIQPyYpJawCAPZ6Jv25uKX
2ZDy1axr3qMwkwEGeIRxXLwhjaKT6w7uKPnKE6YtuUw4PWAr2mP3bRND8yCPJYT11CImRTWG1GG3
ft/zbGGG3TXWTRHufXHKPbicNr6SdWU5w898/AwxLzCaGEuRw07pozC0imrW1clIfRHOPkHXU90v
NA4E1rEniOov6QieVB+73Pp9JaMjzY1RjxSP5bHVMJ9X1fZvH3sZazKoPbjLT1GG3WGMr2Tduk2z
fHs1+t5vfGFCLu4GpcqJCdQzH0IOqZwHnVRlLFvUTd4BcdLM650W5zPyiC4lifGEmntNgKP3flqG
0i4rIrSQ3noA1gXcMZbZlo1GaXBkWxHxy1t9NO7r3sbZv5i/WHg7Ed34tnNI5qQa48CZPVpGnFmD
B7VLCe4k0KqnHPKmZrrFcio5J19moODnnHew27rGaD+sNhToYDYuuwUD/zj2UxrICFWSItJ1pU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\thumbnails\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JKEYpUeWKw8Ljh1GeXE/CAboTAAAgu1SozBWrtyflMvrFViXGAyjyYchpnvRXZ0BItwnuq4p6LMBS
Yvzsey17fW/YElWVk9ts6yWo94Vc9nv3ystlwK39qqMQGL2uSZmuJUrHSF5SzzG9VTyxLkA7wlY8
HES9g1XsZsOq20bvicb6WDolqJGa9KZtevCMLEEoYmmepYnKvK+MRvH7H53E5Fcq9VILkENhhOKT
4HXpzsWL7P7muuw4S9fsKWVT3tMNFd3n3/JGUhwCdgTd/rZsqoXPXO9F/R1bfUTQ1c8gLuN9nqZy
QxSsSo0YEqqoWLsqFlPbs7KGkmoduCSfWV4ttcYABp/melTPd5/sNgz4TUnXbt7xeYQ0PnN/ShVW
muspg2oQyL+jVyvX/POT2fa49r7f30iKEUOlUhxc1y9IntphEaE0zcPdXK1OsDsUT4LpvZGQikkn
y2R1vJZz6JH7RmOiLIXGEvqvNTtsEDdmNt73JV+wQRh3wf97rVshWhL/nD+nfcu1sfCachvwbTHw
HhCLDfExRJKfMuW2rEn8LtS9Km8s3PrBrUMUbmizk0IOFLB5ZfcABuuk4I1FCb1M94K5mVvsKgMN
nlfkjPA2gVJGHAw1AQlpgEi4c0STLRAuu5XM9Bv42bpEiO3F4NtRf3mJHJdpZeCFEb9ai6Yx5E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CiO5YDs83sJRGv4YMmUTeRV0dnZYieBjm5DShwTgxxYjH/n4ji/4pUCZB2sNMnVV5Gt9+yN/w8GpT
sSBwrJgKjDXN89oT0XktLxMIkseY0o6WnfyLRq0St9Oy/LZl6GWbF5LrovaXAE3JpONn4meiRmAh
ucosKkOBRfVBXRF8RoPvFgGKPxHwjANkmomhAe0NGEMLMlsBh1csAhX9jhVKSXMUMlSHIm/KrtUc
8lfD06uYEP5dbpiIauIaQ57E3+w1nMzJzUh7D898xZrQ+cjnFMBw/CvlEct/j3TzNwxoKgur1s0B
8ITsEpsl14lt4bI7GYKz9ZDzgqE5Ufvod+Uqk5jh2tV2ohSw6dF3hJb+RoXOxd6694yJBLY7dBR+
wcvjPOOyO5OWJ2lfycX0oRduEplfmAgt/JZD8Q/pYz39No94tF5/S1em/W/n312IAYzr+od73iya
8U+hlZ/Ueryw79l6ZJD2xuB4GqLWjUyuxQlRc9LeiyA85Jr8o37Kue8wt9rfibpnV/GrY6U9l4n3
wDa/iBXxJrKNriXGjeAVeMFsguBQJ90KydBRSgehLQ4ggRR8ySXs2GBnGYFvzjHt/q+lJy91sQEt
gLUAc3xBV4Rpz+iLhoxrfK5BbYiYpysWHmSILjjAU8NQNUAL/vM0Infhp1uUQ8E2uTEgLzlIE0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2ulz21c5.default-release\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lW1snH/BW1CnUhoGestsRsax8aSitjCsKl1ePsGVFeN7okfkYL3A3YrR4zzISGOsPUeXbjflgUFeJ
AGiud13DU60bPU9pFAEdm1Cb/UOd2blOtZr5DP1cwUn0lTotl/znc598uu54G1g7wKoMq5Io5ZkS
4z2rtPtkZrGAzPo63gewGBb7YL4izb32B5+xR3xlccVnBwi7Mnyh3aAspDyeMrt7umMIatx/1aj0
P01fiNtdAfuNmd7k6/Glxx0amJnAwxEU08fUlRI+jdF3WsWpiIx17Ol4ghYoLAg2PUO75ja+0Sqt
7sve6nzMO9R7LYpwiPsSVCgpi41+XHasFW62l08g7qjHfSzi6W9ezWWpFDj3JiMtpKuaxhTeECAa
pgJtVbDnfignVjwU9zCnjeQqIlXZa8KlQU9fcsXUAhTFHG2M5NYqIPNh65LH3cBfb3H9tk18/HHK
T4uZCu5jDtqDSWp8gUlKt6DV5v2QTcRiXuMLYXzvOXOsMUyZwzGlOHJXdySM4qyx/Ryjd8PK1wyL
aUu4Phe3jtvDd6PiZ5jYoRLSO9FH5KmzT8z+JJep4McDT7WjpxyIjZuvkut7Q3EVU1o9OfIEiS7I
i+4mGEd8OEK+nk8VCAPB1caDH9Rg2ldvACnrykbsnfQpQ4gqJXtOViy9R9D16vmKT+M74EmY90=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dtFZfVjt6VcLKE/VwHLQFNW+0oKPsvfcuJ400P+lNFS2GW/UGN08CjZLLDPxYvlUo6QoVfHmXB9nm
IBmIQI/GbIykiWVuvdOOYnogpV2qtg//NnqlxyGLRtiBp0+E6dRK5HxVR/WZ+b3P1haalbFC96WX
GQeWWoBOTWlGxyV19SKYbquNHK1Yt320O1LaAuMQU1UFtA/hT6EGaSHInwS4DQMl0Ct461f1OL9d
sfof+VUtA3y5CYX0+ZATWHBZuKzq+CQS/qakoRwHGkNktSoUfZdH2az4mZ+MHvXW+bMmvcyHUG1E
QI/1nm7rk7JUCRpYLplEu/lQlFntErD0o4qtPbwQo2P49X8+3qlif+cR5ZTwzvI9TipFezVVkI1X
WpKx0Fr2QKp2ANAWJ9gCogi68G1DCBMwAwxM/wFxxtwwzBejITCyDEE/y+n4oq67hx4SKVgMIMU1
tGhBNpKD9zq0rTysUeNOZ5uZVedDHUTx0x0nB+u9Tcs8nJUhPr+CengfDwnmwAwzezSVeRIaaHKh
4w4Lx9uskpT5OyMf6LGMMEGaDXkTEpBmCzStyFQBLobkGjQN1pUFmLVsc1yR7LbwdKo6N+h7GJLU
QLs7oSBrfqGUgqhhmtcSsNZPIxP07DpD1QvxDC+zpeLWAA6Vz8qB4Iwb55lTzVkWuNGJQmoOA8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\zalsryvg.Admin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TA+jINf6H+n6NSP47j06jKTKJy57wiy93D8sS11RfHhYUU1mzqWoWUCMzEZjHoDTE2CklDLE4waY0
g3fWGSWylvYrVxJnpYxE6OuIXWwJ77fHqdI4vHT+BpJs7kXUqaV/bkJ7Eq5szSTZhHBNiJM/HGe8
4723uTQQuIflSF0AlLNMlJxByyRPXy5BFoCXcFOzNWSzbKW3qvLhFhxCBNnGtvgZk6wR8ktbFiHB
5kgBJEKZQr88W1WF33HvbaWRsOAc0qezQ1jBibu7zdyG2DM/VouwkWfm6pNTxqTpBVsN58DJOKaE
DjGNpeHBgzWiNMoY9p2Lbn+BlvODzKhnzGqIqzMY1vRKCD7TqSufPHyZTvvV6WVxAv4rzWwyVLl4
vyrCIDU30VCd10WUS4XJaa38CfUmUHjnfcZhlEIXp/jrBJClx7Hs4BMmGoV5TjtBDe7pBpu8JVWR
TpjSwGPL9IcNHFMNlsdAt+dckq9SRVRUvKbRkd8XPZeQLc6R7i0t3ZmfFLfU/nvsJDsh2Nv5D4yg
QqRHDkqVkvOtWqvjUb4/FVvXqaQAn+6ql1lpWbd57M7xsdVkKq0x5KWXbPN5OTftVYU3y3yem3sj
+LDc0EGNGEylfJBz4lbnXge0BPxtl3F0BslSuaRXm/wM1jpE8Of/bbJHAy5Y94la/kBLjHMYjM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Owvn+pJFHiMigStUXhdIvlUONp1Yx/KwT/4RWrWEc9qziWRdVjxx8V89bbp732z5K80H/YZAcfyIF
sRgRGuiw0g0znZsKCLjLNzZ3muz/2ZWMMRY7jtKhyPiCT6sD+/IWBjS6oTRSMJ6Gy2G/MycDj8BB
a5W6eLMFWO6Jlacqhs0UuCR31iUYcIP8LdOrLiUNhAYJUcdTqNLchaWypGa3D4raTwS6ZZM4BRyJ
MkqcOH45RUSnL/eiSGhbvqosPFlIzSJPG1DmET5wZV/A1BWX1Nf0rqBTNqGyW+mQTRHWscu0TQ2E
DGRilP4rykRhPLujuPIXpumdbGSlgypAD5iz/sD4qdGEx55QzXSj5FII6PjaKdsucrUJM/YcEBda
lvxNFw1UWGhpZoxw6ZSUgASVwcLm7w9+uVsCAmYX6CbOXDRYsZEsOFDGDJ+WZrGVo/+CtICg0KZL
q0zjH1BozTpMnFgIz5l+QWh3swV46bl6LpSrsBzRWl37Z2iNLxNDJXXhMdpx9tL/hMkf14NTUsP7
CD9TC5jUriKn2SmMqFoump3btR/ouZQNZmXa3qpBBih/tOlme5tJq5HwJNhrfnfhXNoE6dSY6c2d
H3iOm9IIxObTjN28cV16Q73Zv6DTbExmavZqUYUXnAknN1zaoThu1fmh9bYcVbhAmkpUuR55Nk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\Acrobat\9.0\Replicate\Security\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YJ/1c3q6zWTU8qVBWe15ZMvAbAxsOpAitV9yKPg2O0MnrCK3GUN3pu2Iv8S6Jo+lTN9zMqsXT6wkr
rdRfIiFjTFv/sDUJUcTxw9J6aQff1SZ22qLLR8fugh87e9dSgRMIhtt/cIxmDtq+UL5XfYWKAIlT
De0CsFQhXR3jUOhKRSB5JsTkpBcf2t56ZT16xY84nPic8qMuGyPguRUH1kWJZR8I1zdEdDvor4LY
t3brC01npgB2aVafXHFDqeuCip/pj4u0EyEZBOFllhxgsRmomp4hYtCFw7ObrBL6ea01ZCiXCI5n
65WbeuvIxyefy1hZhmO4aWIneFDMcUsXd9ROMOdHyxQwJnet8+j/bK0hPxtJtYZayIXaCEu4QIyQ
u4hXmwnvjlDID3+Afo6xPQKei1X6zqvjpllZmy1rX7ddW8cvk+HARyHnRsG05CGqHMOFlOSqQNHl
JMACOoFDXVQzlQLplt42uaiOTnYiU+c9OkCoD/SRqfCPTevE3zwSpzFMgmRsG7jlzzBVoiyhIELR
5+1emznXbdRASHrsoyA1Dr7ngnhIeAf+6pYp6VKNCo1mkXNlcxmPvmZ+iVvtZk9yrRGF/jVDK/EF
aTDfy6Kpoq4lGBmQQLL8DHf/u5w67EVZll7f5ILKn3EQfETze1rAzSgjYaV9GHKEpbMXzBlnG0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ENt4+pfshsL56D7XAV+1NgCMDDfP/wxxwZLjrz3OcwKjtMKU/V3fR57iHQltuoNEdlm4qRJ+UjUop
fDE9pPItD5l0dGV2fyx+HbojAgU3K6hKXQaRRc5hw9dLznCmtUsYT25UQOO3SZAzzz+bbqVVS5Rg
oRvP3/dbwRcE01p76bhosLjdVqKn9QE1e44FUG8Vn2cpc1euwhohMV0fjFsVQzD8Vt+4/UvnOvhb
ya8KGNVsQcwNs6Si8lq2bSFG3SYru+h+UkpUxnQcOzBzDcyGzPooNs4rR4anGw9B6+MiwCpcXb4G
whlulNrRLgMp/v2YGaPD6+JcLjUE9KzaZ9qNRTBcOn0PO4L4xT8/4lzM1hZuTrVvSoGgVGr8H3Q1
TPHcTfQRxAuRIPMqjPh5KCqILIT3WbA0oxyyAXtjOizqHVWLDbq9ktm+84+29csJoxvo1v4z44qT
wFmMwMhEJJC8CA/qMuKHylns3lV2xE1UQWOIQXzYkcPey2E/mbC8SPV2jITTleTEu52gZNd4CU4E
roq0m/aRxFrGTVm1qsWqq2+s3GRoJqe5f4LEnCBI707gkFccbGaUwnURcCyrMvsYZ8BMdKavSyHC
CETZGwsq0yZ2yr+3iAIhHWZj7hkK0o43w+KiXnr4FhbheKgUAungxqXTyreDReHXAOxBG1EXK8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\Acrobat\9.0\Replicate\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YriLihfemmKicG3wl346hG1oP6C8KwrWQihJdn98URfdQYeAIkBtLVofdEJHC7zKCXnvahiDXtoAz
2dFW5Th7pGkOjor2xfnDz8CBeWacQukSi0GKzgtMHqvmO1yV9wQEIp3k/9MxxhjRlIuYJ8RclqMr
lVYFDjkxCW7Xv8dvPEeSanARVq/whLniYnM9A4rTDgPLO+ihzRVpDP3nt1Sv5+mDTzcH2BaSNNBk
lVDBNE38PwNvAweaROi/j4c0+BbtYkNvTGEl4BsiJnWapujGDjw6np07lfxztzmDiyoCyTS1hjP2
CWRfJig2f6uVQbqDar3oE4gAk71ijSzvtsNSI/W13Uv5II9fPYdGS3szTjm6JhyVhtUAbFqZ2Z4o
R5opPlAz5xQ1BRd6Mu16DuIu/np3eh6O/5IStboVvhzRl0e6T6Muqy6JkoA48TolSn+YqPb5t+YI
FyNHvNs5WvZYWl/Byj5jEmXccWuw9z160qg3tkvHfQcYAyQDjuWnDIawb6CP3DVeIoUXeXz2Pd+f
95pLO4KVBB3/rOcur0uLxAm/rsRZtjdzhNW5DXVUQxOjSGAYIOi1AX70kldincyylm9QqRJhXAkw
I7N4Df4bn+buO4TnqgQAagPLZpA9fxreze5vlT0sBYcPK6cz0Pknym5H2c3qR+c57y8foWPKN0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\Acrobat\9.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GmHAmll5/e1C9R5XtwTv24vYcFTTV8qo24tLHmvauy+EBMmYdlEV6aPE+wya/xACJT+SOtP3imvu1
laAtMElA9g8CMqqvPpPlgko9opb2S/0xxoLZFtNUxkrZBmX2ykLKDx8S30QrgMw9bL/4oczHV66x
7vIzBXRHFsqPf5+rspMutxOZaORZOOvmC0QCaMHzrKGkACgKp6Jrn+VhL3GUlVGR+nt2q2TN7E8h
DN2QLiuOJQCz3u5c0zOhUtxI79agIN/70YbUI4p8824hJS+hfYyl9+5LX/hENumAM+enQZCdjF9O
6HTPo371ouDe6ttKwSgeBIl1L2516a5nWOSDKFfkRtZ/ecRFNp+SwJQN6/DNZ/ge3wOPfQ5Eab7a
em/Yak5ndh+GNtElyttLy3YO5+97/50JA0Cg47USUVkMNSsjQCuAjbZM3eCtPE/Po3FoUoli2Zlj
lH5xpoWc2IcVQEz1D7TG61z75LhCbdwS3gF77gcKjWJysU/sqyca/KjQvZjsrWeyS8NlrWnHQlnn
clVbZ6n9dxcSCeofwma4dvXPPX3Zrp1mAqBiRfN4CwMMQFeC6ABB6nHGAVRyKPYsFtm9IQPqguGX
86Pt1Qfk/d1xoKjd141J5c6rPNFk2O/HAVSJKLJE6i30KRRzRX7ThCuGrhsqRctodBB35ADJAY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AXJ+qfl2jFMWkxvXS3kpX/Rr6e+WkBtF2mdP4x8mkLS+nKgTMMury+0QnS3touvejwafgY+ECFS7p
OiMYSBhy53Dl83pUbNZPV019nS81ZUjCCMlubdwIVy/ozsyYLywkF9j+iuySRltBNomDMxkiobC0
X8uVityGMLzfT2v+3X1+wIS7aFyP6o42Nwn0FfvoMfSJw1cWQjHII1mzwk0Ygz/uKkLK5ThDCPDH
7QpdiIXVURfzY/N+mF/+khT2nEkwBzLPT7iyaG7mU0dUNBLyWFVsdlGyqAAvSHXQK4mmFvw++/k+
+pbEi26RDGeGmHZlCNSjEslIw+UxFSxU9N+h/pLgswPBKORD1fCZWzsosXeXPw4Hn7cGdMKekucp
j7yahO8pO0IX87eDINqf+IqQ6VdT27N64/cgs5X76uKkk0k+c1FXMYynUYjT+ms4BmeFl6fUHTn2
B2LS2qfSG/9JcONtzZOZW1fT21JkcBdfc1mfdmMoHlBmuhY1+vK4LNvDMXTAQlkHj5ggwlAIeOE2
VTLATOE79DHUKm9Nz0CuAZe2aBlNyJ+3ldkWaNvfeqcurkU+2dNdKq4T6qnVisVXdfCOc9qwGjR0
UCfZ2cYIEVrWxU6XAvixGXt2tWgbmOTkRbG5Erx5xc/9zYLq771q7ueB+dxKKoN5ti2ssYE3s4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Sfyz/Iq1BMY0pNC3Lqq51P9H6S5xc6pZIrZN3jFRmOpmO9wFPAz1VR3lGOqc7N9PTWbRvmOa7R23L
R5oUwUX/iCTTY4Oa/UpmVt377U0XRuRBF/tSwCNBNfnhNq5WH5X1/amJ9K/of64RKUAbU1Gd23pq
eu1vDOETtgl2rx5FrzIbwC9MIZJ72BVCRBY0LByj6XNXoHxESUN0AE3LXln1U04CdyiXWng5GIzf
FA97rvYMBzO1teGxbIhvILNcuU+7BWZJb55qjnxHJbV54D9ko7SErQalrNLApn/G1YXEIOV+dp0H
GWr0VXMwAnWJbEw8Z1FO1YSa/Otp9VL8sEeOrsiUdO0PnIJ/fHBmXiRWZOOJLPbANZp2rAyo823T
318LsIEy6IfnlduEx6k+jL9CkRJo4yzYtxzfXmhLkvdNElXn+oV2hpRmk3JikItjHQ0qAA1DmG0n
ldk6lK2oRN+/yhxQRBZNfV4WBcSyUCtry/OjwVRguHAf7lOuExdTxIK+T5e1KgHZ7TuaJFG7r6JX
ynX5kYZQYbgsw3iIkWCoZxMVq5OsjpmxmogodjpWIgYhwQe6xf/KkljH7nVZa4n8USEOAZrF6LsB
Vl7OggylVYat+ATyGSJZ2p4ReQILyl73v3K0VZ5+PF/mYfh13/Ne2Djw/NkBdvMVjc3ReOPuBk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\Firefox\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XzYvJ3g0FnXDAVYl+PKEqojc3/mWip+Y5AD29E9cN3S0ZO1Z4a6W01LHUQNT03l3W9/gfcLLzMMWw
ekxDvOGpAm5gCwnHnmLNal3w/bW0ADrx39Kzkecny+MCEWrwufkzzD0DkNT7UD9RGGtzMgjz6q1y
xXgcvT5CYwzAduTR1pX9HYHMuUKiDq+kZiswaJzjAfSYqiHxJvUkhaha4Lv06UXTs+pJKQcSXvYi
kU3pkMKyOvpm6+rPSddBZo1VYvWH7sLyM8o+70diqQ0ZbTAxTBfZf6WGyovCzUUQ+rtGW2g+5QDI
uJ0jyIeNv5Xb5F44963eZevpVJQwOkBT6zGCFGzaHLRecvdItIEwdXtNXEnDD4osrn66AcLWKuiK
BY5cszqlyWW2WTpgmASoc0ILPl3kXelKeOY03yHDRAT54Ba4Q3zQphFIfA25bA+3PN++ecy+r0dP
w7UofdOdAobJahUMKPUpp/Wrgp3SC+yYrzZRb7ZGvPmQcuAfRrDTYqIUrIuIuiLuJrduPGtEd8VD
BidEzEk7poRTvvMSVqdAJ+v/tW1DxviFNRtZyeCZHkf88arA9YFzHtlUAIWdmcMpSHkgkUi8LV8j
zEA9W19Lgdh5Jljy0rVlJ7C8JMifZQD8u9FXRXifbzMXK9MGKNbOLXJ4vwXZx2qCF/SDKBMo0E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YDr+hkXC1UsBZkf0TfO6I/2Hl+c9T2Hjn9LuyF3QrSHU3zLNHoZT9rVt+6E5LvbHAUiDWV59Oetnn
/JI0pyC7WS4jkywL9JOe/PWC0G1tDjT/3iwBNMkwk2Z12XJz6glfuf7cjLmueRyJuC8Y7hssv4rK
mormCleCRm4m0L6T7mttrHegsmHsBypV+vwZILvVdfiEW18wM7LgFOY9CN1A9BnkaDh7GzIh+Kyo
W/rONI+SUU6RnDp9HBOOqVK5/AWekKgW2OdPTEbRoMXJnEHX/sOY10ukBUx8YSHKnbwdcaxGvhGY
1ViTUjMRcT3jnlDFRGUB26Qd4+VyMFveUbV7phsdKEmy2CKYa9Var5PArnJoE5q5FKb4419xmRYt
38daUe7s4FM1xTJXuYinP6F+AAeeDMr5k2YZ6GVlrZneyDFKC5co4InnACtQC6y0Hqa6etWErBwP
ox43PRkB4uDCy49LPnig9MTAG5iI+2XRUfIhmtDopOad3o+HGh2DKnOWLfc6e73Z+XI4iu/D2qPG
AVxQ3l445pkt24OUkbZT0zTxUc/2JpZUqzd9HDFlzkzsbNcB7t4cXbR+3cPlYOwDExHWtLSnEdIS
H43nqzBO9dyB5X1/515c1/PbhJym4xze7ANkWRQV2CrQbVDBh+eM4XcG8Z0vOrXFbRsIuWCWu4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\Acrobat\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cctu+r0IILsDPEkTyqDrZg2WCGay8RYsP5vSLeb9h1SS3i49oYW5eJUM1vXb9oFvuVrvn6iQsFZFf
N/D1oXqzwjMay2q96ENO4/RHOBsDI8kEtOhXA6cCdHGhULy/51OF5kaeyn+2Gz0lNkrRfwb+DE/5
UMYuuk2pRiGDmHq/MKhO33/rUHD/Qi7g0/hJtobgaQFuxPgUWFJU7uAJejqHozrjDSzkmC/k1lBO
PuDpxzLfplpI2NrYjLiGiQkdVH103dzOxIiNiwzmdYZ/lIYhz1a0n5nJ/qlBFAtjf53ttLOkbwXb
OJ4moqZVdG8zeNzo1NEXAI1L+guBIjfRzC5vE9r7kDZ3IW1kRhcwqCKGtGB/bYt17oOBnYSnTV1u
bLiRTeaUFHyqyWZMOLVOQDrIjTmHYCIQ3AQV6R7Bcwp9QfK05naaOGvJe+jHrxX3pa8O7sf5KS+V
CSy8tAyyIpuuoEhHlpkx9cuL4X7Pq1mzu/ICSinrUKgf12PZ0AMUWezqt670ukqVNo5O3vOA9PfS
Puwp2p3GM9/bI6sZjchT2GzT8GlW9mVhNt5hnEunCfBN/010OSSAFF6uduJqISeojW1XkVIHEeDG
EMyAq/nNj0vnCr1fLjZJLcIn1D2WwhlGqwCEDm3TOP2WFLQ/QDkZLlp72IfjX5LpzTQBmmNans=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Mozilla\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
C6eOh98yvZqq7CHx3RiYkAG0tYkpFqurKbRP6pfc2c9mZNVNvhF8Uks3p8kJaYm5efLWkC3FoZAWc
Xt31Ke8wdpJMkBvl5JfIXP+Rbs8FwoONyEXtsEsoQ4xuLXBOis2kYMLYai0uopcW0VEr1VLxzHKQ
Sc/W+M/CiBFjLHttzOjy8E7WRDP9orGnIFgLN6PJiCTK8HoEcPKSovI20w74d1uapBxRXnxkq3yP
4rsRaZPVGkbHF3yWtRzwhR9sJQhw08ddWSF/qRkAuK+s93a8pkJxpI4uxoJUJ1Mbv4mSLFp8xeWC
rcSew28yJA2NP1Nh5Xxu3Ozt0Ovs6qQSjQbhO2vJY96NP5NyUwQAhHn9FZ7zFthdIekjZl0qXyxe
BePk8SqXVl5p0BC1isFZgd6CyifBOG2iHinfWkl5RV9jI/hZpWNhDUO+hWJCn5sXAS9Bh/HDtAFH
ljCGG6Rhb7pgJiNuTfNi+zHRx2K5mccoTBbZZ5qJDnGLe31KvI26KyJWtlDv1T2Q63dQmhhsa4XT
aJE19ya2VGkR6Vl2RnmAW+uNcaYUpdnnQkRbJd3PEudzFrclFL8MaE7jh/zvKCgOMC6YmyHxbUCL
zittF6y22aaYerPhlSv4TQ6BLCaeas6PQo50M5BeoEboOhpmY9UEOPzm7ROZpn9ZWxexb5c/EA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Xrk9kGTV6QVwImr9NKlx2LshT+lUTAK9ioL682lU4aU/Phga3hDcGqMp/ew288K/+ueD9llFH+wAt
NlGj/WLKdY7rn9pw2HhzTF+nFYshsaFWlTEun8S/hhn1i/962PYHhhTB57zfJFcYQUt7Tp5V35b1
o5T31xUDAsRb1TElh2/QwZuBb2OyMp0QYvSlhyfSnHKQhKnAFOjsU/7DQyJ0tBWatOQfpihRkRqi
kCKH/DcH7/HIicNG9MySp1pRh7+BPTsOifwOjc9OdpysfCk/llILso8x7ffviWfwbTCeCrS3Mpx2
BGHue+rkOBNhPK3feQi4+aYgyiVoKdFYnx8etvlfLtO0nCShtr3ZyPevrVDUFBN3knRpF73jzS9H
IrXzabnkawDFGfFrTtxx/2m7qiTVp3jiEalsae9MOyTX3D4xFR2ZE9vp4AUVmAYB1xx+oFkrbnAP
bvXG8CohzQIeKCBqehdqb+7G+3N5+OQQP3Vcn5cMeysXNRag8Ig6f4l757hkNZOFw/W7/E8KQMuR
P87vyxoYKb6MYF3GxiotFCPB6tYyebwUA/OF7W5FP040oIzzlOETZlPFIvdHYgyRLG1WlaiKeKeW
NrFkPZEOdfzFJe+58+yYPh5vflwaH8pP85Yy6mbCVZbpAFlUNNoWL8Obm4w5PnsuZJwdYyxvRc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
e/DLhNB6GS0kBkhU6teWuU8DUVyxlo9Hpqcr7570xTTOoaQfMpwWe3NejZR9D2WchGD490j2bYpqM
JgzpJMTsO8QPnylo8tF4sOJHBiAlma1mgdwUVcB6CFJ+kj13iKP2rXTJ4HuU7MeIDV+bLZ/6IFgI
J37rUjrZsUcHTKjjoAxpCObsaG01VJQxNI0pQeyntdPMnsDb64LycPuGiRLAOYZnxffygqamz1MC
HKBQR/nPcPs8oePklAdQ7wH6FgxIDKIgjLMTa3qunFZ5O04KiF2aHDTiaV5M3skb+MOaJGLRpyu9
E/ZqRifypRh62XL9PryO+P8mV6NHXy1GX9KHoPv+LR+Onn3RKghU3+SKrd/fHJVOjURJN3hkytfW
g6WKWsAF18nYzFPG/G2BZ8qVKbRenBLNFlz8Hq4keD5y6fUmEIx+rUeX4tJXkRR5pgD6b8UY/RcY
zkOg8JJFutz7lDl+WDxEN31yktvoN3/7IQAjovkWJ6WAyMQDb5K/7tDJ8F+JeQ+J3xM/V4syJVWH
oYAz/jcHXQt5ksnNwBktfsMRTbvhbCwHnkEPZKA+B9BLRRT7KApwlP2vEd13wzGLM1irL5v1A0iE
DGDLaHyNjJoqVy/I5n4iD2EqjA8c/YwbNocYhnhXYpzECsOelUnxLIvszaC4/f8C3m0b2QNM/w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Cqjhvcd3xfBHf7OXahCjWcN9hBdD6ouBqrHz7g+Ux/nkENYRaFAr6j2F0v8fulW74XSpPurSx3OHm
RN06o569lMI7jI07pt7m0YHhC7DWYveY2XlmVtw8jGERpiRUJqyNz9+4BRmgu4LlSaQ3iNRgRrfy
4+Vw/XXf01N1yxTD17wsQd7/TBvqzda/7CsMLr0N3GBJX+TUkLOWjeMgsVgZ3/c9dchlUQD51JfK
a0ILVGr7NMPFOJNWYoUGJDd6jH/oGAip4eYed0j0uYfREvQ1j1nUUr+BikNksjCf+6RJetnk0fzr
Y+FKKxGaYyEvK6Ub1kSBUqX0mMB75+ze0FPEV/uBa8CzOIGjD8dD7hl1djEVeayCWyl8TDH1TBFt
Q5QxKboeqd/6jTR7dFmrWksbAfPhuv/5ir6ixA5Oc3Bz7ZIer/LTcZQteBE7NuaUsMAjJ0fsYtmV
1sGLb2Eq/RMHoGTCDql6Xh1DchSvfwgPyqPgngNOSvS483uf3IkHmSHSKnxh5tH4j6H5v0gsQpAL
8kwlwksX7mkeYe+68FlC3DIA06neDgOX6rAGpyJ0Afq5d0MDhj0hnd4IL/mKBacc54B53Lz2f88I
gSVBzVjHPkcX0HepPSM3Do+0pPEHf0mLfaN0rp17m3m8Y+uO4nmjmYnydoPKhH0otkqHWxQ5Pk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
irprFrXfU/KqLpIhJPBndaz9hnppZBu+ErYOlfzMtCtWOIaGj0WgcXViTdX042GrATn2l0ndI4Eo3
1yoXCVO9Rxi2tgYWJWFZngRA6/t4J3pvMf8kvDq0ZbX3/Ner7oZkXd49dJLI/tCL8YVKxbVPwZev
42yFid59xptGeNSp2EZ+VoYC4JXldltjcUo+sxNQV5PpDA7GPVEpRkA4RfMLBg2wgaWOu3s+RAqH
nDbOIclgcQ6gxdH1Yl2Fr+SNteu1On1111G/OcS8z02IR+ugZoQxti64Y8JhsOAy1mYdF4aBYe02
UXkOw/QbKAOs7tWIq3qztLyVJTH8LX8/l0m3asjvrNpX0dXPi7AfnX8ioNLuBmclNnrCsRix2zHr
xt7R2rCRsYRbjvvKeHSgVSW0sZoxxhKZq46YVHMgBXDX1AHaINmJ5uDAr409THpS6yv9rddNonwT
rl11XjrYMRef2fkJ1UKFy/VMFC6pDB2br0+R8FjoQSamyMCLu+3NhUCXBgyCqBu5gh9EAp6Cxwbw
v1WpJBViemcP8nQOFS1nuVFZMYdtEvcB6quKjED7L2iO1Yc3T45BP+uUTYmdIlzN8AXZkvmubKO/
H9JyCnCMGVFvKDO9+fTRK3LRS4Qur4ParythKnOp3othHtq69QIK8OSRC15YUPTLI1mUDNSUVc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\security\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Jj0r1KIE4F1rDJu8YV9UNumyv48dp5hJ1DhR/RAs9ncioMYg5C0z4qzydypR6XQpCbdYbMYVJOnNZ
FRDNrFtsAbo6NkM2G61zIsrM0SU4sHyGFJTRkEzFkHPMHvNjSKoeXbkctltnGqBnrtgo1353NfvN
CkgM5jTgMRXEGwHV41bGvu55wsjt4ms79FIqxjXORT7zkhY+ON/jtVmM8yKETeqkgZ6arfJZ3P8l
Eo7ltER2gPBNW51Fy3mkSfhbJXxBsEN6VJpb73RoTZH9+UOSOwy+E0C8SGT2pjhXeBt73VyPAkJ9
zT30TqZeJ0WzZ3hVOGTWl+YnWol/+P2+eL7i0/sW+PMJyjpW0u0M+WpMJATj1UqHfHhrY2ckQMPW
IDlFkhSHEtyDsp9ArN2dI1+PTAwaQ5JuBjZDj/UiubTX/qCtDtzxacLk02cKqfIS5maTzXrlOIXc
eMq6Y836K5mmb/vCQnIcskW0zr0DlpWNvAvtEgIzE7ngBo2nWKm2OsocA0W0DBNliKgYI7QHUFSN
iRq/NlKdmUu4gNfaXfrRYpl/6Hu9fvjoQA9ZdMkJkoeqY+v0/qG2KFKJO0dGWy32QOT3DPBLwO2Q
oRHGYMrym82h5p6ckuRqV7H1SJScAfzE9YPL+RGdEEs84U1e2al++w77W0Ji1NRlK3Axhekrn8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
glb05Xvq8tSjSH47BbQwotLKizac0L0uWZJp/4g1FsE3gFvM8ZqUhmTojiiFVX8sr+lEUjrEIq5X/
uC9v4PAQA+HHz8qcl2fr7p18p4+3CDyP7D9CtaGEgGKCKx5PgRNhR1nXiYYsoNutiafxPEDAd8UG
DySnWEnQ3ed3l/GfFXfbEiZaIqCzBtxR64tqkszbVk2sL9Ssm2XSexGze5oN60gt7n1tf/A929ch
hNFKrlCnDY4sR8eLjSzMw58juACy8uCly+AnJEUkLqPCRzwOAVu4zxOJ37hKtbJlb1Y6K0l9Wsdb
8EyrJKMldla5Vi7+YAeY+6AYdYAnDNa+ygP9uYkqpo7cLuxYrQQArz0cOPTBvjIH+sYow7Up6gya
5yjJ85s/cTpzNfdyGirZkicq+1h5GEANU/SpT24DtFksMUooFOlI+1rR4finew45OZtsLsH3Y+ZI
0okwiolfwSclgQbQ+rq6Y0ajs5Ipa3eExtia0BJQexsg4gpCnDVHZ5P3L82fXLMuw9xYYjLS1tJA
XlQGU79dFP8Waw/5ZInsf/9uldJiuNNhDEplFmsEVQlB4lqW9TdoFUvtzVVTzjGaIiKBR90Sb6nW
Vb2p9QJnlu0Nf9fZfSfp3rMF3EDtHsZjpx91QPk92agm/w1uBNxsGJ3WB31sf3tgl3qKEVeHzM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\Updater6\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
K8tRwclX0AAuCToLVm0aLC5a9/JDxGnSbzUlIj6oatAQv5YNLU8OlvzvFOUj5K8tDBsJTaSofZROp
/1S8Dks6hUZdSpHYx059rF6r7C3P2RfFYQpwiErrM5Yuo4EuXDoco0LtpqMqQVJLBNzXgsA34LOi
893andch+/5EW+6Ww0KT19vWOGWbko4lzdLTt3Iy69QedqW+VhcXW6sOaKmG+Fiq7DshvEeNTlBu
qyghROiYYudrNuwgGUB4YahqPpPUrSUvqgOGBA89MKBC8nRfNagitW/G4HrWflFaOqD+YHXOhpp3
0g6SEBILb4WmCp9VjBKB7krXS2wItj/4hfUwhjWrZwPBLVCMqj7EgErE8Dvm1nhhMHq1y/bVzBff
wXaZ7a1wW+JEt+2tOGnrTgzCo6kgDJKVHcN3E0G7aHB/moKyGiihMwjduX691oohGtDol2GtTtdC
KweVtBt2QJmS6GrNYo20MnL0+9eAjuMM8NqArxOBuTLZ2bSn1lpVA1HqdCmBMPs/Zd911UGvOFBC
idySeSXA0lYXiLqz1L49ceFsKm9KKbiWA5cs5Reibx39M3KZcJHiSqNGJNJPCOZbKl265WOPTHFX
pr/IdsAqpWIekObRJCONTI4F+KhSxn1CH/u/e1f9QXVoOvO5BpOPs6kApwZof05ckPb3M0jVhk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Adobe\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
a+rvFyzHqTpdkx5/NJQrnF7E7rgwMPQTku+lcX05SnYEThk2QV+16lKfp0yGVQE/sIMlThjLu0jHY
Gzk8DnQ61iOnf23nKWUdqvNP5Gc9ylvGJo32SV1z++70Adra2K0WwymIMJG2MvNRPAdDoiHo+dZz
CohvBP+xOB2CRaf2ZTwpd5egDt5odyFJXGpUF/jhalYHpINRVgJwdIJ4Sx043K7hV7I3QwOttPk0
zkBbqIUtJdt8Lnp0JA2oVF4UxaE7F62+CwF2jHMwoBFgCQRJEKWQxrYpFzBNFeUm7B2ihww386H5
mv4ZZxpRXf/F5UbFrg+/+w9g047QxOXzHQg4KsB8Sb8P7nQWAsc/JIlpwqYu6AqUVH4n9YkSZjPZ
KoSeMcXGZKQVvpi3LmS93QsnJj3W0i5dNifqlyhbtZkUFVoM2OC2CLhbJ9vkNoTZFFt7fWq+CbU/
9dWeP198pI2//1qZIvYK3hapNnNtHYcZd/S4nm4ocY368txKwVDHH/ZkV2g+R3GrNrF8/bdOpwIh
zRLIByzzxhslBk1roju4Cxa47SywwSy2HLCBhtzsGjwB9KvDaf9DDDVhDZ6X3Y31JSqnuiit3uHN
9rTR+PnQUQwA4UYbbVYDbmcRCpQHC1xtlfGYlDPpPRZB3SCYNloPrlKJal3y+025tTertS93Vw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LmngaPmPgtJ98zp5JtB3Y3gbmhD5t+HiC0Ux8pCZEEa3+6CR83H8uUfPMJa7/HR4HJl71h4gO/blh
roBYfn8b1NfJK7ajeawoqkd8Huy06JY0gh+fLBxbmhJdMOT+KwJivTtl6ko88SSCSEoh5xHLfdYK
hR7kebYGfOVcTWmV/34e2xXoxCFkHatRTwzvaGV9pDlPQ7cwz7gPfScxgdHx6px80UlH0AHKqcTk
MITHAxmMYwhJy22EgnEE0IghFNnxDY82MCumo75M717WmAc2Xj4lMLF5rLQreII1rzQpJsFWzf9O
B0AC0lUK+JxpwfXxEbKXsKfUYG9LfkQ4FIZuMEQVbPQjeA8hzOAXREGh/0D0QV/2/9K5YGmbyBYy
NAs1/DUtWr6k/FiD1s9onVF8gGuyE+fBCgXN9DnqbdIE2kRPCZ3xTk2DWCh1/zj/8CWuSg9eQM8Z
1qHWeRpbx6MxdqYqLduMS02YkZpBvUS+lZqSFrkNraaNWRqO6zLVkbuV7BVTVKbmQ0tF8grAIQ7b
vbjZREfKLUsezJRsQMfqjf77aGPixHok8gmFcbVqoVMxvp2POuIiBWg1lTVXH9+xcS4MBCRLM0Hl
OcfMC7w/DUK3phtwyfjbaexKiak09sZulB8IwbYIOopdswKYR9dJxeLY/5eBpg3RyDWVL4B6Gs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Assistance\Client\1.0\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jbBQU+YTwZW8iAfapSC63MrTwiVTGzRbeAfn7A5IOUIbSlgq8gg8U7jjFsjI9DnIRiFlOzdG7J/W7
bNxEiTvqEucseZR77NLNnFdA6MtqNgpTkLrH5caxonYUPaTgS4Y4nJyYalGWltJkgzJErbkAEJ/W
Pk7tHg9lzr0DlN3vnnqUBKe9SQVSU9IsYsYft4ywFnbrFTIFW3hb+5x2La7ri/nJWnXTW7k1SlS4
OiPkkyFYxK9wocbaXwwL1k+34NMpA1YlxFZf7Kr7aEqABxXhJ2ZaVKmMuT1ho9+n2nHbDnm+TesM
2y2tKav9JUgt5QIq46SWRiTSJfRXD0vjbS9QXf5inEG0PqBFFWBQiYuPWGcsIRDCgIeMygNuBQVk
yWU6xbp7d4MpR7CFhQnoipC2pbg443pDZa1Z5wOc94ppKlwzn1vfsTySURZ78agjxOOW9aMsGf7n
LVecf7HqGhKKA0yC+SA6z+g9zGLYdKc0U2ncRRxEgzzKJXDpEP/5KnFZoZdqF2dpDigubfjjdjsC
MgwzToweVhlv0bG8geDtt1fpPtFSvJ3V1iymUUnXbT6UBCTT9qH9JPVC2FoTCaCUdB2yvPXbD7T9
365C/aHMV1MZQwsnZ4Cvypnd7RzrdYCEv1+q3Twj71Aa6StdVREvpMHuNaqqWUkpjqFXxLLbSM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Assistance\Client\1.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QRztbqpEdMqHTuKVsnoTkoWnnkXwkISmmzqEl15htEHQfFOuqlGopJmrZfz0PffMAK1KH4iwY1hF6
a+WrPjpbfolM/jz0M29aTtjE7efJIVh7oYp90Ge8xPVteV7J3fJdZgNyvP/aQlF51f2RqOc6WCc+
2GieSgpxYzAjkHy2plR1xPEMsrMp7NAsPbM9Y0piQnLVuPTbMIGCE306x7qeltXTA0+2SHyrZpwL
yvK6aQGZDWLz2//zfp7Vr6H0ZJq2ORePU3mABN5Ml++kuDeS0h0CMu9I/SvUcOTkWxaH5rcgeB72
LuymFEyPtUgE7npAFdG/pOJTf3hRxI7wegfMx71nn5P64Nt9Y5+a7bzswY3qiPkMGtIyGL1jYYX/
OJHwc/lHDMVqZItHalC/bMZCDVhafbzKQomdIa/zuvil8ncZGe0f+0uryZY1Zgr/aDTgdLJkpctV
VQQeOnA4LfPztS1EaqA8HKx6B47p0Sn7PlWTijmVcRCz7OZZZetb1Z0j/Taqk6FBl0g9i/G/Lejh
xXsbAR61ejwT4UcdPadrhKKiwSyxtzpeg6bWQ4k3egEQJ2U6sgHQ7UKMPcKxk44IeJ3GoD37OAJv
lL/f71zCvk1mNqi6+t0WpSGD7HNaAsRVYTmLBVLiAv0msjXWoZZMfREKJLepZ7dfF5MKL6vGzo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Assistance\Client\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fBXszvuTGpIJtFbwDEpFhL2E1+zZKp6k9naIanaQfPJU6/iCJ7c+TDcYtdx+ZXWZ5Xx+WDSyWhAj6
nj/5cdsK4B2qUaP9hsv+Ha4u+KAz1C5EXfJhr37GG0iVRjWujfiuyml9h4/grPCllQk1GknzU7WP
cDZUKbYwyyzwlDglg3c2U1Lh/8lmobJCE3k6d81vZB9Pu4/Yh3r9r0jsWvjmeaidjXZmikR3UXC2
1LrZ25zzWvOVglZsJcwKHigIUCF1U8srPl+CfQFXbOVaRrwRGifCvssjzrfW9IVLWeUd/c1squnO
P6fC2XB2MzYKu6T8nFeMwv/2DkB+q3j7HJmaS7pbPCbulNOt5+bgEi+zlsXQ7XfW+KSswpG4Gv/8
HbGtW9k0YnhzOQlHMqxBJ8EhfZHu6Pm+ic1WKfegimCQK0Zxq1lZS+UlB8aYkCthvIbG6T5r/ZHT
Aqmy1PVzxgZsX986lRjX0r2Olo/pZGE0I1fDM9O2M7RZ7MgCMzfFRAInVYLQrjnP3vYNJ8xEdqwN
ggatSQ61G9Buj9W0KajJaQpTjYNmm5Utk3/3GqJ0BWTtLui1iba0EOu4qW3kQTR8xXj80cx/58Zh
J2vi0WtCPwt3KYmng1tsIDBAjZ8qwjNILchs0lH6jw1fDpZwt5GukG/tPmzNUL2keNaAkOi+ws=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Assistance\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IkQ0e77zOVWnRyyS1kTllqu8U4KluC6Ms+zGYg+YfjvtWU4WAERfh2sgWeoCKnynyQ3zMcFNOn5I8
h1th61fiO600b20rN/VrPL/nMgKgvVW4VvBiHqJN0WHWqkaS8P22Su9evGIJ6C20RbetGXigNMom
ljGp5EGQhju2BLCx1RkozxlvJX/EEHJeUs8yF+HdpjowlKCYJVnqCrwCcjuPoGWBaLH107v+cFLO
Tu0ka/8TeuGio2HTBoymn6S7pJFDNgFqZVGd1xqYgmi5M24ahSiG7sCZdytcdLwBgSamv0zFKzVj
D+T1nmsAihi9lhJV5JI1gv15ASEEa3RXr3ltAZ/yQVlqD3rqVGYD15LA9JS0hKzsWU2rThHS9bWh
Q6MdEwkv9dhzBFtyjQO4zjwDIDCSd0sgQYbAyHtljvDgSjvF17y5yDcpyF8+PgByO568yDpF42+D
OYecD6Q8vcCf/BrhsgH5QPX91osnnGbfkjdikiI2rc1ru9PryIT25NcvjMm4tJ7aIRlPeLxYvvfC
wJSC+xO3dV/58HmtLo+hrp+hTRhCvMg8ClIWp0x0d4FOEZP3E5s3Xpace9oAFuVmM0ft/eQLux4Q
Cf4L+UKGcuQR6wpxeOYvcIStrVaMhCcXbDHZZHmbkwgGcRjY1OWYIewXsd7uGPMO2x3ES7NmmQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\DSS\MachineKeys\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NEaQdG/cG4adu7wTu28Q9K1p9p1E4geP/K+ZBwCxm1UkZi83zqPYVsVmGnHtKev0qCUpK6JvuQyXE
AGicOjBjMSH6i5BNX82RrM3BsV48t4XxcRSlgU/WpysVLaE/dCStWek92a/o83idjTa4Ugc7qieU
XGQYWcP5tn+hzp4/tGSlsABfWfFY+Gn6T0hNwPVbAdwHmFzhkZLIYQvFFLGT+PstdGkAEioy4Usb
9TCwXvshntWddWlwFMcCWVrelumNLwR5ZdMPz1JDFv3dEtfHB2SioSm/313xhgTTgDA5+Wy7EkLi
ni91trlsHjUHDH9g8+EiWlp64u8E2IQ365db+b5K55049A3tfEJiDbD4bBeTWsxC/LPGjGVwpRmn
IGCDk3ExTx0pv4NnEuUUzmSNs5z7zV9P6uf69E+7PDIezi3QrabDnQCiYiJ6sSWAmMbiNvmeC9ji
gqohs7RtaQeHG9lfeAUs5gU4NAnPWySY3mEEUNZaO1zkYb95xarKmEr+AIkPKFqZLmaHh/ahXhOS
r8cXgQc1kwWEvaKoW7X40VXvHf5BcT0oFLykDiSSGx5Qvl9/54JipgsF7w3Ju9so4f3rlrRiQcbM
r8EEZ/qcRB8wQg8Eg4rnoq48HjP0doklOixvu+AzUcLPmb7jBNiOLvSQLagBssZ/O0eGR49P+o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\DSS\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Jzcalc5Ak+5vG/ys7K5HSQOyM9C1yjtoG+Jgk3bJHSU5Qwzy4aKsGdYdXXF9rtQreq6ZeOLkZ905y
eIEUbYdv2zIlIdmfhuf8QCERBdV/H/UtjKqbZgAOEXwXuViQKkW4wz5OdNDb6P+XwFdHdjnAu7de
SZ7NRPyck6jVX0nqKmZdIyxztDTmHiE97ndjv6NRSTOjnR4lDhiVnVA0zvLw979MqLJ678cWiRFq
MD3JLL/V1dsoHqmGjr1pB/g9PM548Zx/aVMH/TRvdm6H3oxktaTda2N6oc1+wSKlYe+60iwc/NOq
yGrssWtletKfnhaqgl/avuOV/miNT8+fR5ionv9rUvvIpo6BQzs8KdTrSoEjh0Bo6kPc+r3TSjyt
7n5ikjFRNmU1Xbhuu3ijjImjhE5uOa4zviZ4rWAASNMemxBEESgIgAn85zzE5NzL3WGn0st/WTJh
5ahlWaEFxT9mJ9JDt+bzcDvqghC2/nG5iiQzuDBN+5x2monWl92ZG6sLojKw1zeTvbgtmssszfcC
EeHWvqxp40W6IKx2K6RXlA+4bPmvKm4l1xg85OGwkx3W8brDLE+fWqT/rveE3O5UF4n5jjUj+1Uk
NBv/Tyk73bGX1VaPRaofXwknSaB1QPh2jnj6tO/rSpFCnzJcUx7MJJQ5ehIY8GtpHEgHU+05FI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\Keys\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
l6onkLeD9B6t6kTc/MG76lCY5g2gSl0qD+wtvb6zKwsjINJd4STfDTjujNzBNMDRnE4WP74p6mYR2
DhPwwZc+HEGS6DkHZmOVSfiMFjZDaSe2MqxKNeoMMnFdkmAkvV0pWbsOFQufSoxZyY0LXnspFuy2
l6thmAVYFziuHFruZcGu31mMOR+QEO9vgZv3sQCplQ5yJjdjE6Og64Wl8zyE2DW1BqR9Am9zT6CO
1Yns9WKbNPgs7fuNTP7640+VMehYLHseL3jdDO4B+UoYzZB3P5YuFLEbcvwVZfQbmYyyMUSOAfUu
lV+WlCsIcePgc1tYUN9D8JWts3MKmltPuwcpdHz1/1Rz/rXG7jDfVSv+mFRPf5OYRQ4am5pS8KWs
kTpafsj8RgqPNJIbtC4z2x5W+1hE3msdddk24L4B3e4yMfPmAAo5ik9nO5rPMl5LjbiFRa0SAl8b
2pucLmyUCa+796y6j1hnBQ7nr7a6HbDe3C5N2M2ypJ0E9/uZYYKmeODWzHj+dWGqGKZmD2ZXEh10
5S6dEflI9TuPlsLu2I9P0O9T61B1iVZLsJAM3rGRbhqSAH4uY5YQx92kh2qPF650K5nXeeNhG1Md
zsvHkfQOMG/jHGBy4fPqDYNGjeVwpgb4nDauuLkooVKlLWOyiGFFeGEBrpo2QB8bhbZAZLHFSo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AJ4mhjLNyAaUAyuvILeoAJpkj9mVHapxqcMt9xQLBqh/tE3YEB+kiIJE907Isuhn+WzCPU/pr1ZZX
LUQR3f9oZEbY5AnFWoaF//Nxg+A/rKk3zZ1xVsFwBeKdHOVJJw/7oZ9iZzTuNGbT/luFgymAC4gs
4H7hoYiPMsdk4KCEk0Rc+3UjCZtL6M4o98wJ7cdF9zv8rK5JgVAQCHgUD/PY8FO2ZSbXe/U27oXe
Qi4dVDpG2pgtb5auOOiCfGGQ3HpYNqZgp2NQYkWi/7sj9ecIWKvfqnK+ECuG3Xl04/wx/XfPEMEf
H4TPiKGm0JA9o/rfuRgjof/YdxDc8mAqC2pPkv1iGgNTeIjvchcW6dsWz8c8pHHt9wj85rACmNxA
nQQ5jd/XnPb+ZhUPyY+ZF08rjMtfykmZrWIVIG1IUiJ+ikXg+zndnEpS/gX0Q6Ha0E72H9xoS4Dr
a0O42LLXHXPBhO1HEQ/xEP/Cfh24rEpBhrrb8LYsSGWGlfGBtkvRzCmezQ2FS2Kq0GYfODdi4T57
bARxVo69P/I+HZIvjB2yoLy7M6HrGZ4rkbgEqHkLJKPQ7t3kPsVkwM5+quplgA+cHWG3HIgm65RC
2eG4gPTXsh041eCJaXk1KKML1GD3lcC9hezUpvM5ZxAJ1xAIsqdVPsm/yM9cqJQnlwNt65dba4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\RSA\S-1-5-18\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EsURtKja4H+UCpJ1xLRjX/unXzDwCxdgw2GGOEUexRzvqrjanVej32Mk7ojFDn2Vbad7btHRe8Mj/
jfn1ka/XNcZEVICILVZJwDoJkRJ58Xup/OhjN/u97yWLfbjI9Phgea/n7g18CV0T03Su1P84yKu0
AeVaS+EquhLH710xRjac0fTg5zEQ/p64FIrPuILC7bF/z13D/X9q1VGoF8jSuI8hq3HTj86rJF/v
zumkHqCt1vyIXUo9mCYNtP2G/M4izj8MNKtFF45YTZxJgb8ga6AcyaXS6j8+MyQXoleNRjRgXqXb
EKcjrIgIlQKL1tc3tQosjt3BNwd8DikYjNQzDOIbrUZZ7ruQYHTjC/nmPFGH6oKIwja5pp0Sfr8X
xsj9uNdQzdKH7XeGpJyDVGTPEi9gGIfI3KjyIvhqMFUTC6uihnHsI5iHAURE+6KQehuJQqOsfHZz
6cEyZ2L/uRWJ6PgTpr6CkjXQ69WmePQ8JvF00htP+Qm6E3QxOEL5ubiYTFrRiJZjG2SgHuJ2kZeQ
7QSdfUMJLZhRVrnQtxTUkX+kkKvjcObyLKNDcSkSeI/ce3r+tEScBpNJE7nZx4+ur0KTx6POD1iL
mvQuxzUh+HUcxtmVHK1WIFCkIvCS0aN5bjdqnt297bO9UYUyT98LDxlxDBiGLpfQ5VUamYdPxM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\RSA\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cik6NMgfXc6RLJ+IR7nedlFm0gG6iMcf3Tu33vUGlUNK8ZAvw+txtIxFFOTVbpsTms2dIPXFJab/y
yLvHSwVD3WGGNMiyQTlAUftfsMIKGhjwvpLo/Bt/zKMAx6HcVnzxVHze0LRZ8Xby/a3Dt5/FSEjl
zcif9z9tpDRKupDI/WbBgdJaMwPko+5Xcgv0V6Ks49L62FYCJK1WGZUF/RUuqUGDKacZCusw6Y1A
rODrKrtc8g53MgqzkOaeszmGX/+/8XUjWz7l6sz9JjL34Hek7gJsd7e6vZ9XFFUO+uDRbHfLcPoJ
HWFcDX0h2rNn9KRM+0kpHGPhRVSW4MHu8GZzU6y9EjO7NYVamvOwWc0AcApnCxxhXLNOaU7hU7gH
CR1WJLvh9f7K1FQFUnW2Wi49sPIfSYzXdITaBge6s+SvHmxCEMbiSsuhb/B7vW0IUItQ30B87wnV
vKk3rydjlWZn66n028xRUpMRdpEc6Gs+taglrw7HYuykP+sUalXy0baraiTRg907ls+07cnJatqa
DqNZF4cXi4lGpa3Qi1/+3WPC/zMcsdJKrQNlmh4zyp0OYhWvvCvs3LqA9IY+SjIic7wKu/rjd+75
gOxwKG7LX2Zbd0MK4xtOvZlB/LMRGKmM2ds4ZGjGHKKVUymKAZt8p9QRD2kTyHLgZhQLNAcqfE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Crypto\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QpjGyd8sdbmzSnN9b1XdBOrsP3+QjQYs6hYqpk6SQVKd2IEyEccIgOYHplodMioFPfCamwPFI3xGh
YZ1Y/NUYG6kkGBqcdXJM30KffWAYkCeP35V28WxkfhYLAJLRFsLxQ3rvXTZgqco1kn/HhoES51Jd
Va9gUuCHZZCkydshuDqyJgf2oFWqYd/v7Lrj+SjFvQ+faqqpeE54BKwSKnPqOI4JlSV7XVPuXjMf
y5m9EfxBjiXfdFljxN49FWbGJK83fXQh0hStbdZYZVjM0dlzJTt1Dws2NdQxMdmI/XjPhZ26eJsA
dwNbF+f9UUpP50Mal3YL/8dQDx6mFmSjalPKnRawnbPfHbDIPv7LSR6gEXpA29DFOjBVqoa6z6eo
SQQOZaxJSCsmc2utiqY972uomrFwvORzIKJH/YakhG8VbzE7A0nRX0HERdaly/r4dTNVwBDE1ogo
w/gQLKINea53ab+HsBi0aPuphdOf/nFCHTOmZTLAN6rZmw/FlwoeYfdmUG1Tv2FNn+mA/+b6Tdwn
1Z4Iy4LOwDc2ciL4j+ImAQ6JUei0mDLaTScjwtzgC5jZ/4Ku0oTSGWnnuXjynaGcJ8roQSwXOsjN
NLe8XX8Ap5WlGFwRxQHAUfgBYQi9Hf7/i3d4P2A5vr3d3lGNjA63Ci+jF5ODUMgLv3gnkb72xc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Device\{113527a4-45d4-4b6f-b567-97838f1b04b0}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SiF0RJYmvNWSIxxjxTRUHqSMMYljhVhYYQUwE6CrIX4UY6n8BaoNIm5C/GT7WGUOnKMi9e+NO//5L
n4bl5FaKZrSq+CB757qBtzSVSqFfHX/06QMUn4Bxah+ralC6EyAigC3b3rCVEcWTouYdwCIy1Q+4
0t3n7XNcs0KmPTP4P7h7jrr9UBXhKo17tQHAT3QkQLzMrsxfjAHuXn+KwRRBv+CLvXw5JV0eiZNG
u9P6nq0C70NA7xnmhGxuGFXs8yvY7OWILmkB+h4ygjHr9kwMIS6On/yVj25A1mkk4Jv96VVBTIrY
wP0h8cuN4YNowCL0stGu5LRNmu4q0XHrnnI7I5+044fCWfZ7rk5plBJx7PSF4ZW3SByOrwPPiJ/b
Kqng+loGMt7kBpfu+NzbIT4cCGWV9LFeOtb2K9n5jUsuUAAttN23tM6s+SARwxwRHnX7dMBlyY/P
PVMWbC6zbT/Oc+l9+76HXl1FUZFMdUaUknIQVyzMkeQwwqBqrHz3CbyyvOLeco481/2qa0O2n7O6
Rezb6h/Y/A0OF364fcV7sYCvuv4jUgyG2ZGLffEYOo+3B/S+i2Gqb2WfCrJInM45UfOpkIrrnyeM
/dIQdMxibFTtErXDdzKpN0zzn5RoEBajmGAOhzpDiWwnG0IfEVP4hyEiO4HwY/ql4NXIlY3vZM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Device\{8702d817-5aad-4674-9ef3-4d3decd87120}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WZzEhmr8qx06pP1XJk4hkEOqlXAY6NheLFCE/872tfNU8c+hw9VH78/I/azJz/3rXJE03l3M6ThyE
WCFex+SmeY9VVzt8nMkDkUKKKDKeAXy6tEm1GXQGlJBg8Mn40Lgf1c3Qc02ZkTIQRMTwBqzX6YRN
f3GynEw0sfhfHmmAVgFnRpu6XpZF+J33NmuhGYbau33GfBk8x0XCiz1jCuLg2TNQ5/nyheH4rrln
0pCEJX3vrrRryqcbLQuikB8JFDG+G8DH76ByT7KBatmoiLzZMPid30r+o0ns/oDg83ofgeQVu7qz
g2KXTy6XOcOBXeOKoBO6bOa+1VE99VNg0lOIY+DYwOTSJEsIWfTaOvtYL+5vpcrCSqIJuxfGUmEk
rIt53K4jZIKr1pTCGi0QkOJu8yEXvmCvkqsoZLRttNFkRPRlDLffXL5SimmcslGd3zPjQrOn9lIl
1yZyhyztwqgG+t/Lb1bofyQYZTpb1qRMUXigw9kH7UcXfBsJL7nK5gi9x749e8/1/3ipgIPQvSjG
QjuDAvCx10V6TySG0fGF698e1s5ff3R2/hfEK2gVjGCsuD/al2xP2n6t0CZOyHw0WlnqwOq7chR7
xCy4U5FWzDLeDutvfDYgIAkj+truEtyhgNTDf7qZTvd29+u9PgY3/2Pgo4DVVFemBwgyGmmxkk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Device\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YYutxWDmLydK6Y8d17WlVpqnLp3GtIRy9Nsi5ENjr6XxaOYhYcsLCTYgi1fDXELhnW6BMxFAPfLds
XmvaPw3jEn+9nsV22mflnLaadBHXIc5TeDHPaKaYaH8fdfHrNbFrH9FRkiSWs6VyKSm6qWtTvIod
8OaOrgmTwlh790lbPnLVVmXCCQQjsp/EeV/eI15d2rqC3dzvBX6WiHzh9D8Er4Qxl+9iKP7HUl9L
TSgyKZgFFU5lpR6snVWZrYsmpPYEQGLtw9kcTVkly3H2eL1wnZvoyAC+hIWT1vhfccSCUIWsDyqh
l9u3HnzSOHlu2cj+3rrZrBgqokeSwS6AIQpubQ/nl1x/1ZC2UfC3zqnkPxUCifuzvcxbbx0h3WRp
eBGNhCxHijE8IkS6HRRfyHwRu3ngVGYqMafuFEw/UfUS5J8mdz3rHpvyJiYReflLUdcBNrBECAyA
BvH61ryjEFcXjx5FyNzDEq963GVOw8lhpGIWljdleWZrqp3Of2qRvQdmWpYXpBnBhfL3r+LM141w
x8MLG6HZYNXbAuz22EunilHN/OwEZgQoRAdiKRH5ual5aDGmw+WT2hJYgSxAgo1sZiZwI9f4awHG
hxnhNT8CZrPJXSI5YLg2K1gJUwHUxcuKhKwxa3mM5VV1w3cZrSXoBIX9OJBvDpLWZNehaq8crQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Zr7imWzZTQ3O894UReyCW3q7ougAxmrAQTU2ygM6qzoQsq5ccl8RSNzvTNg8GUMOItsz+1gXU3XhT
QRbTCSu1MIGBxoVeAxiHCtukhdYmgF1i5pY8w8CKarzVAWw+1glJrM3CIXM8RCSxYFRe0M6bM7HA
JpzvkcpTN+Qye0YOdqr/pbnDfN9hzh6IZ4RzSMGfCnhPDzTCZeDIY5st4nO+WtW6yQtx+3yq2vVu
djzEYr+iPIkAwn0FvjecaMN+K1UyZVmS/jXphKhAEcFztNeBlwIkdJhKIJZLLg56XO7Cq+k2JJHh
9Hfxculuod8xqJCRhMBFcI1vj10KlLN9ANDju5Wc5Y6ybAcHQdYf1BEFcbuseRAXDJvnjANpprpI
XdAg+KwacG3EmejItDpxaajDBkomlDvCKi5R4E/mTLstAJxENPCr71rII1nw8G7yZMgQHCTFvyna
//T44xkd2nVTsm5+cOwNBw5Tffcm8ePL4pnfyWcDz3RwFqSCKvGDyT3xvGC9tu0/0HKzNi5fehLI
yzaJK7CwLRqPFE0El/bpxGVeiKT+1tlmfQeaJEkT6teOkieNnA/M6yBKg2Lw+blpq0galqLzc6G9
sytOZoNENog3sNQtLJH7WBWNg0vt3cyy4YH5lQuCEiLC3Tgs2CBT8Hq7fdblyYHlWKQNYoFnBc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Task\{07deb856-fc6e-4fb9-8add-d8f2cf8722c9}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cSdwCm1xGFGkVn3St/6zEL90ZUBlfghV+OdTclvpi6fV+9jPo2iaNcFE4POuhqOe+EvYCT4Jb2HhC
+9ZFn7kLM6c4hZiFPBEYQUswYdYJtlh2xN5/FR07bPy1qdmEn+Bi1mKFpFNJhakkoWoG3nLJGLmm
iGdjBbT23ui23jg7/GLZxF5YhWqyCyv2DmW1rHAP16YQNsFgdxyzY6Hp4CRDE6S+v9pQW5g5AuTA
pHX4J7UBsi06+PMj68BAa/ZvQlBbvpcJMmjcqvo37uybs5BVuxnAONLfAE/CdmROAk8XyFQKUWeR
nwUVx8Cd/qOpGnNjoC4aKPh/7/bjGnXLjSEr/DqTpEr+Jx6RDUGSr2wunw8M/Q+yNb8r69EQNPfH
xJtVjeWh1HHt8Ivot1hOCVTlaynrIxYC3iODlC6ptO+VbsGzge766lZOR4ZsdBRAjF/QKnp7WUih
6R2bHKTEFB0RidX6SX+XJjDP5bcDBiht1Bh+jYR6s6/e5SD695Cc4bW2zT5y/ig75di+L3H4P7Px
BMXjwdBpvPyd9EGz93LfA+BFCPt8eVGr78+Cv1JHwo5tFLqBBpjTEotq9mA1oh93fcm+okWscW+O
efNHwzCpmqMyzgmMPZ97ES+qqD/9BN71M43wD4/ZZPAtIbsrQ9iBcq3gQFk7tzb1C+o4yNO5pQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lmwmgwM3vBNWPsVu9xeBQZs0zEXBAwSf9GL2gP2mXiRNZKwJ3D0XhyyZJVxxN5WXrPWESBYoZAyWk
anyHGNkim+zA3BgvEPH3rAxsbOxQwj1IM66IkQ9gY6jj3/pUfnRESyYgCaefSdHlR190ph0UC1IF
mfsW7xH9HwIhwbdTF+hgMuwbW5wk4qQteHqNiLJQwL6vI3vJG/pjvfPItuBB5QBiRHg1jF3wEBjV
OqPHMxjjIk+BJBN91sr7NYevpC1JtdviVab2n/3EdKd1bYckpbHGTD0NStMRKOD4pfuwg1AlCWsC
jTQt2xwOpF3ZBPfceBucC/42cK2uMoWr2MLzlTcKAkoYYmX2hAhCgPwiQCcrbvQOOcdwUT/Pzxga
Xhya9qYWL+9XiljnALZHF+IMxDTS92PwI4+n1RUQWqIJVeVha++RrS6sL4A92ufIIyuRZmFCcHYP
luzJsNU6eu9RdTELJ6QnYVMGWTUTMHEYfsLx2N5fhALKSnZ0TCgzfCWsQyW+6bEt8RS4DxY63iCn
OolOCgDuoiS4GMwJra0uyQXhpZjTR0KuMF2UMmCZ/suWKHJ3vGxb5g0OkctlDaX7MlG8mPXzZCM5
84qNzuVVmaX1yeAGjlReNhR9H4O4qaFNkKrGkMto2oBWi/kpi9G8eSWCDAZYQMpAvxPP1DXkWg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Task\{e35be42d-f742-4d96-a50a-1775fb1a7a42}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CjcJSUlJRoL60TyHfEX1YDO+8nXHxb3yaT+jcwKIMzAhQEPLTScIv9PqdKOUgPufQvGf1LEMabjSx
1DMLUc8aePgHWEXsEC2tswSfUJgkmaUGI1cDkCzdDL+hp/5y+KRc2sa6ZjgHqdoNdjCr9iL6PKPw
9pRukYXArxmKirVBueRXGTh9Nhnnfzf5VsCQPpz9UthhCaBLJVlymkyC8Zkw/X+3JYsmmADulAjO
6DwE7Oegq6xEyzL1w9nM+B3lWdJ9gb5Lfldf8Qh3BZok45yMru4BPrg80NMf0UorKgR9v6m4Wz+i
yBgDTvH0S4iRj8vC+L0EVmVGIgufsjXeZjA+uUS/AtEzDhkAiC876Ls9TvIxDdfEyrMtZWvTtlMF
Zy4ZwUWrgdXcDv8FEv5CI4TPfpC7MSTyc52RW75pjEuMjvKemDhOwWVP0OvNcHfy3jvcMtM23e8x
t5BNBnNVdxLRTvZJb+Jt9pV5/Fim/2uhoCp98qQ6OTa9+5/MoEF3SuUpdmfPalheyLu/ZV7MQDA+
055/8JCeqhlHVdn4VKfLwPfOzHZ0yu9eDYbVn2Dw3RhO10Txaw7dv+EibsKGLGdIAA3KQtj7sytS
xgv9EI7lh+DKqYKXTup+9HebO9BbA+jerqoOc1+C0uMiuX+VLWn5gdHwvnkXp52w98blFda/L4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\Task\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kl9rnMlT6OiT7wUOfE7ado9unOcvpAplrQa7HWxPC9HGTedZlpERyak5jSt7/fJoot5uHtS105q2h
cRaFJK1nSuk4tel7mKornLfkqGK46XJ5StzUgFCv7MBqLEemjLseEHqH5Ra7/YQHaiY3BWF/0IWN
m5M6uBXaMHmjgAoZBxT9Q5ICCPvMhmuX0ZK4noauI4WpdTdDI+NwhUWImGY9pQ6L8aJgrTzs14Mg
HksHNO21Ukz2zWbka52oz7X4pLhPsUFmTEodmYT0TNSZgxOnfLOdTevDXts7oxcVrrVtVBrpmZb4
kx6R4Ovf/guHS4B6ggESMsTJiWgEMiJt5Jrpu3IYZSCX4OEYucF4pZw9Y8QGRiKWnOX3Wdn1Xg94
+tgB9Ic6Q1PpC3YN4qt+7/NfPN+QbWqoCoLhAINTn5vTRa+aAwlqzI476upSd6++mkQh514ajeSi
BrYMaWBnVRrvrKVXWcB9Mfe/MgPbi1YMej+SoXpKUESM8+W5GR5xy0azxEtOYa23bfXqqnk1QFoX
CMOrFGgAAsEbczJrJOJ/Yvg16jelhGUl2028dhIYgCzlLpHleHnQwPiaZt18kqopUdv0oNkQidDY
dBoFCAKTzADMeQcCaEi4WD6+A69F9PfoknFbbZAjX+eLTJNshY1TvqkNmBuo0AYXOmvyJyjmeU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Device Stage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Bjtzl0hTW7FIUeEzdHRCXt6IEmtrakBe+/0el68dBSIuGeFcIPRdztcUMcU83knG/Q0k8O4wwmqrc
/9IVb5JYKDnuRWr/Exppl834MjHcez4GiAsRbRZfkH3mh5g14ZmF8VQ1AKPCQI6cX75Wksm21izm
ju4QLCsB9Ac+4ASXaSYzGqyWrNaTkS5MKujZ3WRsF4Faefv3qAs6qOPLeb5iYRLDQvuyDhMIX5/q
z+cKBLez0UFlQnRmLjoJoD8r4s0BDVvCuOQyEJ5NF+easFkY3tK+WIlpLzvw8YIY99J9oWz66aYF
SGyIpOOJ3FUEIX1Z7TeN87IiHQO0YbuG4wr8vLaD5oMcagIvdMwxYbfBgJ8t+oIzw/21sfw0RFvj
QN51H4ycs3zGS3mILeWWLdzs/vlFT8BqnyuZnX3IHF6S7ExaEDXwecltqK8vZqT7rRIVFf67Fq2I
4+aIIBNatZrY94tkHkvuVsP7ldVpcJWobKG9L1xCRPW1HbnJ+acAFmpmB9QpWhfIKe7bCZ/gl+YB
fGDwpvo6G/hR8KmyJ6z95ShGqQNJI9YioXCRcG3UOFtG+top6U66RjxpO46kHul4x+kOOqRfl7VL
9/iot0AaCUyjT9hPR6sWEqtv2U/rgTWwMzsgO63FS5O3kniCHjK3q6R657COtWvT9JDZWlTNiA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\DeviceSync\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dtXvs+7nKModJ+a6WGGS/qcJaW3hJb8rlJNQEMPMe+m+TlTYyVt5ZTJ0OjB1mkwZAxtn66X9ragB3
Yus4+llxHnYvmfQtYCb3REMQ2McgSFmdvxhU9XLhe80+TFduNujCsoPg5yoDPvB4bqN4yLCCTGhm
bYSSH/Kl+/cArxbF/Ip9HsMCrjR5qpyyYe4iHZD+gdStxnPxqnlPz+aQmkGBjKeM1vyYA+6jqKtk
/at+2dKVWLip/NOhXYTS8WbcHtV7zXVXqwsyV3D5vIpln4cG4Rrq0kBt/Sw6CHdlCY3fENQi2g01
2E8wgVEuWqwv7pPUAtWCDnzj6gc7cbXpw3uiQ26aUV8GI7fHxRWUeB4t+SbuiSyZW1TokMJjVirz
sjLDP4GC9L+xQLj/XHSonCRP+DG6/+5DsVy/JR2m7Ys6CLkGDX5rdGzoJhxBd4m12i9XBU58plgj
MGpeRL1ZvGDZKxPMwA4LJmv8mgcTUA/d3e3RtBJtls/9/QytK5L994TB28hgvEkjm17JU5XA16hY
voQs0GpDwaMUO3dj6oLbOfn3f9SM8U00VqFc18hdzsPypZb++cGVGLBXokGvICD84Mt3FeOMP6Nq
sHKIFMq7YbNEt/aYDu0Cljp16Tg4WPzg/B1sPFLK4SApo7mUjxV2ZKanAibL1PI8whtAKMrJn8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\DRM\Server\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MA2AW3hiQIcEcO7thmlwDWvor12KBhXuoWdxivymPjyW2RgSvMHhswG+09g7Li68NjmX8+FaBul6x
WZs8oiVAIQzCWaVoatHZfrtXXBO3lbO6PVvVk+bBoF5RdgYliV+h3UOO2k1WxTEtrHUTQ2alNGA3
7ntjz5NXNGgQ1WnSgg12NEVgC0E+YP10NH6NztO2vjP9NpeZkdb/6a7DpJ/gxqbprilh6H5il6Vq
FmeN+qxOmigaYCh0wbOp2RrYIU8lXws2Gv97U6hWaRkUS1VPY25gHcXunMHr7MHOiv3O7960z3yo
rkZhL/V3yvMxRXH9HEnwbgNspFGeCkIddLQ75qIUxMTPDCViUJSvhzNKZXxpEwIHSVtR3c5Q2S2A
C9SJo6reQyvkWKRvI9WxCJhwFukmGDk3XGG6LsZLHowNB87zP2sPHwQeqzmDp0zsHZC0qn8pSzCa
QTC8Ce7qNHzmjenY2o9Q+a9u18SlTWX15HYJ+u2jxPJRLWyvbmefzvZUXBw17r225KCvhBFJzYDT
GKBl3oo9Mlfuvlib7RLnrPW9dsMMca7zLH73HnC+vRkGWxBP6kLp4mAdxonfRkZGKvJR5riOhgVG
cWNJ100NYRsrbShfG+bpPaVsBBXkL/rd0ZB9Eb8fkMGr0fnCY/VWXh1ks5pgZ9nfhXoi5xT9YI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\DRM\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AWaQ7aJshtxJgWcOiy0PAATJvqnDh9GdJnciycjXektZb4sw/sAh5HCICMFK+pOSH6GebAInexa2j
ZALO1nH5UG7yuGgHKbTVRyjfrrOIjOjj8fKFMQos3TRCb/O4GoqbEfUlVR2FBcRwjUXYRg2/Or7B
zx5ZglWKt5EhJpwYe+8Ep03gY182Oc2mVXvGa9LfuPedY6zrIPdcMMBc3gIjTLpMl1SXL6cu0ruN
+My1PeS9+fx8O9Z5jAM1D3MlorRdpUCCFMv4KT3k6SN+gBITuWkVVLTk27U/mxTu64Cty6sgWeyn
hnbWzupmSjKr2ol8f4BxdRsCbURFDv8uyPD9UbZwCERxlg0sUx2QZJLLbrMpddMEGKBLgcVHlIY6
zdBSjL0t06UO2jQoGhXmKTllhEor7edjyxd4C0p+d4IAwJr7DGXVtYSbekhPPh6cRpTW9+MkyoTc
62b7Rxi0ZShcd7nP1bOTaIyJY60x4RQGiU2H6wYLHJ1l4hi62ZbPr0sEv8qYzQ2+36zDn1OxI/iG
nKF+QC4MPD5TRDWLEBkaGZhWXsVmqXmU1q9eMOMyopdvWam5tDhpLh/AczpWSA0K15MWZK6jHUO8
J5TZ24LEFeF1ii+oGa3cG6xR/KAlY95/QHxj3fIitfeN2eqWbKCxS4GqoOzW/HVke+0u8TqrSI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\eHome\logs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hY+GCdsdmJHq+saB25Ufg8gQWUqWOJKtvBTDE8wyPlzAMFNHTfE2ucQO6Fxhcdru4kBsk0hJ0/nql
MHhZkxIE3ECCCGzm2/CASdmtbUMNHjfViZ43EpzlNuU5wV+VcFkBxi6c/fCo/QUf8ZxURKMMbAKJ
Y0ElzsPfJIEFR44KTG8fCiEGNmsax51Yz0CDrFVycTjjLQeMTJVfP4s0Pal9+ViNVsHc+NmdN6Oa
tmDmxOV96VeUGIXrO0UuKqLEyQ+08VNEPPuzshwRA0/FCNQq1TniaNqyn94BT2xD7F5+g6tg9lR5
QgZ9MJju9XMV8MIkEtynj5URhq+0TQRntYwHjh7+69BHdZFWkSYuPcA5oGexOWLJS+UiKxSAPCjg
XXn880FrKsH01M0kp45jPVMIHzFbLsXDl44tKRvp4sQZW7yeuP064kwhMWJGHgq+DIv39DcOO14e
zRmToBpWA5LRhWh6vk5ZGA3yNjISRe3+X/tBhvRfd5jZkzR6lC1AarUAsDKhiaFWeCpsGuewqyVR
jVhVT3Js6Zfe9Zm+mzOgZEYCMSSoShfUKDcWx0d2KByxI1eXc8LHrPsqsO2XOI6pv8CTduHzj1HM
CyvxpDpYpqwjcw98ZatL3/cSmpzsS7Mh2jSRwW3t+3+2UjKu7ZrZDgrtIPgfqlRe+OikWpTSCo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\eHome\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ymce1QNRMklVQyEC2CePpvphnBiG/WhMoLTmqykKNFyvTc6qv3QTshjtfkhiULlqqoFntn/Dff0x/
764CCvGW5B49c+PrHWERrrkD8jefGppWe5Y7Ob/A2e+YbUpZio73E2EjrT2XPIZ9kVojXVk/O9xg
GBlQEBgol4ky0iymhJ5iIfQ44wup1qPfapTHST5cRKwDwHtUli1Zb269MrU/lcBzcG6V7/EWadwK
G0RFSGdvTR0ZLoIgkWYu3G/HI2+DsIBPzjRJOFdnHeo0lgWEiAeLzFMXuCWtd4wrcfauSaqK5nd1
mFxmDrykMUcxUch1HV3ToX9xEsks9BN8y7e9R7ZzovR8eg2EDwSycbQ3gQsJCA2sG0ldW8hqvDau
UiIzU/6s6G0lvp+CWM3k+d9AQnzYTHadIuG0ShSOvUsGID2f5z5ufP2iZOWhK6RoZpyP+DZFO/4/
WWCkGMn/7ZgwWfSiYaMMvXZNyk7uiV3j95vJVD8mRwgJ7EFGxxSJpmU1+snOMj/bgG4erg626Ims
Qd1mJ9gLIP6RgUJcUfT6ryiQCYMun1GHfNlBZWFzvPVXZ2erpnEd4LZr0mPZn5b1qZ+SUPgn8OAv
0UeUlvJ9EeA93sFIiEBnBf9eYgomgTgL0D5FpLtdKEJI/AKs0XpcB5GrnFRcfyH62Bjtm9Bjqc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\IdentityCRL\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VuXQootC8v9N9w7Gd932fQRjfxwB6DsYXUvUnweQBQAQ3mflsuazdmKLI3qpuRPKQkIb8BAxY/a3B
gQ0nzGy6uhwmxAVSt7MwcwM7WQV2NX8ODuQuyzhaFI/Av/OgWPmvpbeLUL4FycUxvFVAq/DtEQ8Z
wgJY5coRzrTbaXWpTCpPFZfPoZbi8GqlsywBERN7x7cqvEgbM3ZyGTtsqP5/bXdgk9lffMGtBhUL
FVlHqALLOmHZV058vN5TChMqQGulJCCqQTIvcFDGj3/mzi0sqc+E3si+S7to0A3W+XBWdEN0dEpt
shimODCfYvxinNKBuPK+041G1GhrFR5K8/qo5sXNF4eKC3k+Jx3aQNqbXm1OKuYMH7a3bSQEiGhR
/XvEaFPDkVc9YJHF9yLJRgWDwz8FTRTXoH2L/JHHX04fOCEyiQdnRbgJzMu4FqgILL9w57CgvCoN
AKSZt8x+hLbJPsn/dTm4IKLMjgHXMoekbAZHiOINHzwk82oCGoCwSVqekRUgUSG5pGD1cz5IAD2R
oADUUZL59ZQbgWyXGny0jOdkS8SLMEgZsInKt9Il+ByEaEAx3K7vqUYPYR/0JtYpjLV3atLwl3tn
gViukLgVEp/q2q/N03xMKU1osPChlhdYL3umxW5t2xVa+CiO8131E8SngfVwPzP0Ct1U0mEm7U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Media Player\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JNXoF/lD1kOAxs0NTI6abYdzmxLFtl1Q5z9WkGvy1w1rjYPrNI5Q8rt9NNiY4/K3vpJYlk0j2+v9G
jcJRSMgoPwv+y/xrOixHg5mlpzy5BXxSOu4rgfIFmS3bs1/NY7RzBKQZdrs7rTpprb0AyW68aT+U
qyotxq6xff+WIYQ4LMsQSaIiIE+SeARQxCJahDouqtA46CUNUtKIoJicXKi1YjSloSC+ZkSKqGPE
/b0eDZqQKlWvGhJd83Nn3xf2awD2J41Of2+NzRavz9CU/wBJGNMnXblwAPOrgEXMxJEyqcL/JrOJ
GiK061/hjgOIpky5HgzYt72NwIXo76QMLVd1nD2i+m/FUscs5srvWly7dHAPZvv/cpcs38dwZaNj
0DiKw/zfZ6kqUcf2xUofw1E2n66W2AE6rbAS2ynj1LPemzUjXBko9EKtQNxjnykJPIxxhblHkCrb
paCnFtVNs1E+a7DUzEMMGgCArOYcZdy9MxU0JqAR020TC5j4Fxw7u6Y2kdKErNA5nDiXZIyKEvhL
B4u7CzR213FbrvzSp5wkqA4CuTVwdrrfc3++Y2zPySV3CcmO/OwuSBoP0CFE5w5Umyk8c4CLWc7T
BoY0xK4jLZ68Ba60zjqqkf0Ahv+8IpDNVpqL8tkkvTsagPT0W4ezDp2kAs9GKKDUaCyTxWxsV0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\MF\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LsS0rGKevHBS54gzgYf41+V2TSjRTg7IgOmC6Qv7HdQv0HpJlUVom0sXg6JdGWeIn4XMWo1BO9Hbw
VMyy0yXvVqMbS3/ReLX8sBKbTBQ3TDoEN9Y33RmSRzTaiBiLU3HS51IKsPjVnUWX9tt2oiqgvr89
rY5EMRRkdCZiWwbq5ierYachw1cdPC89YD+LC8Evq0OJbl3lzYEBa0LHzSGl0ywBybmdLJjm2uAi
H/78MM89cXb/Oh8tSXLdYzEWvzoQAKuoPetV7kIwhJlFJleb887BolDq+78Bs0K0nxDQ5X6omHBi
MT+EgfImAPVsx9V0owtKlqRGKL2OTEa97XH2HcydMO9m+277/flilr3I/iKMd2jVSpR0a0oLdMua
cCyiVqyw8ljrYZ0OSPwKCETlunoVXEpJTliQbJgzWjIP3qoacqAnLbc5wrV2QNEfn0qNIY000QxY
cnmC3rnCWDT2FDn1pvm2w38JbF+K0ScIGoi1M99ar5jbFmF5BfWeoPQ4/I/nTjQZNY0dVNFY0DU4
CiZokDYSEcXEMdudrkrHRGpAVggd6PDbCCbLS+tsU601yHmW+m7rRQc6JEvJwQZZ+eRUJNjrqbOZ
+wIFKmdMTELDHD3Ec5W2hrRiu+E8u7XevXr8bvtiyH4eNZrmYPoRQg2ZxnAroVKuqVE96chkhw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\MSDN\8.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QqAxUv+++R1j8uZrz8yvnbkJ1N7yDZn2spDJugoXtOKMXl0zftCrf1pDJC+3uN9jSB8/vm9K7lRKH
ZwQ0ExydXNt/qG8ezyh8UcJ3tvXP+GNAOTPe5+k774oy4Anz+bGFfqaQPivaRM+yT4YAaf6oGwQx
Yxk/CJLscaf9kWCIYQAuoFYbp7IbRI5sabgHeARbHs6TRD8b1hAe/54VEDLnPIIx/f+Xh6Sm0CMo
pEMWwPscXH6eb0ZKqEzFmfZuPN10+QEpY/lYqtP3Hvg6cXUO6RViTpgJomImYq8nZ2Im4XAYxbwt
UM1oKFJN3taZp/+bX9jWJUfDdQR7gq8VjandnALxADLQZbEOUgA9cVK4hIa32KejFXm61XKjPiq7
o11A8x2Fmr2YgtRWh1hVqmI+aZDfA4Kkm9RF5gkdkrVq69a7Y7DSjVbvbDIa1TiJYqB3YKaDVbCd
3EbBtz1MJFu8DaawOQUTqwaSq2S9clUOlKFTh5QodHQ/iah8tD4WyOAPLsynZr9201QzuUqKTIWO
2k78dyJ1/U83aw0M1AbfOmZbho+GGXI7wlHzuhSMdKCBFCQNbzMSTBW6fkdesnSmh8dea5d4eWFv
MVLqr7jCUF5bQNs9pG9PYxu1ujYRiwPeN5Zm0EEXyOtUIQN0IvooC+lSt3fBtwtwsBc1QrxbdI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\MSDN\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kaKEQMd95kWGKClm844IdgGWKvS0qSMohiZ7JkndlJ26wLLFi+A9xKYfu8tDgtVjRMm/VHBFik+aQ
mFqOqLstCLpOWPYv4RnaKiEnTSIF/X7lp/LOnmE1qwdGesF3/ahYF2rFtodr0CuQoGtgO5qAi4jb
XgNlbZdLfRaUlCMmwAq0uSCjkNAZ4FZj4OUq7zfBmJoA9ZjhB3FGMADqR4B33PdF+dsjwDpeeEQb
h0k42HAdQUR7qruRdFMhNcTNdAuZpJMtrQerBK8Bdgp4MHu2OOBhFULfhJTB8Q9E+moyfjdrHjRo
iRaRh5Wn91Hb9ON7pdUUVfOUENaUYiYdOLWL/xUvviFNNjszYRB0ACpOruxLr6Q/qEroTAFJ2NFC
+1/rM4c5IY/jrf311tOmO5kLYXaEJbuJ3Q53uR7M4aeprdiYNT9K1vZ+wkPst+EJY3gSLHsQ503m
3QabnfnAmMHmylrHzOcPjN8vAYOpY8jqL/orVI5Bly8kEeRc/5iaFSatszPWYPOPLPFpcRoptQwN
ryO2CkHXxz4+wCjsUop6p46aMLfIpFmPaaN+nsY1jQgRhx3XmmUuPfeURM7nBZWMlTx7i6C1OXpO
ybspFledcgyKqFTk0zg8ZE1KZdiW3kkJA/c83GG+WPJWggr0m4QelJVFzMPVVKrDzBFelPL8Jo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\NetFramework\BreadcrumbStore\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HtIY3EXqt5h9qicA5DqE7dwGUcZjwVGZHsrZ4wXx6Ke3I0WdZvus8a4Lb0VzOtnS4+rx+0+3Tl5Cz
tjEh5XBCPYih3h/0PKR4oKPtBdSjbYjgAnz3WbZsQpGSMy6TgVuMAlL/L4qfrtUaXUrVkaL1Dw9k
D03cOuZ2rL5Ch3ssqZ4JOZUaSUN4FPK4ORmijgsaG6pZgGEQmLc2+uxLZHd61dmpZwMlCsZH/w8K
Cee83BHRglYqiEVaqNrGruRy2DKB//g61jEQbvaWq7ezbjGcV2XbZpAk6IAIw/AMt8lnwFEo16yr
h0KLJkRP+JQoqyRj5sLMPHr44jSxf+nrRBqYmMMMSqLIoZWMZ/pl9h1jToTmNoVbUr74blzmE+EO
01B2R9Z7xI1BJYIA3wBp5XfS50CLtbCEE7nXCgOsbVkvJiLatpi7ESLdcsZs37pLL9hshvCTofZs
AOekKn0XJVkfqo8NhdxZhhS5DGaVmtkxqJQxHQ6LGlbQangO2QvI5IN7yzKol6yvNxbZomHvQfDW
d34uzD9uor9JpymqGVvgZw2/6ooaJ+gy4SWsDGjYN522dqRR47twBKE0cbrJO9RreFhpGV/Y+/c8
b241GOeqs0P//N+CT+U3/MIYE6V7auLtug4pSGk7cOAmRT9Q3+K7WXvWXl1+TbWOscy8V7JpaE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\NetFramework\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IhsleUyzWP3VmXSLmfmYY2mr6qqqqD8moPY0GXTy1oE582jr7X7wqTDL7ABZEQk48edoo6vAKjpix
nsrWW91Xo5nflU8WRo5L6fShHi7iWyslyJPh+/tnGsUlNg9A3rnHWP+hwXnq0vXjEV0Fu1jrDb7k
E12VA99jGKYVv5MPwLOSr9OZYNvk+i10fglmaZh2xMU0h2BADwPWIKjZpHGgDO7Kn/g97Ob+aUs1
InHqRHFRkUo2AjnyFEfIMtAa5VJXm+SPZB6R1gGlLVeIKHWO+cooC0EjutGJx5nh7/R/BQkhPUpE
QrbWGR0WYvQFsBwheSfm/NOboSdClJnu2NRIAvqZshS5StIASzdbTcvp9IYQ8pnetRBF4yYpurAJ
jDk7IrvlTXyYj7A2cMKD/S/ghracVXuk2rJt2vlks0NTbvjRZzumYUpSV3wsXVUZWPo1d/gEiCHp
KG6J68LRx/mb4uafRZMXu226W1WwYGKMKc2smO4YPRQSD/tA23aZekVyc+SKQXxJWhbNJta+Wxh/
koq95/ok74q8E/mArU5ucO0DFFzDORplIJ2+M+VfqUvu8hnl6Oiy9VibZH5DrlYzJ9EOn0yzc40b
fAYfDe0bhf3uzKa8UyFLqgWU1Jfg1oyC/763oLEgr4SjJ93rxehGLVxymtPP/u9kbHWbfeIOvQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Network\Connections\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fNkMPHezwcUebeBkFcpUz7RNoLccTZFISSfcpFR1TeZyNJcUmGw7kua73h9e1i7vKLvtaUkMB7Rmf
UMGMzJkOA/pgwPRhEHpcHfS+KINvFmBtYnx2I1AHna6MPV5IeLD8ug1MJqkf6B7sc9ar4zy6IwKe
7gra6ZJBZ+Dm4/tvYuvnpfAOue7f+TWVMCnaDIKRmNehbfkBNtHzEXLJ7VuDYPxh5AA5vX+3Olm0
bTaiZEhhKxqfsF1l1Gtldg0uEwToQ1aUXoeS1jajgQTkpcLvGn9lXCnnkpNLM/qb7pQplg4/FV70
wkUgI/GwmYXx2JDuoEf19ZM4CQXdwI1oH3w705mfd1bBPbza0M24dnAKbi9xjFV0123+LbyYyqDf
ZXFB5LX7xPGLhkthojFujGVa/JOYbXNMO83K9SBxTvmTikBmwO3NDvjEQD4JuMUpiPrYs5Yiu+iO
zQj1SraK7Mf0DPtN2hNWbmEkhX4l7NnpnFeWVve6zPzep0Z+fM1vuue5PFLDa/6mEURIZ1TR23Dl
JDqFvIHFpkDjMJVBs3PiILpV2plpqWq2TiDHp4K4Afj6Px7L/gOCY27febrOWLRUZI67+fTCEZEz
jTNzwLRnZiK6zF/ynwOteIxBd9uCE/G+5b/tK2Q71SIoNBKSs+kyEytLBCyWky0xj5oGJusQLc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Network\Downloader\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c8EsZevqbTrdtEjAshGOw6P/BzVF6iYh5EWPD8biK7UYX4hd8iIMoNfIWEUyufBa0Jd3H6YWIdghM
H+yl+isZA5kwEs2jkS74GxgtBL/kAW4G3IyMYbTTMXBV/XVn/CHsz2I57fwmW0JogdkYBB7DCwKf
c/faI1b+15Cyxc9D6RycNBMdeq3Eg01CLiyT4JJBg9ve+sjAsWzb657Y934snmySInB+aiijjlbt
pyAuxlY7z41Lub+SAvAo17W+UcnEHUc+YZt/ByNjT1I3IFAwg9Qw6cKiVmzFkX/VG7V9pdOgSjWl
l+Ah8fvJ3r3F6TQE76LfpieyJnp434S5r185r8YZwN2wcNdDRRt0oSfqzBgBzvapnQH/ICHcXdZK
lZv2OtoHkKxkcqw6bgO4AbMgwGt3QnQXGkY48SIYdBWbMS2iWkYOW2Pk700bOX4VY5qT/VLrpUQb
KL5V+MR3o2MaE72pjT6I2pWEUo/nrzYsmWa2H4IHP+nnIngRS8pgjWqbnhhT75oNeZl3NoLQfoZa
5nf8qJP2vq+R6NHAg+QCd8iHvsjxtTnjYeaeC/h7NAIdMSemVdz1xwHjHi+xSoTmhG/lwYRv62lm
OYaE6T4iLeL6VEXC3HXHh4ia0md6NQ+2tdRnHnn2asc/G3cmicDQN4i1hxYRT7TvtYyIT7b20A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Network\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kNjARJZV6k0wV80u3QxMUWIaOSAfiFV0tCgUaUL9XRmTXN0cIX9SqFXoa6Abu12fvMamD69RmK21I
9+A6qiwZW/bdFHkjpWniDY5t4WGFFnTQEWJvIrmZhqOxPvlqVLUPZ8/KHc1dojvX52b1qjLsLISe
j1LO7ddSWgA/3x+wQsxChACbeElUX7raZ3nHSB1AnaCBgJMrS08lS5tZW/ISlIAAWDvMP2jjiMdk
WoxQ2GAJtTymKIgrdNI3+v9mbn/yGTTeXRwMwfgv8kbeF4esz+BpDi9gGGMsvKPl3J4pu2iU4ax7
j1pKqduiYugh1UTc3SSqF+IWoOxlUGccbCFeK1RMMvadhZn6OhJTEL40Bv/ZDijcan7TDIgKAbhA
f1jnJ2GWYZxFCVTrnH1aNnX/t2hgrLRV0ja5/CBg8jzU+BuT/xkA05FU7Ww2+Erh29Sgj6xxXhaP
lDSKsNPXBUMM8jTcp0CGAgTjw3NdGXJHswgsHUyTDZjsphE6WSDoRNiSar7nxgxIf0peWHF6BTzt
73uD5FgpUEttub52KpgkALjMfKjNu3GLJyM3b39eav3ckK+R7p19bb4E2Q/a8UZjYctDw67PF3jg
93lBkY0vl3ou9YRd3B4UVMT2E9XZhHE0PpvWsjzfPfUWPwKBs6ToYjpuCVBKJCjgN+ZCeorxb8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Documents\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Hhi4qQ9SajcBf6sHUEweBE/4ub4Pp/vgQJ5fBOMahs4nrpsK58GbLIGoqCdJJttBiWhuc2IvUaBB2
HS+DkO6H62Tf9fUhSOPKoFqqzywdJuHFbtGkrGb6ZfP/KCl7rh47eSH83uFX8iOTtnu6wPlFVcYf
N6lyydFrwrfaVHPSOxlQDjBRB5tTJYmCgQG3kPVNFFw18J8o6MqBjsfLNkp7FJByJaCYqMXn8Nxh
scb3R6wqrQuCmzhn0h/4ptRE1eeI5FqoivxkJRu8lOJ2QhxFGatuclmEyEtPOGvhu09nT+hzfr9u
/60sKzqI5onsn0ez//I1pcbwEB8pPuM5d8HH2EH3iF35jL4KphH6yr9snFJj4YsAFt2HkzDa5DNo
wqDHknH4eRqWfNErRB81ByT8C4Gc9CPgf0qs8vrp062rQPJ3IgHePtO8DHMc8zhzJ+tx1Si8JDuR
I00IBIJBc8/AVKSJqF7tM9MfG5NKaoSldox1Z2mU5/oYARdGIpxtnA8CGTb+96IgtTdo0z9oird2
CYEz1e/llihnwax+f07gzkh/xcVH5cJC72MNnUTzkJaswS+kipA0vMY4sCgDa37E0oE3ynEHHQ+5
nU4l8v21TtiKWoLNCuodQ4GEtZ+iAFUr2AnMLhmacMTbMNW9KEoPgv+m8FgyWCmcIqB7reUESk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
h5rOtI1LhcMIaF7bACvpJHawrniQSVGgiMTtZnOy/fXBHLOa6clPVrMDkERniY0401oEfNPDukIjx
b+hoTW1mKfSBL6OMAK3Cm5O2NI3Bg3gmryQxpxqBvQMuV7xxZUUBuvFdU8ocOzEOTFm7hJ48LbRI
CY39dBiNbVdyHGBOntvnPI7xzgBNHraun4xREH0n9SfJwwf9zM2viWVpzb3rg9Ijrr9JfpbDMyF8
/a3tzLaMW2od81InY3pUqHH1vVtiHUFo30ZK1S7GzmVrlHHB+YhZ1dQWTucwa6qoCTkMdaqA9ATO
0uZn6qkDB/FgK2VHZlOlJ+HNFl25iwmaE7+llq+DTp62Ayc//iJ3llSptSfS5XBDxIXtTNvkdAcc
fVTtfjo4MJ/04Md4KnSP26G/KV9EtAWawbggHXcGkq/01nUaumt2s2waKruPp0iiOjfEJX3+/uWa
aglMDl0eBEEDGW+IHQkEnMRttuWsouLxi6MDppdMjk9gLy2YYRGPDondNMbNhmiboYpLbBhfoOOD
zykNlRNiaV2i4fqWJhkV1ciUmGb8ynzR/3p1ubAY9LqW9UOnqy9dpgfbfcUpl9wXQL+Mh9XP0LHf
WlZc0broiGnagWaXdW45c6qFSTpUR5YzZ8mSpEhwiGEnT+UoJoiyPxALOeKMAjxxJFKIaQWnVQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OFFICE\UICaptions\1036\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Iwl2cC02cS7otntpvvkjDIL2w6fi7W+qUvcP72YEzzP9ZFF6FL/Mhn3IslPpYDCtOFkV8MdsQIA+s
CuBSVXIb0ADRwnqT0xA3w2biwlLUTyHXOxW4AuvxHAUeeJs9l3Lc7SohMlFcc8mf8zByVBOT0+eY
V+ik13entgRHplWcH4JKEVMJljm4qHx8JUTytRoQshInx9TKzSPthq9dLhAYzWsMvD84fuoAgQid
c3tfeb8s1pv1e3VUKggrRuFHrJ6amPHsE0EKmmCO0sKOGoLZGnouWbI2QYcVTcYAqycMzM+2apqQ
YtnVA+OEMKXbqFzzTnuFl0zoZKBKsRnlfZanhkU9bEd3JZtaIOkjsY/a48CMoL4k+Rm19V40qQJH
ItYhz5lUvTeIytUpDihUMhAj3sZdWcJyiiYUgJR0sOwhuCQFvl8KaBJSosHhadMXXZOIyWQebRvO
TiOzxgYzYF1ERm02DthPeQSLzXbgPsbzd6AmaSvc36u9XCAXIoKoNdWFD4PbY5aZMIDLmtQxAUcb
W9yOHrfzx8prj+9ZLWl8caDWrSFOJ2Mycpbm0Ez9XFsHU+a9dqOxNwnkNtryIo7UG0cpB/X2IUXL
cfZSs5uWJyDXN9xsOfSywlXjpOs3a8XEQuo4+F2rL/UEJRJEZiZO9lTJ/Ec/xIE0mJqQeIC+O4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Downloads\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fgsPdxVmvP6jVERlNgCeAKSoxMl2O/5Z89BjHeSTs/X35+xOAxnXny3cw0hWOw52uraaVc9GHqeOE
Y/93XaVrM5fmIuh2GqQHQWPyuRiZYRIvd8SxUFZrIQVsr3zN3RiumEE6V7aO19FqszjLGhJs1+2e
iyGu9aVvN4w+RO/zb6mrd/Nc9iGaM8ybiC2qyIvRToGuWe3l8KNGn2qAr+FWenb8R9EoR6F8CHaw
LusN9Kb63m20tPbwaAceOagdgwYQo1u9lPYYUeYfy1r8MiFZP6ZQ5PfpOaoEVmcrid4x8HQX4tgx
+O+UYEqhp3kaawca2Xe+PuoVxbcIWIHBsPEMRkPbt007j/9SqbdTRpQSfF0oLA1iyIDopEyD8dn5
WFq/q1eu+mW3Unmwh3b+mWADZoAY1iyEvmfkym5BhMsAyHw001JVrWmRpMCkkWQPuiF9TOCks2R5
alS30OMYnOxPZE9a0wucXIsGo+5LMfl5Vpzgihm3ZyLsC4GLFTQ7Kr2DJF7LSEiM2hwlIPRvKYv7
I6DB0EYcORY/yn7/3LRK39jHiZm4oQNLm16Jr7XZW4A6HUQGgdNv3HbjKEiNOMJytqsgHY4WwVV5
icWF2IGdZq1coxvMe6LLzYdeuVM91UNZQhrx/Gt6qRC+Q6X5ZLVx+Rm7Ei3NKONZNF4v2c+8Ko=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\Links\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WvYU/u2TPL/tKtg7+V/E7g5TgM7drIlDjGTi7DWPhdeyQYd7uwAZrE3mDd/Iwcp59f68YoJThHvTM
usB5n1FhOMEvZ4Lw+bkb/0hJhD0h8D1uu7SFcvVMD25lp/IY8gI/cxIlzENwr7b5a4YKcHnUbQU+
0vLNQjCXEqrQTj9VtpF7foW009HV1SsnQvxXsHjG54r9aoyYalYMgxUXwB+PYKB8W9plihnVgAkS
m7vftwqSqxHRSyZ/DMY1sQjaH3F96rsjbWFyJLPqHjbxG+LDywNX/HbpufK6h+8UZgjBt3Xp6sZI
ORBsxRnzNYfnPp7ugjSd86ZJmFUle8C6WWThB7PJzRQUsAlsNfAJQkFmNnBuFRpNE0w2wJyaIe+S
RwM8c+BeN/FjmOZgyx6feOrCYxh179toAlUYyn3pG4KXwCgpisL3M6QiySbLQZvakjbma9TONEOn
TJDQhlLwaOHQOUkzoi9rxTJFFbSd+aRw0y2jTlo8Nfl5IN4qackBQLp25lT5iSL0Jj0f9Z5mY44o
3S+PSblqXqvdVRhfSTSFuGDgu13Rkuu8NK/5wuny/xiYFEpWr7gUMMijhIzoveOwJwzCKXK7G8e5
4s/g6r+sh/UpR+4nuWAKVNPa2c4/4zRZ8nlzLDE5Bf9kOYuDLO5GfVS8t9fSJ9Ir04rR6n6XH4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\Links for United States\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
O5jYxn8B4CT7dtzghK7xS9VRNDkh3WNMxarkJrrzuzisOme4h+sC+60OSmI4oxz6nAjh6ndp62r35
QyuewzUdN6H7T/zVsaFnn6/9fV6LF4BZUdqIGWUl2th9upDXkaa42j7qCNUUgyNPQ/RQAbXAZJmM
Cu4wRWR91At4S3bc4agMzPwv9xt4bwC3BRVBKD8k28mkI1i7TAKaFaxgf/a82mr67la0364BoG74
uORkS5FDUfRcVedwOadcmhAOed5Knx9dcTNXre9qkigaSg+Qp2sBu302530ibHD23xs2rhOZtyxP
axkvZ14SsJDWiJKFsWxtOVcu4/Nt8FXqFJm9y7oX2oazxs5Cegi0nTO7P6LfXWFym6i2fQsz5429
hTKXzTyRdB8EakEIaDNTmiX3e3ifRUMmRtAW+2hO5vSyoIafSuyj4hc1I7NcHAZP2R6xVbhI0CI/
lcEjGxDmng+b+huNx94SUETY0DKi/AzdqkewAi3nFaVmll1tsmEvkyP5aVS6807ubS/FE7f60kLU
LOs/CaXyeLHWY4dQFEYBA7dFD+tXA1rlA18za4u+/b1VXO9VYgOU/BAWuVyL7NKtybnZMO0X3zXI
H849IUiaBvZ1B3q6B+lc0Z382Lytlv4FdxYL2n+pYIWHXOouVztFLZTosuimghXyeXpnJwDWag=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\Microsoft Websites\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Q4q7OkipYGJhTL7bXvMAItEm7TqQ8GVcLBXQdfXcDJVLmQQntn1uKbry6oYd6hf/CvZXRJ+92eNzK
CHPRvi5k4OlSOb30eFXqE5s4OInspkWz3tDHo+NRYrBaf4Sm9+WuITwJ39CW76qiXX5TPLSoea7Z
RH4C9WE8vuSjcuCp8+Sh5957aXCYA1u8a8MqTJHjvsEr80qU8/rIaEQNQFIXJTr3M5yBAj58Ci6/
8wO3rt2+aNgsfUYBnwcPLp/I9HOsd0G3t7WhMS48NJ7vyffdtfL8CvKotqXmAR9IxRkcXsEm/M+6
DkPGrCazqlKpc+lcmb4MdxsCIiJsvapAp7847Uv8hpmeksLDgrZloEewGgVadfQmJxDVd6/T2EIv
2TqnOxdfRokzcyDW/T8LG4M0C02a6qwUrkuQujPhFKqFAIcql4wOgLznO5LeqAR2rghQQRl+5Icb
1tNI+HzIYxkkhfUgRN9oD/P8IUjINn39zxtMFrIlChRmwxkGCRgLBUgAV1IwInJKzd252geStASa
EgGNQCD5ZMD6Y1JWZHyWWlEglTOhWfZeC04VUAbep1xs2ApWmwHy0InKr/Yrx/vNtFTc2q5c/SqL
cUGcFVFnd/mjxsRHF8ayTZno46C0EOwjWjq9pfpi2fnFbKFqTjTyuXye9JesubFSXRAFOYGeMk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\MSN Websites\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
eMSVxN+ewOwtHPzoFLb0dSX+xWgTO7XCRvE0dWNefT0zZ4ipN0ykW5IUQJDt+kUMLjKIzKFTeOKJW
yJISWEANqr/f2cQ1WKXkhpEWB8mAEqchHu0KcFAMlcydm3s+0/1FwlTvb2aURoOCdErCBQf+7cd6
aat1InCX6OdoYt2RXNdRpQHWkUsWFG6Ja0mpu0+p4lRniC6pr8iPM/QZjZnQ7nde16pI7rKXv1xV
E6rYuCYOzkwmMhRiZAKjWGrHuK4gwCRyycx+VuqGcCj62fhKjOba9NgrNfXlXN0EASvxPNjop/AL
6Eb7jmDFNgLbB4tm3XHkADfPmLkgYCeYHf2BUbaZ5lWX5r+ueEhV4XfGpqXSDlSlo6lyU5Gtfxil
5jWg97FjDEzPS01LxQBcJHw1fkK6EkFQULitxjvQX0fQKONXcOwDokCzj884mJND2C5eQ5EXpJnM
eJmWo2ltkV5yKrHFF8wywckxUH4qnWNYA92ZDyB1sX6radMdVfMzPIf5PIHg8AVO42sa5wdGMrry
lLhkbX5RBS8jm4gT88lThyA9y2+Pljez4EmxOVYHB3elwx4nbcN5S69g4wur1b5H3QE8GJE2BcsB
IHS1GD4j254M7GitpO395ar+zfcp22m8U6LNBr7YeQf6VmR9mjcjiHaZ0Yj1KnOzH9wklhNExQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\Windows Live\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YwPYBcB5he1mB/yasNXq1kTDGC6b2iEP3IjKG/ZFnpg+JGFnG6ZlHo6fTgRyHIZgF9KwDxu1vygv2
O2pRYld1xJgDpWG7m0tIO2SfgRpayIHYZuBRQlWjNCv7En7n9PIMDOXQd+HnCgaEz6kQFF6gU3bZ
XR1Y3YLQHG26XRY+mxaA59WxUeromppYIOrPCPeJjk2zLcTsqYGmdDc+Fz40sKWmKtG8cpCPY/tK
7I3xat5ueMRxsLhlZUYa+qSt+EUF9PQhIOsf4s0K4IXu4rAzAbDXaAAI85kidiOyv7GwH/NgGjms
dn0LRvIr93XfNLpvK/4BcgGHJ4/bjkYqFv02rAVgc59Z5d9JT3xjdgCDehiibk5ZZZyRRUkfB6P+
tG2ucwY+xefIRL7vg7ZTLcILpC/63RU0C6WxQGO+30yP9qrySnz3nDucJSM9qASX257QspUxVqYn
94kcCUg7zKgwLt17+jmgyzOuYWIThshqpawpC2n7uyqJM/DkgAlcklsPTvv2HbhJHJ/YUPLkjBp6
XThFdj4ViM+vmKhz8XLYWD/eWx8BtyMCVHbIzn6c4bpeL/e2GhBXtNrVLV7SqlzDq5maRsnqbs4z
AJr8X3npw7WEkPEXewc8I12mDuPMlLYPwTNTSvKzGlELczG6+OXqtAwtdfGS/uHv+QfLWUuxZc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Favorites\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
K49rSbFeOHNR7JKvqHeDvpOPeQ1ETbnGC4+HYhZo/7IiA19ttBagJmSnzyE/HL76eO/Okvvq1TRys
K3tfVYqk8RrfKkCuhh5jCmvVB0c55vIm++6+ziyQfx0PM0Wo6YKHwk8VjwffLxqabSf71gZ7PLGN
Kl0TohtXziaab7lTu7Vm/I1EKRIiD06wZdScpjrq7SmrspdudQ+xvSvPjZKhn/ESFhTeZnPeIk/B
ZtHG1C2bF1IVwHDAaRxxJe0z9XS0PFuMZ7Fbi1s45FQzQEFkkfMEGHPJFNWhUz4l15uFYhIjRbMS
bL8BZQtFx8IV61PsBJNEyRUlNuyCZH9U/ckmxW6dOHcmFkN2+N71X7EltouaN1cVHxunTd+F+bDn
/OWjuCax3iD/wsoLrF83geG/HQsIgSQ6YF6jNMsDBxSkIhocr4EmCChIi8HMjYtOZzcufTKGXRI6
CfDVgJr5npjj9OhseoWy9Ch9xWTxomL1ojs52wOkMaCAraUpLly7zCNOxCEZCZQynEb1MchDZkGx
qTqs5pdov8FoTLwpaUWre8XlDWyGQyGe4BL/akjOTVc3CjZUVIhQIg9Yh3uCWk/9QDuECrZe9gEU
nI9ekWz6AImNFwa/qVZH28wLbB4PdC8j2Irds6j+PdeFpfkvZwX5C+EyOVVAIasIG0c0V+CwHY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Links\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gI4bBV0ccD3dA2QUnJfRkAau9YDF1V4ijX4WseEU5TRSfCNpr93ODFFAyE6j6K7dneP3Sdwq+7DKM
vCfwM1KKrgj0dSrguCtR7AXeYDztuLEQrx9t38KYHAKmlecUXMP2QLHofQJKeKhCFshJZqmhBffI
+4nE4GlHAdUQU7CRvnqQMALONWzx7b+JsEfVXPzmFAWcGMQfnIN8UCei6ZalFPjRI/yaSNwBOIXh
Y6kMqJY9As7qXFjsdr6VHe+5zQYDc1sLL1FOvCMQAZQ9Ksnq9FdNSDO+wqhV2SFrG1Dfq5vgMd4Y
Jr+Ky4uOxUahw67vJM5sR/DFfdTuKSDO0QZuLLBv8mQAGFVIhHqjDq/9wtRshbUPw0WNtmTR6Oq8
9Gik1hfZS8m89ke90kgCtWAqN4iSnscAb+5uIc2Yc3J30IRsSSbyruLAqKGZBLGuh95yTtxK0p2A
yMnbxOTSX6aVqFYjFRQIWjXcBXQ6/llmY6gsIkAM6DMVp7iU3NtuSfjYlmgYWtAU8iyDMZR342pW
VnjZnnhqLHmEWvgwqu8CUXSx2YjcwAjb+fZnqHXj13SPApZQQ1bAOl3JMwYldEwM8K+Op5fFd+66
5LRaxJ5GjIj7tJeaxvGDzPvL9szMSA5Xg+81xPPZj/sEIXyM4+gPRMASKDi1Za+EC2poTZd8uA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\045114287\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
R0PtEX6dnzsCDpXZHFtkirGqHZjCBtjTH4sMBadOdlcXBatIIBSD9PH9Us3ihAu4bkRusobpg1+CT
4rysU8NZAta+XAFQbnQnY1rpw5BP/2jAr1F6pQZcQuyE8qWJXpOw5QcdZft4D6A1YfjYYHu/8KcP
m4RSrLuXJekDtJYx7kzpoDKIFA61PqModu0PkDmLc8fgIgnPvsHjuJHBS5WH3+je0OdoaWAo4UrO
qMZW1k2mAryWWWqrVq6M91/YJh/giMm55iAIQz0c3q/2AhMgZjslno3xSRsg0Pe0tEkSYrOYX0xG
cwWj8JmuAC3bXtoOzZ5hsGdj7SFEmMu7yzssgoBbXNWFyZh5ckNXFsRTyriOPH1uCR1MY300b+o3
qWDmZjf/OZfLkjk/+3Jb8nJSWik8iE8Ysn0tuctUCLE7eYMcScYLeUyjNyM03k1QENPt7S74OehR
K3z2+gWwbzETArL2Lxzj301kG9Rh7z1lQLe8XX/YHv7VaqxrW30HMil/uCsDlARMtH7Whu/7gAEv
5fqSRuhVyWlmGZ3yCvKIshgOS/SkC/sz1rB+DFqkoZsLWQXlRTrym4edQCIhR/H7IZyEiMagGWuH
OlcQCta/h8rylFbaY7tTrQPx/YkXovl+zR1C+g7DZqpnqbnRMEEm65mma6mO+CqtEHA9gMGhCE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\CR_3F444.tmp\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OIR4kfy0ZYgxdNq3YIP6ca42i38aYcEeDac8vnOUzPX7+lCwfN5RxARw9SWJsx26pB2AoEnp8vXtF
EZVmFR/giKlMIcY3fvF9cEkrWLGs/rzyeptqEU418TZc+BB6pIna6i1jKl9iNeXzVZsfN1Y3mHnM
lwoAOOG/PNl6hgbbT2m/sHUuykdL9EbaSMwmTNCcb2DM/gZ6JnEMxc6VGpvJc7E2+qJ8izyv5SPj
4qMRp3xve5xf5z8+G0gg1WY1XFyS/WDTcKnuqd2E4y1wFx9Y90dxoQq1rBnn1No8uuNHaUN3toPQ
1oL2NNhOSi0Vc1vyHooyy7KZeBgxN4bvGASa975UqpcZeJWFU5dCkeOM9/cUpglhNX90z84oNHjy
IX2OlsCY66lB/zi0qgTxEZoDCDewLqVxHxL6jGk+fPRcSuT3aFL71y0ScP1D0KJE4C/+JbWAMRkC
bHflWTkXnqnlocgOyiQAVZnt0BdTWjRDLqEyJsfrAo5RSHgmlXM7Y1/01POxq7eKWTnE4Nyg7W8U
frfrTLfNkLFqb+gpJ3BadstSwE0OqXzFx/gK7IGdr74GZ2MSOwod3omBL10Z0qogaG+fQQ3RcQdL
x9iyouUMNONxHmvHn0cOT+11q8k7DNpfg98CZOT2SZCAyHYYuM2Jckk7lwC0NP7zdkRQw6keow=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\hsperfdata_Admin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
U6OKKewQduW1NDhYeXG18xsp4QnE/5/n4A2c7s8bM6lCXCp+hwugxXlxEtdlVXrdZRDFc/DhxfU5g
PzA8INlwIWY2JXVksjWOXoOHNQlg1xEd390snFHv5+M2BZ9pw/0+ARHRItStK68UIN3H/1AM3Dcq
xV40AAbg5TQIx34z/07eA02wmWIJvLOUn5wk+lYBS7ZTqVOu2I1M8wUSvMqeaAfvvWaflwl2Ha5n
ny5ZKyqhPmJV8H7BXaxEjPkHlw/bBlZP2IUJwn6nKFwc2MDuPqgJdcsaWZKUG7uk2WjnClegpO6D
eLjKqKJmN1jWfOWD1dtasXdCDoaK2FbV+cyyHN43r/pSDfhQ3Dh6QORvGX/1jTawl9Aw1WX636JA
YDr+LCzGdBs3e9OGihHhe0DnO9BLxnqtx4Mf7xbUBfYeR0/toJnh/+GW9iFngCe5ZNrFZMOesFq7
eEKrYCIGMHSm5EMl+dmWZ4YW5Se0Avc4gmLJyL9ndURacEjLFfaVw3SuRvTBbC8bDtMjsFMxQbPW
a9UeC1zWokyNg3ABd/ZtyIbzdFEz8L+5kcML6/Mv2ElXW8JS77kpDfed99mCB+Q2jpOdfS6Viyjd
o0/prScAV2Tf49Rj+G5LZ4ppixBudgq0/DWC7ChuRFc5wMKdX1iQPaq1FCpeSalTgWbS7UV3+c=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OMDAmy5sE/l+Ecf6vgMg4RWb5nCNFnQ9ELi0pyiaGP/loQtSkerML0mqp8eTL/x4V926HD58HNY13
fZ7p9g0LEgdoPcTOxFV9HhoETYGOWXlxMOPKApWtd+B31R8ZEHGHwwc9klQG8WaYopc6Cl9J5JKX
6SIFul+l4d5FhIGT8aKlt9HWVgpuDelFKSIEHhEy8bxsoLoReSEORz1INBnf6lZ1VrhyzzA5aDyl
ErfvAmEhPrV8ttCctLpB6BMe3H5tKrn2xrX9Th9U958P8hWuN4qdZRSKtViQ3p7odOtDI8nSCYTQ
w//wF1jrkBrLITnI7IoaLtEkbKGCjLNOM6H6WAGmH/00nkSyUXAUqRUWSYVwg1qScZRZN8ruieUF
ejpq8tzdiSHLMQWbRTVYzRyMGl3zZX+BGHUn5J2vT4yL1JZITfGtiJesD/EGfDvharFbh704Bdy5
Xf4P21SIi6WlUL7+BrdbhYtdGl/7zD2B1k/Id1xsYxpZiE/OtfQT2B/aSt3g8n5j9jqQOZVFra/6
j+IfGRrpTjZIfDo2lNQZRwivLqshnxJ75U0Y6OoI/OFpoPyNWr9Sd7h1Aa1RKNGzyM4CLGPmB7jY
g2ERpuUA+HKK/iMc3raKgrMejStrzKpGk1Fme+iI2KK6I4C4ws5EA4b8AN1VDrGTxXeIXy+7OA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_10.0.40219\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ed/Wxu7kddxpiOGRXapxHEz7gcjXvcnkVu6IUEst7HJgCPJ5Sf3U7Ixi/8uzT78I+bxjC0Zvk3XEE
nK+KIZR2XbjhyflJu2BJ8F87PgVNskLCV6Rxp/y0oHq3jGUvWH4+bIi2RCV3wx7Qvm3uwcUstq5h
iYYM+y6BeWENiVIdjnQ6sTmSNEkU+oHTkyM4muWVbaV1kmNOsSaAFvkginfsvBEPO4LUac2Ai4aL
V1Dy6hnhkRd46AdparsS2DQUGRW2idfDYOwnN+HNXc2JcOVwaoLWpJrPTPPef6Ckprx77C275uS8
BUR4Tcawp7G/LeF5LdxLsP/k90n3xO1dZMHiCh4/ud2mZIYxhCw9RqswFggE+7aQD7tzcdvHz6gy
EbK8/Btc7AGb3Uvls8/iIuqBJvF18fV4Fnq6C23Uzy2YMw3lzv7B3a8DZaqLBDFEUmrCGFSw+pkP
FT48L4bQatwGpc17YpWp9J3P2edA0ZQ3gQzh9Lv+l04ea3wbzJWEcAxU/SawTUPMLuXEIEaV/td5
8TeJOMOaclqi0mzr21hvzsj65F6WL0Fulb3duf+aCRN7RDPokoXvzwQ3202xNzcOejgMaAiOwdJL
hmM1eo18WNJ3rVwSSshJvpsUWUaZziZl5zcK9hNNg+2JMkKofRGy+JEHMyTrIUpt169eyHu1aM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PWau/X1LnU0AqGlqJ+mqX3A8wNDh1GLLDPoa6TE8GOHQkUVurGkxUhiB8QiuOoxYjf6WZQjhtEWlk
B5jtttxDb+higyY2MNzw69uoonEaxOOlmAwHxnfFMdI1YoX1G/IvvKOamO3fegVtTrVnyAlF+y4g
4459hZHXl3WhsJR1598kImnXie4fJ7gHVCYOy39EXCe5HhbOnam/ijwuWngQFdQCHI9lo40ZdnSD
eL8yHFNfHF2JuLqAGY6B0Bs0wCXuZg8w8O8+P/5/VtxW4yroQ5PT5GYeIo00bPgqvQB5ALSFP4nh
qVNFFGh/kqFXRlXDGZUi1wzU7dQx8YI0N2EdYyp8a66iMytYcTvxswElWlob6ERh/IkPfqinw3zx
yaVg948J+l/H0rG0H9XTrQ36QiNjTGuyacL1LTcrGX4z+raPzorZlbCaKeXAyazw9vxa58fAo7UQ
ogYIz7HYcLs2DkFEyx/n2/AsMg2XcVHLoElArskjP0o2cER8ldC0of5gcBbHZcJs5c37l81vPW6H
uwf6yTWQLIVjoiJwD7xT5O5Vp4ENk5CCPDO67OpsIFEN1VQWa6SVjCgVbsNLtvxB4lSfSbFv9Nv9
fxptwo3ELG+J0lAzMvn95g1nreXzm6YpAl+ijyDynGYxjmXCUegyQ6t4cW1sRRqPmoN2lHQ6Qk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\WPDNSE\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VaiSfjgTYdv4HrIa+CT/ro4GLqYOTl8qUpSvcznjqOk/cCd65CcBhCuhFjh8UrW915zaMsJ/FEvOR
HPfLGbkeh3JRZA/5p8IGv1DR6DRgEZJxIe6Z6pP//0TN+bDjOUkKiHQI3zUBjvW51DdvE0X6JWCE
XJAS68ow09p2UChuCPlusSmhAGIOaANTgKzYt2MByKeyyuO+vhFwNTeviupej84VzzFiTfIY2nlX
E1Nw8zxBdlMvFmTwkc5EbAdbDShzp2sfQC3SBkYaP9HOOC1TTtcHfbWO4YfOhuv5/cg4Pi410kp3
P7WOsBEJzB2LdiMOrv55xNcyhDhUfDieMLH9X47YZ+LiX/UB0rzGmWggsY++MuZlk2W14eK8kVdJ
hFFFS/2YtwFKZnDm4LA34Q8WFXn10E3FCaj30P3QQ/M+l6y3iNg8WFhnqoEb6Z0VTLelNYZ4JO7U
qR8CpTFmBc3xF07OVe32GY0PllofPuNFWYYFZ8Z/0rn0RiCbwjtJYZWIhJiqgjwiV2GyfCtefmaJ
Bi6m/nwVE1S5N3MUrIrE4mWoQtandSQEDPdK82oKycO5/MnmSTHvNxjSeLAnqcF+8XJ1DtdP9Dz3
4bfM6mjPtQKaB0zBFrNrP0aLOisWPOMwqK2HIQNYCT5hCQqlIFjV79LmhxBY7f0Mm8sQ0Di8z8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\Temp\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
keRlvlwU0iCcqHkulMQtQmCQqg6dOW6neVougzqhf0tWaYeyVB3U3QW80vWmnJFl97t0wcEKQgY0O
+D9mv2mHT6zsSgOanuN2IQ+KcDec99mBb6kZXHZYGAkvAAbP0TZXZmVvYUsrQ1J4ap6UuWqvHrQb
96t72s3/1edbJx9f5qQplrpOX9Tghi8/tnx0TIpsxXXfPDdIAYSI40M6t8izqGXf2lyJE+jMdQFV
eQBEmnP+xCXSCOFexitiRAaVkUgZyPmEHYSnN+XjvhIN3PRqK3DNT6eQdJyUZ91LbQhyVDlmYMGf
QhwynQ+4JmJcmevIcrCKhkTWi41TAkoue2yPGNkzGD7+SB7SUt1eugnY+1/+CpUZdPDP+rRmdEu6
HBS93yGudk1mP62KimUPVoLBUs+tQUVNc0bnDV9V36CQOQXFhIo1EAgJfQ8TcNXJI69dwDcEMDuJ
5AwL6jFjSB7pnWvpCEpyXJTPI1inqu1RmYIJJpNmCL8hi7+2L9fJqmbZ6eAyj0XySmN/ibiOc8/S
UwWySSTK7jwcIT7xwFSUuaZV+J9hQI6JMvzOYkSVphTkrNqnRy+GDVCi1XJzHESuiSbZmbaBeKZL
h8zFrT/bncRhNhv+KagpsG0diKuw42IaHdhjVgEkM0GaODxly/SjXE9vA3mIez5izFFWjnvCSA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Local\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BrHB8WAciEEvKPvFPRggwPbV1Eqx0t3uSjLs429SAVStKvgEOaCet3BHHaDvrsvDM6zZzFhmvWH6r
tZog/y2HpQVljGs6mQESUVU7hbUVQketKpCr3LNIXkNsliJVlD3wq2f7JRxsEn8vG/Fdjmc/lQiw
R7tsMauNGSoQ6usurCX89AENfLFdLkIMCk+kDzlYXTxfDf6o8tJvEkL/Ev0BrwO+TK2AGM3DPzGY
+rLFqUuhmUTsZLKm3qSU/GSgukXJA+XvxUxprDoxhCo9936Dl3sS00BnIgauEvO/R/KmG5TATNs6
adepWZeTQlqmkwtpTas6CpSyZAyAT9io4KTvNnwFdFMrRv7nELsf27ApI7W75NOaadQ5TiKBBYRA
hS1c3/HgwgzkCOSliPQwOe1OFlHfuk8Ieiw0i9IKXXvPtJoPK0+sKlDeEhBhrhg2/NWIV2OMf6Vo
EYCmLbT68EpwfR7FdibZdwptTPWR6/5tMyCtBwgzXzln1yWcZZ4WkElQaLg2Euf2rsKk863GOmZe
MbE6JYbOEG5gYhzlHQLgZfI3tgTYo3358YWH3h9uQ6ao7IZlWzuL8C+0clxYD9hatNieGFH0Tf3i
EaL1iciSqEgD8EqupD8H8Xi26frjzBfnBcPiSRQH8zfgWLGgSBIXpzs7Mud7LdKDxgBehLr9q4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\Collab\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FUAd1v05V9AOjafIGDcgZ2wolUqSfGTTiZxGdHwRZCUXVr56Rs54VfFDg1XW45xbN0Uod0VtkbNKv
VLsa9K6doEUh4GWYyM6JN5dWru3anF8ICQ6lLIy94R4mK8FDp9ctyuV+L+MaRrizqhLQyL/JaheD
ea8LM+kU+morGUVNQVPtwhMuVzc67w1qHRe2uDHWpDtLGq8KbiVmthMkI+ya1w6jNydim78cfq5M
wrbjPlBlSs8Xs9zbicUVzzff7hQfHzsu6BVYVIKh5UobFKCBwGTH9T5kwqxG/09QSubbwfLFCGQ5
uqBy6v6fMyRKJjhff5g1OeRq6Qw8KgIww5G0oW2IOUknrQDvDxvqTBALCCStzfYBwmGQPdlKvIgs
idSic1rl4JHoVJvQYlgKV+zTRuWNeOKbHk/EXzUEfV1/TeSc9dj2HPvhb1Q4XAK5dCgu0jtNkiQR
qV6h6cZd8JXO7YtioNGEOQcKcreBxHHgjFg0KB9aoNbj4ys2veMIoYtERLvISRo7r28R9xa321JK
Z3c+TDZb5BFQma7tJBDh1+yXkIO4y2bUeiS2HUtmPzaJOQePzekJ15lOe68zcjLO1aZBlCLeuaOI
d3310Na/PamelVePRmx3LsUAOhspSZ9GynOBaAdl8W9bDFGGrxJXDbRbqLtom4GIcXIXrdDPXQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZUESPxj5Fvbi9ARDgZsf/4XCLZ+I9H6CMGcSl2hZKN6Qr3LvYie5+Kv9ZmW6/kYT3BkFV46UEYDLe
1e1fKA+vbNEdOpntOz26VzK++Ec2NGQrv7yu2YlKyON/jYLT6xVp/S1OmMgtin0cBwhIst/y4PAc
aGSsTYpYUSkiHWwvhF5YvPMDM7i+wEDMUvUVlnRtz6SnOFzkcNCoJ7IwvEoNUJ1FDR+VJHZFiS+8
WlOreBkvXJpNcHN6C3t8ad8QkwB7RMjlUAmYGwlmugvNNm6hRSJsAxpHkRGucLlimn5HieIvXnEC
rKS64Nb6hsDCjT0sMcdnf6GAV3Lyz2W0wga4WnAqBj7rXLlsuL0FvlgxIQ+eBHrCHHVKmL7hlWOz
zLzkS/rUHhB1b+C8Kh/MkD3bzZPjahAy//RkMcdZXrdu51S3aGGgcU+nhKFohVQ3PxvPMisUfzYI
SJroUnRtqIDbFMDGCd4KXcXXMG3X/gJlRDTK3/pyS2sbIQMMAeyrErWSLHY0Mvzigg1o58vVRRao
mLwcoM0ZUX43P8VQ0vte9qUUesYlcBVMS1YySXJeGne8j6yXJCTM81LdZxK4ANMh+UBHdm/FcWnT
P4AHH34MQDgV170ylUYkxWpUIlSHSJfFxkmnXn8+hJTjItOYcRe1FVDKX4ryklvscx4duYattc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\Music\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AQlKnM65dIr/l/NE/OD6M3CHarF9IH74RPNwCTfs9wNQJhMiUmxjh8I5XTOesdOughI7TTSfwK6m6
3FPOxryGb7XnQDtAezGd3rfjnfcb1vXW2+UCBd2ZaCr1Dhx9qN7EIRbvlNvY5LR8eM8IbgoWC8qy
d71YRBw5akhk66/wUuhc6JjfX1pxGf8FYIpEIqcumDaS2/FLQti6cI56iiC8ZQUiXijA6I9UH0ds
6pOV3t2BwZuFQtY1q0WYNKNMa3gtlXMeQSJrqbBnD8zLks98Yy8vZGCtSijV5/JXPU8NU2FuF9OO
iw2vVZdfBRZr7w8lXW7srbb7ffDDZEYb7l2mexSapS7H9dGmPR6O02IQkfhMorg7TIUI4Lc77PIR
q3P8SYAFkqJllMFjPA1cLjm+BdpUgbEjVR2MPwm7/IVUJNNuvQnAiDxs47cSkOH7lmfbxHvUa2HJ
YOeut3TTJdvwq2RVmgpQwP1Hrs1Ecr035tAazVsIApaTIpCgJswukyzD0mOuB784XLjI/rVqGV8V
e/IFCDg9TQRyw2KoQloIhQz4ddLGRGuBbPRpnfBGpHL2yao7hD4H12ZmgsU0FaXxb1ZiyKY6ajzl
R6E2J+xTwP9oTJ7XgmWGN1PDB1MBrtAPYTBO1DrsAz1kDuD3o/fuw24oh+F6CJs9wyf+uxPSQM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Z5mt5Pt2s0rVNu1nluKTUMuO4cY7PEdlTznCwFWBB0cg6b3bZK07X9lB2SzILh927uWuhR8KhOiU6
MOAJV6hCBs0swvsQaULoiMpHCzwCfo/xMPvVI/Ek1UM3ua2NbHP5sXjxsjATuwMJQzNEWbzZ34IX
IqjQM2zrIW+lSq2UEBnox5YKmhxBQBv6JxgTBrh/mbEq0d8i/Ew6aUGR7MFhK8zpNDZ0PzZAqrlX
ux+RcKmMOeXI4M/l4z4md0daoGTTeqbSvva6SD5OMIzZ4i4G3k8g3mIpoyUw9CqQKt1rhBhfDCu0
b96d02y60mrMd1scnIAIHJR1NqxmWRdnZ8Kci/bKiReSjjA5es0iVKBHCCKilTTxECoxbYMZkAP8
RJGl11y7YxjC+RCRJti3riY2VaVc/6jbIoUm/k5o23PyunkCNM6TD++GPmRpVQZIj1e9Q5nYTd9N
gDIpuDJigwIZBiQ7Y72l/iMTdsjSO4ZOfd1DVD2Uag3zf15u0PkALKhqAjjk0Iz+THi6m0na+cCe
Ndi/hXoGBnIGjwvEWwiNY2oaYNvGtuNB9lK0LYUsfm04j5JfpizKid6vSbbXbIcPmPixiWzFtWog
PodjTf5T1pA8MSE2g1Zr8tJ3eMfTjK8JePKTn5ZxriY3X5seUYnH7ZzqQeSnnIoduX7GnDIaig=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Media Center Programs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
L8D2I+/eD/sHXujqzDb8jDKWrh0r6slkwerg0MB2aGj7FCSzeDO9RQnjYCSBRH0dJDObetmnKT8r9
08ycpdPRlQ6kqs/+1iEWZK3d8INQa8vgp380AxdvHCfWXE8UYW/uQtAbHmsoBVwqFZQUdFKD7IW+
NZ3o1DdZvd0GZqPeMWi5liqPc5wf47liwZbnE1dHxMBg6XxUsJR3UqsX0BJAibxhXzqyUWBmTswm
R6C81axLM3Nzky5GcvxoKunm5N+/xxsHXnc0E5uSaX//ngIpjrJJAZi9mikAtzQdoMPc3IDU63+w
kdI6Eu5+B6Oi8l2b3KfT1PCUgqZpK0xCheo5BmDjmm3SaqMU0Xqsp23B+N1OdeLbjARm/PXIxrJJ
BpAqetW/9nkYmrbpzV3MFnpr2u9dRpqFOU0PgqC1oyRh5SUcP2Bf349OeLiyWvG30qLDwsicn0BC
yKqq1ANND7LKO3OrBjJnQOmUOTPoWNkLnb1V9w0OzUsITeb3/UhCkHW2BUwfOgzyfPey6MUz92VV
pdT+DDCcR1RF2W1sw3/BKeTwh53IBg+sj76D4Vs1Iqk8gOTYDFUNs9y+4yGaBKFWwZvYq8iZAwRZ
cYRdUJdGj8WEVCu5FWDodsX0r+uuEsdoUyC184CKMUeYbOHm2uPI9xg8jI1jPMBBUm9tS9dTtc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Flash Player\AssetCache\AJEYWUNP\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
J0tVCaLHGk49pruio0Rwk9xAOvtrMkFoUUN6HlxKP63uDly2JF8gezm/bLJneEBHAruB8K0h/kLiG
tXnxMShJbwl92hG7h3t4x0rZadNT9V65tqbD9w1+uKH2ddk8j1rElCt2ryWpIRw8HrWestQ+scgA
82kQG+rbXsqAK6j4R7TMngPygKFHJ3ZmOVxUFBgIc1CW1q3lQtMFwcVxvu6RrS8lephINJ+HceNT
XES1rZ76Xna5AXDeXDZYxmEg+0JJqWpCmY4bzzhIwBTLIxHlVHjM6AoDJwHd3VUm8ZryNkyr0zLx
5uRZ9W15o/YZ1jNPH2q3i9Nn3fwBENl9vb/4VSp4Gz8B2WRcigQhqSlEVRn4L3brOk6RubhOMKyK
kCQjYMSGRnUwX5+AfpjM6mfkn6GESzN+agX5mh5Q+XQ0ygCWhA2zrQTHEvlq1PhFy0Wc0QPP0amv
IGnhjeT2HffybW9+eapwFIR/ceyBSMvyZpaHZd1aPWLXOXVhyFjlrwUBovKzyLuz9U1xg2anErd9
SrBgDutZgeMkDVxs0tYVNq6My2CII5P4gSHzeJjPLOVscVouwsUqwr6mbH/H1zevL3yXLEMhLqid
gkGWXNIjTKjLubrtk3lw/8HdRWNM9l479ZxuQZrnfNBEONpoSSx9pe0UDRlcWhv/a5t6umxlsk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Flash Player\AssetCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YJhjWZMSLUQFL3MA07iYKAztXHiVirNxt1oOca1a0DfSB8eDZAJqQhmkzpPngUGBFoYXnV4bAriRN
+jLRUcQ6EXPPIYOAEaRqgErt80X4EBDJixoXbxieL/2SGP1cw4J+2Tl9k6s4VTQnlt+411WxMckk
DrW3m98jl6uKGYGtgSNpcqxhe4v0X9/NV5EZdz8jrJM1IlPJQPlTclR9izMaEgAacWo6i78vp1JI
9KfQOydgEuXwxJ9ZeOVlJoNiWE5J+fGFT6V4Iy75O4fgEw8+lb/+dwpNKR+zYthvcWG9VtonL0Ud
5RD0QKTcWrMbpMF4vH3MOzI0FaG0Y/uxeEKCIgUBXXnfKRgEfd6FVLvZHXHpzFXdKbCYBIGjnBFA
uHbPlwA0LGqm0DMSINwxudpeFkyJuiAcTmF44ordFNr+u963Xz1GOLUSHtr8ASHQl/jq5LceGlZG
UlVILB9OB9CKZbuZ4Yr8NiWKWdmg+14fDQCdU02sosTznyhhohz4PSJzitX2+9olOJN6zscptBMr
s0IoNVawIFeqHBQyeQ8ocoWTbGl+yQKqiS6eR+T0FXcptf65HyjYj9qsx1xmEFHdXQGz0T4i8xuh
sepG+VK/zt0OfXVXVrXsGDEhPVe8jjTJCPg7ZExSpmkTH4SRgal4Jt0c0SfDqIu/OHOSjfd8XU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Flash Player\NativeCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
d3XY1YKLXXY+ed0vlRCpSnVed3QCld4nSihxl+X0ro95unOqjuNLK8MRUb1R3UyD3FnC1LPrtEJIV
Oh1TCfJyBCoYFqJ3+5zJZJGmj0LWIF6yYCIcwmRhWeA1eri0xk3AfADcqjo4S5hmHmleM84WT+XM
2HZY6OvtHKhyE+r9yxXJr2hK2dimSOOzo12XR8bECfRTWzgCyylP4b3n/HKhdV5nAz4z1CMAC6ta
OGxllh/nxvCwBZp2rb/BQ4SjoQXIOGYjtSvd42owkC1jBaQAfrL5XhFQsjWq7ExXCjd2h+KQ7ju6
4dqul5lri1OG2vobRgtRXauilhn3dpSWpr5yAmIjMWODNb0jDnJASOLTrITUUnJGJ87wd5+yNaUe
t+ffn9LbEzWEjkzeTGC5sudAjFEVrFXSMCQ5pm/JN3m9UMWmoQFHkpbMBYM2Zyuil/enz2CvMb7g
CBo1xQmUazNIKzqWV1khhfxGdRf0MfnUDil555fL8xJnfvfjof6H6K8DL0+VA1eIFCZZ6j/VFY74
4T0ljED/PCGQ41YeEsiyk1ZpRBSEm/BJ/lVaUOLBx+059vPLDlD23ree9cxkZNBKivkTn1ad6M45
ncml2kt/CSKFZ+wroLnrwdgYytuF/RwINdpTQKYabHIostvm+WmqIFHXngiZZPlxGl/Swyijfo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\Flash Player\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BeWpAN4mfe3rkN7N6cOWSsSVc8PJIOzpYZ3g0tlrNLBCk7c93ODNylSIEdVFzqAGt75XVNPCqKnQl
B76Ptm0mRZF/xnMSVeaJWoqpEqTAdVdVAfIOi6PxNYJmuR5xOQj2/qYPp/2oEO3QknRD7NpjY+1X
0lzxX1svLezbMUT24nLl2bZhFuBOfhbh0/+L/gvT1JdO9XslXEU6712cEFfTZUVnFfQ89Zk5knl9
3Zyvfe8t/VilcqWfN3Vw6k/yNmZjTRjE3f7vg2I/EULLWVzOjIBlakQU6PsMfpgN6X3Of6j5rMWV
mlewNxBXqtUmvEsDiVcTgmDAy12kCpgD0BjXpT0dSGtmcPR3TPREpeMD+3cTYSyEQIAWsNePWHoK
BkAdWqWst18+A4512KMWJeEraUvUJ83Zpq6X4j1EQXnWkf848YroMhBPePB8tKFT0eoNjuQQLkQe
ZtwgemvH9yUIWBLyy7d42+BSZLbTretKYUKGOF+qkCayEiIYfCdDiiaHc58lpASuYRhHUZ1aGyiu
BYs12kInyU2vtXiM/WLXyisb4W9m8SmuV0UD/r/Q2CfNie62X/L6wFiKWBN2jwYd+V9hGlBFN4r8
pMIhpC2czXFDZzDp+q+qfU+Je8v8Fn02P1czIwTQtv0Jdujm69ATVXvfd2/aK81PCxE/jeMujw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Adobe\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
e68Rtn91jI5R7E+Nc05qfWi4JonxM956G84qOj7b0GM/INAuOyWqnm8aiAScyZaLkDSYwpo43urC4
m/30kgZ9+jb6x53tpyM+lmLLqaTWiPh6Se7hSYZZLQAqJ5qu/GBJe/MJwz3qavdfXCHV90jEDqhr
83v0LiLGy6Go5YdA210w2tpdtrZvVFqqsJboIzShHJrj8wCwU461CheQTwCrCJMfKojnDtv23PeC
10qqpEAm4+MFwqImQQhRhW321F58US/CzGAOisv3c0+LUBut3my02T51msGsSnN/emnFWLh7wZfa
Jp6uXGMB+prXEdrYjwqo765qQxeo0fYek/PDAShtWiDWVs69h3xz+TTRbd3K8zu2Cy+uZuMXohC9
Vk9A3c+QN8cVsvJuxF/JG1D5Rz1w0/2MsWNR/iRnOGAQywFlzbhYDku5AHOf3C9FBhJ91G6XzwpN
whQEspP3rYpM1ngHkSbh5E1a24C/JtculpcM6ZCzvbf9B5oHDSwFkRMtUyHQNpu5XrkjxDM3ySEm
a2Yc2Lc4JCPZhVfhRaz4LxeH5dLvCXfozKN8RfDm/lGfISNTa1k9WU67klFNGC74GAfcvlZqXodV
BNAD9qWmVVr6nao9QPOsQinnsHt7obXWO8aG8e36bLG+bhx/8Z73fav2RNXa/KVKAprGr3qveA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Identities\{B448C477-1FC1-4A22-A994-21DE87B30229}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dH24vKgp0qUHmZeD4+TFnfR3XFFtcrZvjVhJFlbYCGSo0WNSQZRth+ZHB6rFbLihM50TL8LhEV8OW
8NJ1D2waTKT4jeg8Aw1xXVZb1U03+3P07k3rOM/+yXw5BO2bPXqI+9bkbhgELQ9Lfl6PwxXO4eDg
rxgHhcWDbVkQgJA/UWSJlNx2S2nLSpEQ+AN6ozf9Jf1gb9VRpQck3YiE+GCxA9kFfO7pH4j6CoAZ
4iD5OY64uvUQSMNqEsgd/ONCAtYZ8vEoX48gOwXkxg1Vq9iqjq8wX/3we59ttl+UcgcEmd9OKsnD
U0Tn3nhpQwlJQVNNS4hPnLHLqqH8ma12ecR/aK04U6hEZJdh8oS4y4eEFaIvHdltWDpjXtwMGM78
ES9AdrITbkr0rx6t0wteJIoGUg7M06acTDyy/8LDzeN3gywxyfFzHkUAozX88X0jshXsXEmrs/AJ
xLM9cUBNDPOzVo/Zt2jur9ZlDBadEg5MpgR+9fEUfAUToKjfOYbxQ06rZ1CZk275uTV1vcZ2SFHr
f2yefdQHkbkZrkiC1Qg5Q6p3OwdOIlJEu97djZR6eLaR8YAiLHiQoSXsOJHDJgEWTsx5+L13zDta
YAM77e+vMs58o6PsfwGvVMtQliVVGA8Weob9XjzQVo15DDCAEx6EXj0+j24SfzaFOkRPLzdIf8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Identities\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
C/DSnFd8VtGlAsrr5DAgNKXnHsMyq/UM94FqmB8CmS04ZTiqcGWvIorIBDD3FJVzdg/nMdLfLPAM8
rbK827k42ldKpg5faA0HVe3HWy16Bed+h6XUVkvnYG3FSTH0okRYWsAGk14DvnPpqcdpOy00V3qs
RQScOXA296LUH/I1VN7gqiTpD7HgadDYyJ3TQKZTbNjAxnrtlZstq279pj7zKaW/GRXo6FkPz5Pu
klVaJwF77oI6F2OfDpmOinwX3omLpGfuxuG604nSWEa2PCmaAhCu5I/nRDJfAcokjrgglaakD1vO
XINurrsXwmF5rTr4ptHw8HitJPU8srBixaNcEn1z12xvjO6XhS/HclPih5Cg4c6WP/pNsVMjSdZK
ftdkcKUoTYk1SNXqLdj5/yhEpDHJXAb0cMh2uO7EV49zpsMpvOthjajyJEFcd+aC9PTSa6XfXyo4
Ph8qdEM97LLZXXFWAqU9LUzKbmFIM0MoALUKN/Jnb3MEK4xDRGEgVYg9CnNulyigvtmgUP7ajjn4
+ntR1DT1MMu966pmtu3YGiWCkcI96vINE0sMUyjFY5XtQOtbOWIGOztfthykSulCM96tXxcl2QQd
r3nL5R5DwxINOuyuNgWzFjbSB0vUYu14Ew3VM4BimCGoQRSvW31mNpqtKcMtcm12cwZ2oHY7f4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\RJ6SZ7LB\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XCVibnuPBPSOtRyD3efJqVQpsLW69g4tRfpM6KTz+o8juJF8wa5t16dyLr/Uxm81cEnhX9VdoT93j
mtGNNj48Ct4uKqkR4vFEUKoKm4puAiJuPdiyD0kTQRDibKMIVIzf44SR30Dwa/kIRgdf0MSpYj1R
sJJIAbbqUq7vIE12yHyW3vkloalOiRFBP8ySekaoJkPPFT4LEakSaIlCIzuQkTrIbF+a/Iy5UVfV
ZCfCnOEOLLADw6N+yS93n8OVqnxDuFjNoxEp5O6RXsvnSZUD7tsk6QpMHLExG/52PGXRGO+w044q
+cdPp0lbkg50EtM99a9KdmNFCsQ26Z9twefKHT0LOkA7OB/NRuOzCbWPYdNKAirm/spqYDKpBRBo
h/lJIiuJibQINU4HkStkhthzRFwuHoCvKMzr9eZSq37T6Zfl6t7T9SytQRTHNKc26+95v+uKQbXI
YFakKAvRSVKyNL6BBBYEl8rdQgJPrkjKLgWneiwmuId09oV0RrdQPWMzaza456SDTU4pVFfL8981
hxNL3y2A6m0T6mDYa/pppCz3Cob1N0BHPQH3RrnlwiqfXc+lZK268JWVJ0lnv69Hep8db9T/qndb
PIUOkmP0ws50L5Ud7Xi27Rag94yV1i6TN2RiHPjN9OlMxCH7FT0tEsa95H1wFo3TLXHqo7GfpU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JYSgsndomglZOaBGMx5gpAy2ILatxVFXmCqX5gyKUIVRZXE7duWtdgVUYG2Xj/tqdhlyG1YCLp3Lg
LU/GJnYOTgwa7KK3MJl0VqxUGugF3VDykhCjuyGFZk4PE4qhopaZb6WxgwPz4r3184olkFWyIwDZ
HeW5L1dergbCkS0NL5VtybmoH1K8I5SPt70DwOWPfpygd+Wb9KrHP3cracFPJkYmclQc1u5bMkV4
dIBv/buBQZh5phLPjR0h1JPl5cEVWCrKzPDzkZLfGx9defJ1WDC0fYOZNWC1JELnjWEuUxD3yumb
UGRutvd1pfDoWIvuyrCJS540muCDvj1td/9ejR0LKYVBz46Bkmz4+AQ0iKUsyoQ8QhHGqKse64F9
WLnQeO/5YhSO2MgX/zPfcgK8pLt/mW4YMf1Zxdlctz9i0kaUXpVpZrMlaE0F2cUOFpy/TbNMNoSV
mcy49MoiECc3R6zojDHoFY9EU9p8TIuDAriXt/LjfoeBSZTp67ew7R5k+KvR979s1sYWOfpfUurK
/0K2uIt+1Xg66A0mskLrq4r53S4UsGg7sy6Lol99PRtZLVAk87iXcOS483TRnmZQoxrqVhzNg1ZD
WKZxlUy4wj/UQYfAl0gW6RuKSGDnK3ddehjUyt6eeRr0NZrLxVV0XOFZCiC1lXahPec5+Qtvu4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
bcMPa92WOR1z9GcBIxoM03Vk2Y067QNFZVys61xh4gUNC6a9xIAtToRgMfcyONF3TZd+etxHSqX0G
uqZZZHVwPgTgdV7egb5kuBTbWODEltv++Rm2B4UZgc7J1q4z9onjNngXKh2k9NXBwTDmJI/OQBY8
vebe4NdRu/fDNEPJY9kZ67/Igc9Y8oMEydeXU9AYJRlImejM0NY2tL5Skfk2jQ2CZ0EP1LeFCVVN
GhXeXV6FZmSvyuhunWrqsZLt4JzG+YOykaTcNm4U79O3/OjAgTIPpc6JyO7ZY3TP8UZ9VZrsuC8C
CTTDBKt78YKxixdWgdQMLsq00xx+Tk23w4V+oKJsgPuP3skDFs1peob6vYHhMT6wOYUezvyZ4KHB
IWD2/W8N+m4RUxxWtyQcnoYSnHnb2TUmvhS7rT09Mg9e+o5hAExwqikl576nlNJnnlcjTQXt3BXU
4ISLS3dPcVugcHtENXlLhMVr9jA4GxHjmAvFIb0VHdLKQOZCE/7d0P/z/EYOh3aFB+O+I0+lniwN
kJkXgTq7aIFzGc4TjTpuIhDNiZjTB+bcOnb4DdWGZwB05S0Dft8XLETBFz1VfszqSEvEA/sTWPho
c/X/IxoG2R2wss56XhIQyjUF8Cnoy8CMZpjjkkLVWsWG354fu5IVGiGApa/0hrXnJ5TtfuO7aQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EUDfiZX/Od5fT2/EikiAQ8fXk5/loC8WFB7q5navAsAh5tAs4Njv9qFTBO7t9t5vGfk38dShQVtSL
ZgIPc6Gc9zBgwJEpJXh9belUCG9Mzv9Mw4TfHETI5Pzko+5g44Dq7u3+Vyq8hhzlsRFDtP+YqK0S
uWtjtQLCBlHsxKRj8k7xmVTBfjgzD6kboanNVaD7xuThWh4s1FDKi7oy6gBehoBOXcCeiudR+CcI
SfBaJXWm0RghwUGk2LBZ0odEkfiO8/ezHdyfLOqRMsHRvkF9Osj9Rcfc+7UdUdGZfvRTTK76e0J3
7S8bA0uduNMXp6MZHXvWTiwPSr5EXeyYRQyvKtClpukb5QR/VZcUtuS8D9t4Sl9S7GcNPXl4y+S1
SZYsBVch0XzHFerQWCtcWR41JDgvi0Wg2AOftz2sWuDMBjDEec/StOMMGbTeVQwdYsVJbaZ4lZSq
vipBxiM3nKYMUk5pBjdN0mQOiScW4Hm7gtcClGsFAMChbZNpEP22osfXyCgiP75BOhtKEwM1rewe
/qVXk6MBYHnRbW5FDGDNPJFOXUG8Ij1D5bDJIHxR5CRxlYQQAwaGKFhxrO5DX5nPWkC4WkW/ZYvS
Xm1OI+7+wLD1La7JnfJ8NNy5NXvpjuV/1fpzv+lfyz6z4bDliuHd9t8WIQ6oVCmZmmELfRG6zo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
X+OKnPKRwJ/YK9W5eqkYstQShjbKU4gn3O/qfotZmKV3pro7zc3fJ15SsTCOrQ0nJybTQGJHhSVdV
N7PnRnDXBpoz5zpDIEHb0udxrxpgv6RtmV2sGCd8V9aWxECVsEMmkiPoO2kZRuJIjN/DS2kyrZsb
/f7R+3JznJrB3PxhFYigzu1Q1etB4IIqWBKl2yDpLcHgcl8bLIhpX9mrB64hJkLRfhvlTxRZX0gR
sEqNSPvEwEFhoMhZuZ8SOfecHiy56vIsE2aLOp0HzAJOp36Xa1XIsWItB+C4b/ZwU6CovO4smdjo
Q7dvq2eaEsrCshfulJLhXAFGFLGFC4MQkQQ9hPkVQhxGavoEcvujx+J8bgnwDNjJWllvktDOmUn1
mxig8tw+Lm66AoQY6kfhFxC9ddfhcwzxMZ+oXJMBnuuAoUnsLy627WwG7Cbkat/GSwOM4D9bOzlp
P4aCwso7DvC9MvY76CTP7OjvNh2w45fTzf+OWvGgztj3tx2RpEvdyeghqy6Pw9Fmr20zg8AKrEa5
UBfiky8rsmynMPVYok0VvKusvV+6C6Nhd1n9hrg4NO5BLIjRC2GAdiVLkz912KpAGPzlaSZRyQwv
ubDc4zz9lD+hAxJXyB0QzLh7d5tGay7ngVzS1yxIXNTnfLc+90kwfFoVdHx2Kt72HQo/YIalYA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\macromedia.com\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QDDQmTTRcAiqKN5CCeq4wY/x+5sB/FjGfQSuaXV5WDQ3NKkgrL6M4AaUFmkw4Yu5sIcJcNBqzJYxh
TUBeqCKnW2NA919+G6jK3y8OH4EfGBQpRHH6OUop1DJl4ZXQAHAsgahygMzAdWj6pU+IxfDnFhg1
1+58cuoP1SQDCXKZHv+z8sO6IjBEYStbgSdhqORVL2i8ySiQ6CAn7eerBqNJiSZiSS/tq43tJhZD
/9P2dcjQAlA9pLK8JmM1QB24hK2E5PoSF2TK6vTziIooDXC42rkNmX7kDlk6IOKjoCVS9bbrcjGA
Ar0BxQ6nW/OaAV1CSQkWF+5HViwRY1GZPAY9ZSkcVK1eh91VWMP8c2IgssUwOiJHXy6JdCGQicrQ
woHk0wxSec1pOzjn0yyQ9tMnjUvEtgn2XTb2QlMLHKk05BigjEGeaa0171Ax2nM504UvPqHJVpND
BNrOCPu/TxM71YabkiGQnc6HgItcvREClpuwTfd2mn56QDbixHv1dNowZ0xUQhIkuJ99V8hSBax7
atgllglonZ4U5idETv3RoRQfYXMGYv80ROIon3kD+FvmYlqjGaKvD5oBYTE01LBYJ7mtLDnjfX/b
hRsp1rATnYFCWdp/6ZkrkhPPdkSFpUocMOf9TA3djQSnPVjLTsgBQsb5Pw0zMtMD+gy5h8w2sU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\Flash Player\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Bvc0axCPRtR8oL7T+3asUOV64VWYvwXBq8sLiMtMjBhrBRZZQx6GNzTShc1tEbVK2qYDKf+0JSTCc
UlggXS+m5mTvoTVmj2hZ8jgBbLPcdTHhR779uY8IlA4FKYXfRhXUk1/Ol4z1Ct94hBB+WpTw2S7V
LWM/m054z6aNT3VZ3E9+YxVvtvP21w1zzGjOByGkt8HlzY4U3Ay60F8hN77CWQL9ZV6gF3u+w+rX
RgJtaF/hmM0eelFDakoCRqFInlIRZOtP7QqjMd5z4u39qyhc90nd9OHOSaes/3oNK4ThdTRua0TR
mQOotZSDuEBpbiKMXa7N5MNugIwl6DgJ4d1ylXQHXD1EhI0G554sEEPAbaDDqTz6WTrFKFS74Qv0
vsb59U8Htlfbz+FofGSPMK496SANlWjKjp/CgrYoBkwzc2/PrEteoqyBJFGb9VxXngmGXccEjTAq
wH/wSnUeaH4eLVwWoUwSv1xUheTwoZtYxNpGYWfFJaU0ui3WQzjvzaCr1BfQFEriTiLvHLfwArNF
bQMgeTl7rENfZKTtG4jtUlsKTASCfUDf6EKlWnajJJwBtZGCfcUNgZ+LEG3Riz5JE+TqvaFS40Oc
X5hNjFoO4DYfwcAJLE8kxvEX5VocN0lLBOD1Fe7snD3xVGEal4yB0LRGxPWRp1ybatrTUPMdko=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Macromedia\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DGdmRfT9qAduugV5rBx/cHt9m0av1AkHe54uLXhL34tsSURU/SNsJJb2bRP4iFqcv40PbzWlIM5cK
es2yEZmv9PitroM/CeVaoZzkj585vbsOt5dBxusIhTgljgXAZwWP6Dau3bYPvsE8oaVR7QdmIvm5
k0qHqXsMYsrysVTJ8xlS2QTvlJ2RppOEm0pYtXiTrDyM9TIkWa6IgqARM82zt53FFTdQ9FqP2mt+
A1iDkdHYvHXvL6UWNy/Me/9wkuggkTzCANb0khg+701n1VibYlfABdoAioyPC5IUcorvUe4zp1Sb
Sr75nih54jnNeKsPdqvEtDa6vdUzl1JW6nIAnl25ouaoU9ZMha1+wJ4IPBDB60kUaVW1UMnOKNoR
QwWeMtPt7QJXJmLfwonz89SHKIC0rMYlJ+u+5XisTZh4T/4yvTPcBmY/O/V7KfAS/f+yQtJz09Kn
JQ6+IOs2wPtJs5q61nTU887Ap1K2eY0I+SgVJ6OHRSavMk3taS7GV8w2sIFbpXzD6mtYIzluKfdr
lCh1xlTilmzjgRFEHVSahRVth37a/aEfnOlICVeAQ8Fy9J08I/QpMQ0j+Be/6iR/t62jQcEwrqNq
HenhmK6vdbOwh/MhXzXlDBF8X+imAGW3fUMVUH0v6kFIv8AwQ3KB0W5L13Qk6n/9o7J2/CN2jQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\AddIns\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
l5NmJcpredSatjngHscGBSg8tpmKb37dkA8CJV3jTzgou90S0IZx1K36jKy1wfDYUdeoFvzixZg6q
SZrOHCdoGnOnwxiS8pHmdd5R3E9CM6E6pNhoLa1XvvOtrFpYL9LOqvEjCCDyL0tivWDOUZd3xCnI
Ts2cTA60o7CH1xuSFJ+Sf+NKo/kn3VZ/RijHJTyoGOT5Gg4FTR4a/4/+Lb+tHybZz8e5Px9GKeXW
STpTLEB7RcXywGNkBIAZD+LnR0vuSOCn/mGhR20DgDY5Zwg0sMaIbpXsklNZ9xa+BoD9Dq6ZZwer
t2f/ldhOjEXHp3u+M/r9tS+21RmA8B/fsXlS+X33ywzSfjKphoevdruW2p3EXwf6y9aweJRzmy8y
DqTRRDyuw6uScB1MOvaVDdDjhd0DNe5orF7oBjkoqPOowdP8yCx/ecGa9BtY8cBLOpUpDyRP57nU
vXWfqIZ0vPNEuYPi1koG9F5I1/UVNpqfNCoge41Is93gaV9DmbrKhLUtFa6bpJjBXE/DXSqx8O2S
9NGNtr+R+a4m5T8ofyuALPxMpEXschKLYejaaPapxvrZEO3FdtLTqZYB42nbizlMsruQLlqHOixR
Ybce7wH/6NO2SnZRK6EPUyFYAkS7YJWGDopq/aed9K0nt69+UbkEybnMp1l9t+wpDnFDijMP5M=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Credentials\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
J14DhGNB2OQodeqt+PaBbqKc4/TV8KdlkfO0IR8ku7gtq/ss9phUDmZRu8Ce/uFnpg06SnVQKWpoz
u5tfSsYN14lS+Hn2NQmqCW4Mm7aNu9ykglEKZAfXMIpRDcX9dsrPN8qYLKDJl0khUOEH/5JLHPH3
OoqjKsV1sOSJuDFzkWg2dNc+rDHMyCclDFEAzrRGRb8JKmaHgtV2zE8+wxmGb42mL6jNKpiUzf8N
iKrj1ebqhHfT/J7JGYshp24bNppDXFhijyY8d0Lm6nl3ZSh7ORDgKH9kkk9TbJHgEB+Mwy9d51zX
39Lo8DmHI7fUdJ5ZGBD51NwPWPDqjO4CTlckRm7/RRDxAVecTbMECS9wr6UWJCfyNHvRr2imkif0
G0sgaDE5wvFZaNnR+pv3j6pu0Phz0S6yfBtJ3+uNCFjkgtqZvcfFIyNuwPOgZRwblyzvRgkszxOj
01FXTH5Ab87wZQE+KNsCSpS6510Doh5q7qRfrj+3HLphHOdvlvN3F78YmBIe01LjhrLXSw+t/G/t
ulZByuFLe77JshLJbp0P6OTOU6/YtHYyX2mrJD/27pYVAAPEPLIeyzbDJ/8MYVJ8up3oUliCIp7u
uLOKvTdv0mYRDmJ/fnTASdIcbnSdhuodY42GdQR8utaAPJ8JE9jfbEohwYjmNinAHVURO8s36I=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-403932158-3302036622-1224131197-1000\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Y1iMUe4B5f4BeWApKolSsnN7Tk9jLNsinW0nwtRJUKZuU8QTbwntwLjsZKwzxcVqVge0Ns8vd0CIh
jTkrcvdvjeeVoNFh4ALg0m8/Ust+T8ghACX7eHq9aNNXLgaog9smUf7IpZ5nIf4KHwT4Jei96gK/
s4lPEqWoAAQhz8ZT9XLD22F2J0L9GKg74TpVY0YJHneePhNqn+p9qBuXOnEcO0O5GKd/tfKF0sjF
1VlYf8j/XBPPd5NJXI9mgTcqnExLQmG7dB4gfaecEfm5eLTjk2wZcxcNrFYMtcx6pV0Y6/9F6LWZ
JfnmfOZRW6i1HjHIrOgA+MxMt8dVsm/Pb9zRFR5ItyjOW0n+QufyaSej/dA4DssN+va4xQd6+KuO
8dO+6i4S4wURtK52urHp/dXn3lzJz1tw9gXKhGqjHCmrD3JJmdOj/PgFfEPvYATTmPspThfNgWrp
2Bvr/o//BrbrcEoYaMtx2AFWKfusCtwOy1Lu+vUaoUn4cj7y8vwgRYZMDbUT9D1cg/uRbY4qcb7n
NER2jY0kL8VloMm3SMdGsRCf5dpCcI6jG8yrPW/jbVaqTgCXJQpM1ae22DG2m9jYzI6Xkt/ehBXo
6VR0tK1FbQLqAtzV4+r5KhACrzzeHqTnzQ6ITLkbBSHG0iEIHU8J03YBZ3Q0tqv5mt7bDqwJpw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c/b9l8F0hhQrpORIHfpUiUvIseCXCqMFvHsyf7EpjLTKyoeszMEGXfqtRBx+JcQ+fRrxRqksW86gI
BBKLcqOgv2HFtyS6SZIGq8HEiGxhuH/nIFD1JeDl4fjbgpCyCDVySiJ7Uzw798tzQPu7lM14/bhI
/Y5ZBgdVI/1mKyBIoUP+FqT8VIanLk5OxPH9xWYJcabEgVni6cNc0kS7de1ST3jq1wzzZ5Ubwo1p
zU9I2TiRg7bq5ezAnFnDmKAWm/axMzODnYBn340SXLGoFVGFTB5uETuWJ+24XQbmrTUYZSpw/A8z
Ne8q9pVta3/0FZsZUY1b5FpUQaH3XOjPPYHoXgo9GiWJbAgaIgtvpBJp4MgEinCYKTmAsSQsWcl5
VTIlu7HKRm7qRaF3xraabdaYRoOy3EFW9xA7t4XsLNEfReOnO8QuFGLb3FmGQajZuhM4Qvwj029b
EQJ8dk43Ej4BPRIoerpL2FIRjbKrfALl4bR7/lLJ24slk/OfJcb5RxjiniVwEvrGB/hvSeSgs6ul
ZmWbGRvsNEf6RR6C/DNgWoJ+tyeRKAAMD/rmkLxRaTTHYBLGGqhFULPI+Re8hAe/wijd8AlQe6pq
po8celKtAEW9sTz40rIwzjbYsH5jS2s0HT0rdDRzZKjeEVkFh6nQ0kcMfC3WzoJdf0iaG8ZozM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NRlBsRp451HGNjoE0bxTBcXEGLYPGbQuCdjZgx2c/un0gv4aXSi7PfP3yvZ9lREMULrfAf9p8usj1
IHueuengu4c14L2j27IxHbdhiO/TluB2K4mS+6h8xcJ+MlFYrfdbkOS2m5UQXR8y96N1toit+cJk
EIccJNvIzBZLFeB06RGISnmpVRJo1OObl+VH831E5giRkBzf+iEqL68F3IKngUVRwZtQV76AHVNx
gbOh8k2oFqBOl/59pDINk2EO8tbs2SPZ3hTsptJH/86rrQjPSp+5XgLegNqGVKvMWljC3GuglpHE
56VuiTY1joP5c4EsmbTL3znz28/JY+3vKovGZMixJ5aKwFbd8SXxtiZejH4GHVPTqc/euf1wwFao
Yi1pefSi9xw5IIfC3QC35FcH4KG6M4SuBa9/LTns74gzCmfclFGUphEHlUMdx8tdlZCy0K673vfE
7yh1xgus1audsUy2D3XAAywJCxrsUsP7T7u1ED/0LNcTkatWqvRtwAiE/3C6tcUoa2iuoKJopDYt
VxQgVhf2Vr6Z0fXkLIwfn8swwPiPpPiBx3/1zPI4RgeAJLyRbNQS0QXGlihVbI7U65C2r2QYy0ik
hLHWyOYIOGjbx1ykTKS6y94CZqRtN7RbOleOEVGNGGkHtqntYEubxXXa5Lwe0Mg9MosPk8wWk8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks\1033\14\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iFPcRvK2Qln6epZJM659Rdvr/CHM2jatrV96t1AmsEY6WA5hJZ0UBMU+usGGkrh5hPnK1u6tvzahX
t3jjzpGwWaz0OcFUxEHFGMXGkPF3r9BAyIjMfdYAS2NG5iBETzVtV5OtKO/h+vRIwcg52vvHtd3e
6j1AnvZ97CD0Y1JBbPm4T2Ga3I58fBKxFyOE65DNdh3HoWnDsiNaioISbppbcZLyuxR/68tEzBgx
ELs4S88lbjiXVkotICwS35ooW8uBLUkvOXxtAuZjJCR1HF+vG+6UY+2UrsDDYx9+dEo/Jxv5sYDN
JV44QB/TCi6UagBzktxXuHFxjt5cgUu0Bz5GGpMi5KMV/K5lnfRElmKF0f/GvhY/DmtCnviikivO
TPZ8BEoEkS+CCp6O2DZXIqWizscMpevQ8mSCl3J7SwW34zHQPUef3LtyyUy/QfvCHbdq6czAEPOr
6OgKOEJv3MnnoJGWhnrGH7ECXS8mfpgPQ+9p7jdJgy2+LN30tjH17BUTt0z23Tzle0meyJ/WaxHQ
4hHdXUv/0cws365aBe5Sy1C+WzvsIfj3JgMV6MvsYU90/D/BxEFsx3ujE3GE3GflxTSFAjcnZNQ+
RESS6J7KfbQdkR2kUPL9NgzQ4LognRD7ceWHLPk8zc6Xq1kHSNz3y0oDwC2dKuTG+z/fJvkFc4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks\1033\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lDCljvtmrnMsbDv1DPRRREzC44tORrl4naZjiHJx9b91UGbpP4tsudeTr7rsdbhdM8CsLLCBk/9jo
bPUKaRj8fB+y/TgK0wGZ+sPKyWICl/BkKanRp9YDkizWa8FvIpSWgMXVdld3rAqnBvmo88d6Vdy7
fPFnnvKFsJA/+0Lpt5QfRrojKU6QXaxBq3csaiqkQg7V9jO96GE0TZS4KU9XupMy8QqszeO4sgON
39TlLlHTKWvkSsI2cSQZ7gPeIIcImXEQz0PBWNOmmWgcIiEXjN1FtXQAVaKvhkFxtigeVRt3Jiij
3u0jubg4nIBWsInk30QvsDygx8RAA3Vls40v2JFWuLQHjORvNsE1rV7/keMu64dIXHNMx5UVRL8A
NdU0VdinfGSOp0Grz0FvgsHS84aMOawNN3F/abYnxRtrQSDe8l77vs8GaO0Ue+IfPAgiGKhCibNH
LYgK9sEV//4aROC5mwm3P3cUtaXNtAqGd3rQDuETAh3irfWFNpqcd+wgpLZKyqFrku9lOK4cw2kq
1vsTUStY4scs+iDZNuUX/AUMnh+weAmJVs5cFwrA6ugPsu4GBoBeks/dyhMSb+OhtpaEjlnAASGr
jRhIfrlwUV1zaOJG3y1sEjznsZcrBIrfHeQ/nStVjnkimWV4FvB9Ekdw8cdF7m39yTCdrSYtxQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Abse7GTuODryU3AETTolk12Iew/o9QhDOIBLxdWvNbGHCA8tGxmKBvORkY4NAbi7pGKtISMJiN+ei
mqCLNGopZxi2QE58DHROdjGCce11Q/7+RRilRY5u1HeqV9yJp5YsXPZtjRxoThxKIVIVnk1jb+Db
n/4WH3mGAFa8TSu6Y03B1I9d1uDC/BrvjdIfsUf+1Py/k6Y9k2uT5NfP+x9rIVqDmgvrKFybE9rH
+7ulUX8G/3/VpHZxV3Yyzqf7dZo3fDfhn7RdOMAW2hJxiRAp7c6GHwOhSpxgbnZt8W0OXl2+XmzS
V3FfPc3vaqcS7EkGm9dG+cezuYB6QyoMvM56LiNIvAse7QTpbZ7J7BjZtbazd9lWy40fW5RcFJVV
3TvVpZCR6aLPM0IGtBVUfZFUKhSSzz+6zh/+Js/T/Bl5Jv4LGRzfufTdXLyBpdS5WKk5G7txG8qt
Ig2NAlR34dFZoou/G64DImhqfG6EF3C/IN3+l39Ebe0Qd/ncuiOuKqGf7+QSaawxZreixrzHezzc
5EBV+dMo2pToVrXxVvjd7akT0utJ3zQh45I2x+91un7KOklPzxlSTIMj/sGErECc1XG6KCuHc39w
uE93kBGDiVUAOWnG0WhSSYcctIjigA4jRaW9pfcJeW2g9GXwygGk8EkwUl2OpKfn255UEPG4Dk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
la/lkMwB+EELm6IN5uDg4gndh+eMrClwe4g4I4Df4lA2xn5792ahYOk3d9o25mz+CpXgzygEK1GFB
dvq1Lqpe/fojbPgdbv6POVf+lJ7DEVGSUAVk8ZXlK+BN9Jg9Q0eCSiWSrtIkLjLP1QEg9aAqPM2A
SuhYHSHMwagerab/7mTB5tLB50k6I0cS0x3hQWiBzwmjoFhHkF3RNI0lAKQO0YkQ+Vgdi2tQvENo
HEU0ZnRT3awbY3GGpIbOMEsJ5PzTNJGsiyt4oksnjczwyBgqd0U0IVxJqhfuzlgskni0ApSVCqok
N9WU9N4lfsM6PCNQU0d8gqjqBNnlGh6CndutfxlQKMH/TxOJt7tC7MUA0RNn+f1K5a3ecyyruZeQ
4bQjboneQLzIIMB7utQuJ8cFrHzWaD64E39kEoMpfRcW+QFVLMeTxpm4cg0t4LXSKo2vEOOORZl4
2xoTaZ80IqZV4kouDjEVrin3TglPENyOq13w0ZjVAf18A8CoMOcUlgV1WRpObA1NH7bBsjjTbq9Y
zU9Rra8qRKd53/2jNlSEylLsW13t+CWlYycg4Cec2QSqfIwhGuaAQMPHly1Ev5SZZXNvMo8Npefi
uKE/pEjoq1hvFIIh2wd6KcYyADq8hmR8bc5h9BtO3Z8UIsJpCyIcRd9bClbwaNwwj8lA99ftLc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ay0we0BlYqdAXMEBL0nu0JtG8lqkxKu3RBSn1QnpxyavZighNcgMFyHy6fK7j/FHdGFlzOianhgUu
sSywoZkFdpezxhKiFszRCUfJSDPgm2Zx+bYWMhzUNtkN3yWp7l1cNcMLG5NiX/IWdKZUnEPVqNN4
sHUQP8gLZHOzoxOJnQnpexLHzZD4+mPvFnwBPydupgIhvmnpOPUIkoA/X6DjgbTqCOWyfCIeLQ69
rPZdYH9CzXHtSe0JXS0NSjha/2x1hamOdDmQX73dx7LoFMmG42jMuwKNoeJGaOC0CH2HxaboSEpL
OoooadbQO7+qGI8ZUZrEoWivk23YMJ85lTBbygXWkLBTlrXmD26T7HJJT0YNskIfqbQnfmHdZH++
bhtNBYxm4CgcfygpWn0WTx1fH07r5aYudJVXzgK5sHzB/oQ37d0ukkddpw4q/DuvYCnvb1yl90UN
rF/6/K+nO/Eacf6uYg6AoHy5g7LrCA7Pd+TK94Yqe0lullNY4Su3PM9RVhg9CB+VViFVuBBT5zLo
spSnxsfHlx9B8Q1CrK6mSbNs/vKiBFv7DjO+NcLg42Sgo7f4AxaUUyEJPxzls4qjaSVZwfGhDFmP
bqCEZrt07cHb5lg3mKOu7SvQehMBJnOT/7jhj6fNpril0PfHA4AybHWPsTrrJMd0fYYYzfeuRM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
b6VMA9/vgWuaniOIO1itsbQnNOWJEbOcPj+kzzBY7FUZ8wKFz0NTD4arRYW5xHhbRmPd5SwHXUY6I
h6uFtW426dsqZR/H13V5Pr2WmGczZdn+3nLD4bCNQ4m2BCjzNYsN2QDS3CDvha5XK2mCzI+AmPpM
NceWNOtWfIpI57Qq7JF3/NRM3d4Oc++6gM6T0Ig/ACt32SUfC8S/K0t36eE+qlYTKV77iIfZ7nX9
zXXqBO729uDxP+Swx6qhcGTOEmGE+bLJ7NVl2iVD72dMn3ioQfctkPw21erqdAxiO47jUakPEf2O
zZniUnkpf/jTATUs+uyd3lB87NbG8fc79UIZs2FeiVS9RwsEUH86KAdNT8AbqK8WA1NwdvR0WfWg
vv8FengckQBQ17SvPsXUBIDJdG/x/KplmskVvfuLGjToyTGgn7xZ3tjYuZtb0y8oA3Y3vrXdFAw0
Hxc5TFNpEAoxGqIUL7A4vh1UP4J0LdyIFRn8LxTOH/HjoVy0knsIkpkoiqVZNJnSfDeFMukAjoo5
uePVH4tUspEKRf4dXauQkdCx855MoNrfryxG5xqW/TUEBFDwMgZ9dt0jnxI8R7cBy1xwdkg8FSOr
Q8osuwW7K5xQ67+HeTbZi3VysO5WX7QS811bbmtUpiP7MWjjYidyEG3PIMxzzL8Yswy47+jCkU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VUZmGLVkIziPPvgkfbEAOQRkzTBfl5qBRW6iOsnddVn1BEzNRLtdKs7TAv/XG2YhQxfz2PEtQGlI6
/Xc0zSBiyfKVB8eo6k8Qahp8kQ71hhkNQ2MWKRG480ZkTHhDPgms90GuZJ03fDh4dmElj/qvo203
W2U97QRAjrFw4R3YyqIhmP9d/gAxpLWC2QgNGtRQz8kVXpyw8pZYDrjZQ/QdWvlpUSTAknqM8zj1
aXAq+98rU2SRmvgfj77Bppcy39yg1qHe34gH0CqJ8ZPfhjkxBYDt8L7GGNIzjxDVuplthxlr9H+E
ryBYl3MM976GSkQq3qTTbQ50nitsJ2Re7cgHKu7z37Olxa2Sk7YeU6Nb9liGcbXRuf1xdI+fbMQu
BbzZWNt60fvcK2lTl0+5H3KSboy8kgsC+pufrIRQLpQx7Km3oGoK++dsXl40tN4aIwTRYXE1wFto
jZw8aAmxRf9cGwml0kwSQn0yIB7UQEM9HCg4ETxOloMP3ku0DrVQFsF5xxOvgaJl4ttWRIGV/g8N
rrySGitdEKFAAS18mp9LL9UOC13q/Drj6uXOFY8Da6nW5cRg9KBp/DabH9kyklQFQmA79V9qYmme
0LxwoiUAOGNX1BkSFtQ8EnPGXrPgTu8AgA85wrT3pPX4VI1qMpH4azYN4ObwGoAyDc3MWM6cH8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WbEQjUkWrT3Wf0XhGtSMaQ70+uTPwQ/n5r1JxoZmvvkMLvrIj4Cq2X5CK6aq3JdE5P58xhCjkGV36
42ocZCUum+XC5rE1U/yZEUN2zc9yr6YldEHyHIkgPeKVEflQdD5AJEADT3/rToIq/J+39U8b+tdl
09BcehkKpL/IaaxzQkDu9ng9FXVX2KpVEgobFc3qyXX/P+e22JSmoB5I24aHdpP4GdfD0vDZ85D6
7jpdw9bT6o1JiKrohE4hqTp+tfl7KolksXGnaBI1EmsTQrHFYe2UtrUViGvNkaQNeLJvbvhmzB+A
edCU/h1GVTYcsTMv0xWE3LBbSSdg708O8oN6Hy6Z1LObgciHZgIzA3XH3o3ywJK7EbiR4Kp7pbzp
bzID0bbraknimNuXJm84mXui7SkW0O56rB7QoazjBydDLw8BRHaj0J6Z7DN4KfKNI0++/uq66Bz5
TknrB+cAOwAqtEIfUAlGgb6hhAOsIt2GqNemtxJd1GUflhsrK5KiWK8LQEkIhJiu0kNZjxQzQFyB
nlNjzBs8YarjS+PBfj3HAVrap7/20kku3fhpDhq9Jqpaxw7x2Qnwym50+TiFoE3OWZ4AxjeaB7k1
fiOKp3yCbts0xbWJe0fBlNy4tB7PcwQNlJi+hT/6OpnanuNYvTuaOsToMHfjpyrYusMuWJrujk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\UserData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IzRO5Kb3cO4YiHyvGLfg2O/WoN2W0+sTg0lyNHsd8JLtSZOfMQ4EHnOdoB/FVot2SR+RotXs8ehye
YM7rLIYRn9be0tm2ch5FUp7RgixAh4GtFnwpcCoVkNVX+MX3byEhCf6NAy+fC0FHDii5F9QcHUZg
uTIoxfe+zg1rMG0JoxwpcqDXc9d98wG1aB+ZLC3jUWuZCFLur5WeM2BBNprwD4ypWdctquDMBHxa
NhyKZ9CXVDhMDZQMDgAetgfCIyxtxXsJlK0ofA6CHDEOfptzupDvBLpPzzoORo3vqA+rqbzofR2u
2bAu9wi7J3qgwguCnEipyXFu37KG7HWMilu/H2LcVSY8H3FFDyd+z9hiPon/kOYDZQhCJDwrse8n
zRQ8lXLD4NOrMnYbTb6U1ibvMLgShFm7OR3JI/gbI1ZM8IwylnbnSsOi9dMRS5hgPZZbLUFfL630
ZnvUpT6+ZYpxxINCuP3xOWGIWHBwU3R8WOCZomCsEtEogVw4d4KZ/Z8VLOOkPT2slwOF2+EF+GY+
qXDQDHBURg5F6aK2F5YfjOULtz0SBFqwed625uwGaA8d0TRgmOtvLDD8w7Bq2kBSCalQsdTvK6lM
3zSkUftR/Ao9+k5Fi4molq1LTCdXFhrccuWgl34skhiiB3CIGVYZIZy77v29ryTwi6l63HKO34=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PH/+JqI6wm8qinq9lZR24xbBywJ/KlEa1xwXHutT6E7GuyH6w/7nJNGscw4ccHog/KaTwmWxk94dJ
bIvBF5F53dmuwjBfqmTfRf5y1kQdVnRCh55DhDnT6nMtxUYhlM/ZNekOMcbbW5nQpf145t0r8sCY
eCm10L6rnpB/qXxl20Gu3os2fbtfBm6qrlk6CEcDUuzm69FHCIhUCb0OzObuaCC2Z8ba8DK0pciN
CSLCreEmNm2jdeZZbhLKw9LTOz7+WmqtYilcQezBHGCwhkCRQhGNSFruxqw1cbBZE2h+wqxsz7qB
BkCRZz/A/jfp+0/CSirFAGc9WoKyvNiDjtnSpVQ2SujkIlF2U+zDC8N8UxUOdrlYP6x/t0WfWfHV
OdXnaZMZrMcf++ltdROEUvzaSeLW5OGUVYxyZVQZM0JlCp+XljHT3kUzc4PWmhSZUei2e/P1HVqU
Rg1UILyqXOa2feigLY2Bp/JU6NpnyUq/eyVhQ1IbjRhx4PdWAYdK1fjHmnaoGFLWrxsZmEVLgSkb
YmVb/gT9PCe0pDW1LynVVzyvcIWrQdjaQVjRJ7vsRlujdY2ZRYadgY6S4lOVSWWCj6gHpGrY/XUZ
oaaq7kLhnz7nqSNAGjCeY+XmyPGiLAkP2PIClOdnYilapmxCCr9nJexqs1QIwEMtdBDbClsQ4Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OFFICE\UICaptions\3082\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gDQdW/FBEO4x9pEHo9pPnD8qVYxvJxgEqI9LrVwykTU+q5QfFpUKKJIczqTnsMrFAkcZQD64eVY79
GeihHAey0CfUjK0VSkMgbDvIZQMVCLdXG8LAxBQOkPn80+O+OTfKsW1m2zYAJgD/ROCVkvZLzns9
w46SPu3DqwbtUJOjYMttfpXge0KbyN+zOlH47K0GPLwQk+r8zfdh5fwNpNgKW00c/bAQOigsIZ6u
3LJuR//N0pCoZcwc69JjUhIkVMMrPUDlWiRJmk4Rgg9/7hgIB7VvUDkPetmarQJ0AuZTfczp48Jp
o9rRQnDpYt4+TzVRYOPT9d3R3XiZu28V4+iyaZfL+KVYfGGq7O8fcqA2kTnr5MyaiIe+jevvHREJ
G3e3QTLukctk7Gpv9MgA/slIqheNTUEaLu2x4v80kZnX94iFFByV5snb9r/tmLea13iJzAZyxDbf
L0q5tcSdVq9F4cWKrocpw3k+SPz1naJml4yINWw1E0bpfmzpwSDwLl0B7irHrNs7i92P/dnet3px
6hQYQQlNXKt6bwC0ucB9n8WioVRSOqko6ObZIRiWmyKO2qEtu3xM+KSAIvXG6uV1tpbX/VTKF8i3
9sWPDRxwkgYsR2vuFKl9kqfnZoQXoI9NQpVQkLCctWYJlGfCzw1WdYJR7Sg/gMTSaG/1tWqzf4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OFFICE\UICaptions\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FrNBRLf1GDmvSignpvyzbqN1bKNhrpk42Z2wroZ5gr1ICw1TzCQZPe17xmCt9rfjGoQPDUjeItsLp
xhIBTyyEhyAsHoZadZ9O/F0QSId5Hk3UMzEdZv+Ot4VV9OMZYiGDs9WaDjG5NSkgArYcwauwdNs9
qTnXWFQAVZvWhNIgzXodqqgR2WmpETWp4PAxdGBQXgH0c7WAZBHg24gBsoEtaZ6VoVTt88//Kkgm
mLG4e3id3i0UkWqB4P2MbswfCNG38pOCHk4fJd5t8q4CyTqu49P6Hw7zzIgS0zeq7sD8cpRAF93B
iBMMyHkIWFatJRVY175BVhNZOXW63n2FBuXKB2IdGQoH2VXzPuztFv198zsna3JFFxRi1UX7xfkU
d8LdmBd6PJPb1A4fzlNQiiJy/owXhSls3Ci72DeqnQ68/JxoHH5e+7j/u4qVkKSqwl3b/qxJnnl3
xq4Xo9eW74JFI7kgovDEO5xF0tPhVWRvnv/zh4T8GZ9kHvjDcODfRdpjkT/EhiilcLU3Gz2bKcEB
KiZjPBFcAUHsWfdnPga0H+l5RpSjIZqo7vGB+rRbxyTISq508FYQZIt9Rbs5B0KeLuAuVvojQ0U4
44UZldgM8hJO4I0aLK3RBDJ+ed6NMtmMZtFBhR3E5wt5GmjreJY/WXRnjwVNHqgzzf+FT63X14=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OFFICE\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TRL1F6zckt9vQzncgi+zlKl8UdMbiojtKaEmW9SmEWQanG4T3Ts+rmygkh2T6CFi89hLHTP+LBL6r
4+1HYkINlDTAWF58gMyrdh2SQiWTn0fH6f3HZjIo0Ji6YOc+SqRVQai/6BWKpwfXc2JDEfgr4i9A
g1hQVlhXN6L6J0P20bkdkcsLUz0t/FPjTLNn2sZ8VmVF9v3OzlgSjnGGFfyYqbE8Y2vNtbK//CR9
Ulz2onTblkzlxUu/pfrnZSqlj9OFoczMp0oDJNThXCF5PEnluxtNwP7ftTrBAD9QScWT8HvUpxFw
njIXrjPQ9qXQ7MvnhcRIPXqQcCEzKF/yeEe8+jfh7eqFyYUTPNzFo/PEVyiNEK/zUYrc93O29S8i
cN2k2Xgs5XVXq/7h3g6ndkMJDqWIkv+Fp5LVYDFOD2SEY68Z5dVykHAcP38KOflW1+mG3zSURaRk
CZeLKvVobaSM98+wllzzlSMdIzlgI+6pUuFUHsszX7PLelaKGjvqI/ETHzBEQaD5svJ0SeIHCZGA
DDLaJ2lHek275AlyFlAWa48WecaSCmFxVJhvEi1BDluD+eLaglGosr7xrFp/5HmOSK3MXobfksAH
0KsSfJguNmqdXAVgwY1czmyoxtjSq1K3ZgpOEvBbJ2vGdS++LTrrw1QXgE/S6aFJljAuXgZRok=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OfficeSoftwareProtectionPlatform\Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Jxyu5/RHsapiBMYAnSUCGo+4Ohy9+4+B261KK3kl0WOGwDPyDMNLBzD685aaECyOnC2/NuVP+JqCG
hfE2nSMimeiheSFsLh3lNqD7qOnEcHO1WMUaDph4iOO61Mpju+Q8AQjH+4NjSBJqXxgCGueFTlz2
kQSdb87JgVCF8wYQZC/6yF/M7KCbJGNDHe3NLsHPitvUuMSa0AAuj3uDE45/PxNzhH4wWXUplmL0
vrkih/bApIJsYN9Z6eSB2ZfgwgfXvU4tt9qovuPdR3P4hq8DP0sVF/y4wrCtvnlOpHIz+UHfIeyv
VT2FkQQ+ORHncX6Kh3QAaRu+C7aPOCqppKiFo6SeczRnQahHSID02fAW/3fNjF+1cK2m0d0xkzR/
LFvaPkoRNMqx9ndJosD25xxJ1PyQNl0LoVax6ESLjWRirz8Cn7Gp3kc2fFTfGNYcxbRTpwCWRf6v
s4HRAYw315iqrBQ2eWz37lZZ97L5CT0EQmTXKSy5qFRequ4VAghydgydfHGZcioAnj5rUenj796s
GLoCm0LdKTHZ7QgLdeDPE7XbwvqQaWai1bRQNm83PikSLXBcR585EBBQcj28WKz2A1p5BMtkm42+
ZkTGfTt25ZxB8tRBHp5Eryz2ddnr0CWMy1cifxu2009HaUiIilnHtnEvu5n3OyMkZsSeS6AScI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\OfficeSoftwareProtectionPlatform\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lTikQdjscd/Wf63BLFKvJHgucDgxwPtjrgX+5YinHHYrhalT33eidSYKbNRCswlesjSEortVkUVUr
yy0N+aRbaUasdpxQVIWA1KGXfalSxYnalrhw2hwmOq5hG+JmLIm2GgyyV96ktg/x1zz9jLtFq1rK
1enlsBzkhDLCi2i0HYFGbgqLQNhU0iqFoIyLSY6BVi1WEckiUyE6CFL6ywpQpdk94v1zFXpnweNV
DOehgluZ0NUdFKLyGlmABT5hgZ4Dk/8rLW3yB/u5UXvP+5Z482E6zIgYce/q38RIWC/JoaDsjcpm
lBT8VfV6mXBWWj3uTqEqHlURoFUx0wVEoi2MD1TsFwU4NKYJqFA+Wqb2baBoKgeJTh4ANNHOEtrK
9piqGAX1CxZoiDz2vOSSTIju1O9jX6Y3XV8KU30xv9iWdLyizSaPD7zr2RcU+/Y81G3d9iKMPk7w
QiQwF3OD7Ctl7gWNzKuCMVWNRy4zL2j2WmGvNWr9KFTl71HG1EPR5rgmBeVJkirdOLXCYE4fmG6g
T3wzTIYpn58/qIxueVOQeUAhrPtqEV+urO9lgJdXKgbXQ9wdf1tGGZkhcCGiM7X2tByUEAIwbR5i
oVGBY4uvWh6wahuhwYUhEvqh7tJhhXG/muygeffgNzNKoClixBpfXDN+W0TPqPBs/DRwO+4PUE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\RAC\Outbound\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RHn6sQw3oY6sVE5yCoOIHRF5xtaJ5i8VVZcNqKeXEgcYGkjxxISFEc9iQbdEaD8hrzaMszcOMQ+St
pW7rkjoVj9lMohcHgyiPEXuP3YI6BZte37bPcfRnh0WNXOW5PgdsKiDnbRi6KBAC7LB63b5XoQ1+
h+b1hnv74/JnASWkiWZPNzRvafjSPQwu3kESxVbb5cstU7+tunu08JX5PLZ03twWLD9XI9NNocaJ
wBIHhesZ37YKRw/tSPv3/KvF8L6njKwN8WktMiGnaYAho9RK6oGBmmzFQMEgCMvmXtiilUEI5Fs2
PWGhjy6ceaJctntezm6LGgIiiKX4SNNMs4X0yYtn7gG06B/mfQm/QPoLmlC5jCGB9Sx4PxRVYKDx
8SaoKBHY6lQoeyaotW2k9bTh95HwzO5c+ZYtMmEW+iyfVNYZLZEykKH30aUHrCxkqc41CjL2sy/q
qQvked3TetI8cflyyon2umGMKg6ltTqVlY5CV+x7fbfWPAe8ceZyYC1UpR+iyfEDh+dqgkUDNr4g
yz8+QVmQntw+V3kzUZuFgxLO11yW1tifuqZJeUTp1o1iwxtJgn77YC4EbKZGQQtS41r9YGhUE/yw
YU5qtyyf9Av0sOcu2DaX6c1smgeIxSwZdtLwbjzMXLhXs0Hoj7xhOGDs/sa8PokLHddKECbq6I=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\RAC\PublishedData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
R5b/aQRp2iUWjI6Xw+SBBIPa9cv9iPEncjQKdHG9ebKer0DffxmMdJVir92gt5i1hUv8elIevfH58
fCW8CuKKSjOroLQ4oYdqKUgS991h2i9bXEXt74oh2ySLL1zNAZnmCaNF3PegOoSPLT7y7X//zx3z
wEYK1owGOQIv0ON38c+G2jmih43CUNBkG6JUJNaBgp5jayoclxZObfSHrR3CPG21weN/TtccFSJ1
vGDMtdHJ6gpuCpMJOODlH6kn5xMwm7Mf8Rbm8y2BiUdJcujaNsBUdWpXMm/+/j+EHDPja30jVA/X
xpZpbgL5UInwrdjT4Y1GuXBL+ZdFgv6sMEzrdMlMuqbS1Oo25q260YN7JhJgWjwwRrXM5bJ+Nj3G
RZDXtV3ZNl+nxASQ4mWql8c7HQz/9s4TH8mdWSpEG29vSVdaD9EzHFB7HD0KsYuX18CLIZI8HlAd
7tWFItEm8ASqOS8f/5w5FGSwHNsN3WqC9sjTFLtIS8FBQFqMvXuY+wDEXJvVnvtqwjd01XdDlBTk
lS5/xui9lteHuvdc9B6HDPfTaJa5ZF5cEJ8wTQR0kTZvOHzpKmFoZWqUrZ/qyVJZnouWOoEX8feU
wPg2M/YIE+GPwpBgdzsDHZoViPg4WrD+fIw2l7z7bEj1B00wax1ivm7OVJPCRVIKHCZmCN0oO4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\RAC\StateData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JbOzyhrURuk4n5c4fSd/YC3BbhFGxbqwsoz+2uXpj9nnio0orpkHfGMhmr1NM085/oBSf2yIUeAgA
E5Q7DZXkJFtbjgHFi/IhnbJKIIZgVDCKnUkyf6sjPLIkmzEpbQipcTg+F7m3UTpweVV0uCMDkkhc
ouUrrcuDTI4+r2aS3E2qg/OwfG2lbbg2jIRAaApDGHer9WzIEB5CrgrnHkHlBqhujJIsCRYg8Ccj
MaxLJ45xa5iRfSlehRU4ZvpSyj44S5NnoIOnrRAgvLPgGik7XhymF5hf27s0EcWLA1diQjFgUc5F
uLz/1+fxnnIdinsnPOdMzoZCmJVBe8dqNQwbwvGK59RIZxO6yDT55PXdDjCqtofnfaIR5EvzTW9+
RW+bf32U9MG5PBrUriojs2SoddqJ3uCqWwzzR0r4CtzQUYG+tmyg5ode/KNWeFg01DN9wrq2xVC7
jpN6kIkUOhy33Yoq+lqLC8qIeWfcuoPkEWz2VMKCishcy9hub3SF+/t0AqE8t9rpwrKA9/QBOEpc
4SZHFJxDaG6V1B2YK9h//myZr6A4lgqTPb8C5d536ODVZbJaak7BRM7qjQ7LRF7DvbK/Mr0iMTC7
E3EUzqrZqYcIcAP98CPIKIER3GEPCk8CRgm5S26/58YrUYuOHxcoaieZ88PZDIO/0JL2UAZjRA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\RAC\Temp\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
LrDqmTH5BX5vcW+Hi+io5mPFtjB679OZSvjsxyjsm7ie+eCcPcDj+PiBIsisfpo/dBESQ8DC+1gzo
YHos/OG/JbaWyqIJyl4dv+adiYzFbXlG/I3llcxNTipC0v2nIv83bTRGYnY/uDBHJ1eGNs0NxyPm
MVlg/2Mud48VBuQDhdtZGS+Dbk3/iXddeJW6BndXyXk+MybSYu29tzjChwWGeBNbBmcPSCQDV3bl
eaReuG7nkvY6LGp/uZEvbe6nL2Qq1YZUPoKCnddjt+7V4mUO29Z3SYgGEVhbRTFKMs4eARTFfy5F
RAJWHSL3N2iPDkW6iV2o8O9qkVmSx+dB8nExU4yoE2hB3WtjWHOEXxSjScd1O6ZIzSpMLtlfQ4xG
NHprnPQXbHwBclnlulkndExOjNgRCi3yjvVvjrHWH9oSy8vROdtwe+2IgfprviDow0u/ZewxeWYX
UB95nILbuZ2b55wjDqIIIS7dY3o182lBQ99QSP4d1qqMQabZZ319LPHE+TZoWaY0azXUlUF3Bdy9
JN5Jwe1mK6lYCG9qxJaDThhJtvL8LEV/6kEHo2wiNnqYmfViFG5x5+kolIjcl94Atc01XR3RbATH
BKwnJ6NdpBU3JxNyLxh25mL1DwBayikXSN22k4GgbrBmicHz8WI1+cfj2dLj1CuJI8LR20hPCA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IFg5+pRaufjQGWRK1dB6FzN3+QUD/ji+wFZ2HcDnoXhnDAatmq7TptsoQZdRbE+MqwhM1yhWMa9vQ
0M6UEsoBPiSsbPKG2ItHjHRS3FG9LUU+yjzFa6M0WGV0HmkxfuE9NdtmysVqLF+aV8FToD5Tz365
7XX95zaavfPSWLMZSK6QlgQM9t3WlQluB/6ppleLZEt0h2q5keVeFOjjbftEGU4lmH7mmfdVi0up
FAPxwwdccqUrKkQlDz/CFia2sEX2+sVpcX24pVqGCB9HTG5OZjDgiEfVRj4nk8jf1ywJXcvpmuv9
CJK7tiMgNd85EGjtZN8Qd/r3/GY3IpZb4WD5C4fyd8d7+3PemhvNLzdqHzIZu3FH2XPD/PTT2hnr
Z3GvysJSOcnw36fpoYpFLDo/uE/FFuX1uqM7lhA0YiKX6pEmJ51XITlmQkliMJFTKN2adn+UtNcA
dM/UQfqE37syU5xmbq8WQc3icGnN1YwNGpT9sqNNA0uw0310czvSL/TOKT/Bait1xD3mdpJyUDwm
EkzqA3tbF+vM72A9+U5YL4zAdjTclhhTJwEMv2fJZkh4QR/eG0iuFJFkPofYnzljE9283g8ZkKLU
P/bFe6k3hm2xZnuKRlwB1a3Sgllzv6AZi89eqjvYXH8zSEQPo6ybBnSYfXltzo+YwmpgtfikEg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Office\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JRgxpnkE6o5U3kPKtiyb5acWPHndQ1gfZSLrYmM7f9oLFealnjf0uqaOY61Ow/u/PWuURRlNmP0GR
r+eIj2PpmvTOv4jENJEzq7twe4LgXiqdau4annFdGiWc67FefxE1zPFqwbTb78Hk7WYR2UVSOwqJ
uhrnaOSo/zGcULVlJq9Ini/od5eHyFAZwabqFelHwSJMoOiqoX+55JeL4daxp8Yqmziu2OE1MWhS
81H+0x5P3hnKzdmsn550ckvewnd/mm6FhlpuHNqyT8jtfQZfD7O/3b2um13oyUCn5g1dwl9nDMiB
oq4YBbNdj0zqKCYdYU0dOFHobfUuMeOLGw4wUwiNAanJrPbReGhsq7nDWtiztZlVXCENFpPu0U/P
8VRFmZHZU0RvFNkYvquWHxx5vzOVNZ3rXYxhES5M5wxjB+szsm0PAibxsXu8PkExBCDlUlqKCWTg
di6E4CHFp4S/DndIiwkmAdz6e8GZ1i/tSIVcc8OuzZQzRVG9vyP1CBIOkS2QMkxEBiNAfk+6RIB4
iXSvhg2d62AQkG5ouxCiwkJcfwls+6KPbLvprG6JLRtbv1Bb3iAbRqDj60Vi2WBnDQgygVg//EgF
nU7BtwsnsDgLqfOOIDJSHuUkxqqa5a+ULAd/nDNe4VUud40I/HlkCPhKUqtAbWUyMksr3wEdIU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Proof\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GsLvsOeoW+GQROQHHITSAmPmBPk4TNEKOTej/6AjKff2UFrKgwz9uCSX42sOc8xow4j0jn/HN/6St
zUpw9HZfugg3fvXZeFkLfWAWks6XkjthQff9sYljMc+2CMzJ2HHRLmwG3FeLh3q2SDoQt0rYjlb5
jKKU3EA4EEOMswtlzbf4qylf5ezLmTXogEvcV8kj4z+aU3AJQ54vcTUsuKmrz1QpYC5TDCr+fcub
zfvy6m9VuiOnzlKk3JFXTIc7Ow/NacB792TGqMWwQsLeltdC+TsGD04xe9aQb5/QMijIDmLxXd35
lgtNWufRepDPUjOLVtuvpldznoMQtC8smC9HsCLzgUaq/oUpmzTphW8d+PK1PI8GDZDZwj0ywQdz
BXrHNDycLF6//NqvbDD659MHUcuK+dVEtwbY2kZdhbfJB0Gf8N0FhLneBMFP4rD3KZGpDDaiLXgO
E7jcbnIO3u75y+WitWUFAayuydq6nTwfIDxL8Uq5ceejIGQnq2RsixEmrVM7Fo5leYTx1e647I1p
s4mmIo2Y1cGmHDLiCT/JrpJUtSCrmkLd7KYdr/7NIZ/uw/zOU576ktCeDdvxsDVbR0kfDBkhA2+0
iqAqcPJoBOiGM7MzD+kv+4ow5XK2CFJGqYsRgqAS5uJ+/qaWHY/cqYV+fpZ32VfqCIMN58j3dU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\RAC\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Y/bn+vAY6/ipAkcphpH3OPH1jqF79KxiVNj7k2e+RrsLTSvRMQNmWp4vX5ZzMuI0LaOb6Qhimjnpn
gy15Y0zGqsztEskL078lsNnHP1KiPXNK0G+JQu6HOnkbfmZ3hZFndaQnlsOTkkNiKgKb157Gz/6z
BpsFggIhwa7G7zo+MipcUmY0Y7Rgx3PlUknrBMfIpoRzZS4QhOaLJ4dAgjyFmWkNPxZyxGDrzAY+
/ygRT/M5QKwhnFyssCQXKcK4PafpwYQdiwTCPy4of+tf+YitJZOk/Ug8LksnERk6JmAnN/Dvd+qv
UZpJZ8e0cBi0V9F39a/9mNV64hnhGLsanmNEf1f3IxR3FLN2bK5yBFheWKKoaSelAWw6btzo+rb9
oOYbvQJybjh0AkbgZKTozoqg4W0wtof4FBEsoj0ajCPr5UR165W++MlVyAs3gco9UE0sw/Dn0zar
nkECxVrXgX9qIG5L6ssM6hemqbhHG5Vz68ht2AjNgU1IuGLfoVPvxtwt79vWz/8cPvNUMNBrJc6e
Hfs578uT1q+BZr8B4OwOAHWBoDmP1Euq1GC7ZZHFyS98FNOxsyw04KUp01q9bg8YtYsjALRE44X/
mBNQp8fqWiM/5sFrCu2h5BoMePtK6ejvOQEzyHJJi09N1UBX3dSSXZDE0HFyY29XZWRWv5ZzLo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Protect\S-1-5-21-403932158-3302036622-1224131197-1000\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XWoFxNSyT32bL6hsZCbDZyWEez143mD1HxM6znC2E8civQ03T5P8iarApSNBsKBmgCqPPhvUGdoqn
J4NXE8hHlI9BJ9jtTUDMer4f0tlwj8MZmq1fiKOveJN/Ml7YsJUmjbkbKRn+uI84WiFDbJ4qrzZF
wcN/yNYbpIfWt6M/Muy7sMFXwYx0s9d354BOA9fhzviUWHLa49aPyD+cXM1jg6oTVSnTvSauZNEd
ucndCX8klPfSsFSJN9D/jfG17K3KaTlJof5DNUZEZaBkqrcH6sJTlJnV6DGZU8KMiwVss7A/Lphh
dWyVgE6mojiCYLSFzuMOJ/PpXs52z05uax7A6e0rTfGLGR+JqEOzmWKR21WumC50ufScA6QXD+PE
SPINOH354iG51W3ot1cDlWVNjnKymC47yUlv+9Xf+zCFTWmDScvnSCBgjS+xux9KqSN17Tdx/5Mp
7yVy/uGQy7ftJumKgXFrs6Y/nX/qmWb99/sw0JFQjjKlMpfOZItvTxLc0TmSEaWjpi+belN8hb4m
/R1Ej8XXSRVsRL0rKycpVt/ZkjMhg55WBmtlyVD5PqDqhaY2V4mvgQn57nePCaDjI6KR84Ta8eCF
tQOFpoTJB3QAyZU9D5c5aiYzi/o9wpWzlFL08I3V4DDN7k5Cu3a7nuko3m7ezZB3v7TPQWJqjY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Protect\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mi9LDSmaDgZO4LP/aRlCqlySMuRBozu04oYi0USKdI0Xf7MPG4nEfJSGgPj/UR3pbYI1gy0842q4e
XlhZ2WU5nqRZNRRkSR/dawNQ0J4KXaNHu8aRfDQElx1gQtCtVBQLNvByX3r1E0GF/rqIz+U/bscy
i3iTrj9s6nnLLMLwS7jetqyw8/3rW4yejcLKNqtfccbaohpaqg0MGPoSCr2c77gPwn0r2DXamZ2E
jEcrOjIDyP6I3HWp36/B29IVv93rXbefmeRQbEjYR9bvp8ygFKh0pDICRKFK+8n9yro3W3IW5mCd
tzohV1CA0K6ggwRvD3hqqMdbde03Z2TFAXIAaIUz7pcaUl1n2C9cufl9mg/nfbvIVieebswAH0gI
i77k9JNjyGRQu98nP7DUauAm8Jb14KbGWZaNBrSvQr14rlxqhXG3blqH9UK+rLvq6/MmpuWz5duG
Fbi5WeWSXZujUGH53d2+7QXoaGrszpJqRIPu/XFVyjhkb//stVVfBifX7yMVMeOznumgUZKAKW0b
fJInyhiMfoJEflv4PijmScYCt7mc60MsNt4wPuURUM+6GtjIeGOul5N0H/LxIzAKig2gqmW8fK4j
8iK2vVArUqvjGzSf2C4iBk2AysRrtkjnCgQFX6LJ6+VAp+IpgMDOApzGpyYscGij07DkknKJiA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mPoyuHPSzLugi+QHZs0qSLlZOfxpeALRPOwIT55YDfEWZOik5zQxqtwyGT1QoNMOlwLIjJ4zIjHZT
JTD6DiMo0r45u4wj3GfikrU748cIkmZKcYVc+a5lmppTSI1e1yhDs1+bVOp/Im3S4UkOfDSV6LGz
zEdeGx7h5+Zz8eAImNiEP9oPZ+8gFqkw105LghE78rAhTk0Vne1V2KjEkyXRb2vLFboNZck5gm/9
9gbsxwUYAcuzCnEbVUGYI5OJ4jN8tMVvROKsoDXz6S16q+3bWK/rqXXbaWr1tyBjm80c20dSPnVy
84L9f7quRxsdmgACvfZIcxtI+ZV3QRpGG/uFmXPyiGFqB8umKGiF4z/HzZL3GZNT8pnnZP8vrziu
QRVfZPSz+DJSftY8O/WVorR3nkFmwRT68U9mbanob1OHb3//h5Tkk51mfk1FDZ92PiFZfig4QOZN
ugyQzPxt+FCiQQ0Iz1mIeQ/sT2WQr6tJu/DR5th/MuuBVrB72KVS+GPOHNikh/3K8FGjjv4J+kaU
PRxMHoSj1UruQF5w2DytJDiUMgS1IOgqDNLHGuBaYCYP1mPzxMVCIwfCv7yvDlN1TETOIDlWeIVW
5hV9SP0JFY+Q5t9pt8XPEMZ4rv9Jq7bTEIJ6wP524FqEaL7z4vLcGbMHwtvtYVbWNvWUdG7AJw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HtHA+jhro+jLL/PGdCPeR7JSuYhwI2MBU80T9dYba4SCwqbZB1RFzbnFirMvBNv5MzSrvgv0EV7OF
uIyGgzjIhV2Qpej7lw0bfzHBEIgSaOU62ZLv60I+Ti1Z84hYcFuYJ5ZENXN1QwV32qzZcYhX5kV6
WipLpxulrxsX4wl05LBr/cesxmcIFLjo5U6Zy10s1MGL2hpuulHVcIyhzMmEsSOZmBye8cnbmIJE
VTp0HMs2CTX4lzGDB88vc2KKyYNOh1SZRl6ygZQQm76IBn+nbjc9kA+QLJejFhVeLPbeZ+E+AZK1
tV8jJ4lp/mQM6jDMmTl9EiBpjnXQiF/D2Cx+jiDZo7pbKeMNOiw5Oq82DnjEVEBgiiEevuEmSBGI
NB7EztV/fsRb9DA6SUifzBf0mpzSm2uZZfB0vrSHYQ8XrWmuBwtzu+WHnveubs2vF2ibYwtU2eEk
vGR7g96dXzXYPqvvZv0lx29hSnocAcPQxWTHyUZHtm+/stgE0hDdbyMU4e0ekGwYf8p4+ps7A2mj
KOwQnqR7+PEauEC9zxB5RCqDbWUecVYJF1d+sipDcPq+MTpPEOlcOfZSKkfZ2naSPz4rXKmp/3g4
SBeZF9rAelEHF0YV/UCLVdmrbfObvYWL9qUXYutG43L0z2Cv3yUJGAk1ypOWcWXzUkdMFvCmEY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Kj0nN1jN2D2cAZYdoVsoGNuwciWz0BrUq1AK2iYXv83tvCRfvysW3Zwh+DGnAfvatPg1fHsriNuwD
B5VXBR6ajAbBOgFEOiiQriVtMZnGZR1+Srn/Ydb4Ft5vQt+JiwD2EqnoLi9385MwAfcWhW2TYWnH
xph41fE1KhmL0FM1Rdwyjsv06Xz9MjQA5BFrX1frTk+r0XdXkyATQ5QlcnfB6E7qKygjsfZsNWj5
cQWeWzH5rUY+IHEzbyRwdNFCzK53BOqznPYJEl7Wb1Cn/flpJmEJEQN1lVQmJMA57B5UsZ2k/vSc
Z+XBatETsoXUdMGijH/7KWM7MYA3sbYXwniTjF6G92jWaOzDuWJPk3Rpy2Pg7IZf7fNFuOn28fQU
26fy9fn8wTyUxMy0CAW/EdGy1eUiyb80kYj7ZsQJLUbGGiK0K867MYVM3Xuyx3329Qha5mNBAVfu
A606nf9QfrXb4IiJvUelDQ/TP0vIIiwI/hd5R3mK4r5fSOuOXCWFbsgohh/FTJ7v0qt6Jb1QxQ8W
2sJJYzotsxAM6Op6pq/kQRFDuRXJos7jfOjdVdu3vfa2OVlYX8LxECK9C6A6NjopdnWhqyn6Ha67
RcrKJEmPwC6VYyWDTX3nDdsLjgZNfGvGekkyVKYehRNLwfXNNfYlQRV+FG/svQlYYi/0/i3/ow=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\My\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
C9poXqv3ifPCsXE6sAdLkV6g4Mu9dWiHYroKZ3jprWN2O7uUkuJpdUwVxSst3v/u334KfC4xTkgyD
jEB6TSA6TrXtIcBRv6EJV+Nlp+lALebP1T/MaehxJ6pNdS2bdUsyTMHkJQPfvqGdE5XzsUCHDSMU
OzQxGefjhWYybcfmWXnVx2lTOOBTdh2MGROQ5UkLqDi45tQgE2IDcJTgnHVv8923TSzq3g88LoC4
vpcx24ZUgPMAsUeQjE+dnjKvXnbFos2IpsYOg3ED9naLFI8leWYX7ak05Du+ne7u7ShoEvoV10ek
D3lyfZY0LqN3VTB2vD5sktQUcMu+8O7PEo+mC+8JgodKrqvB/nczE5cH+t6vYquLinJahCpDG3xD
E2zZvO+Yk50UXg6l023YQI4kjzAecUMVP8CUx1SnKOEWMzLde3zWHI07bzrg/AAhj3akvP4Nvqxm
yFWPSYjidXTHkByVHwfOUSL2RgxDfWFLabdFFs1m/pDrI2pnsfnFkMw9QL/dbfZX/Ew5yqCaRNaF
44EDnnm56lCqCcuDhB08y1hHPOX/GAnrc0oVNon6j/zaEwTWGK0LbBMlVbfCWl73Yx2pjk2Po18F
dGuqQYMV5u4bBm7aNsN4iVWLx7cv1usQeNXmnB+WrQ8DRyo4BUdhPhrorn4+RJ73LEqSaJ6pDI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\SystemCertificates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WL6ynbKkeBdZjFNG5wz3rlutI66/iVHnkcBzE+yx4CNA2EIqipW1ae/urfH/C/eoj3NhIKfKLe51u
KZsp/pEEjpBa5bkxih4LezBzmpoZLZ7D8Av135CDPf5060yW0qAgyHyYFZlJ11fuBLFH9QehZ0oi
jZZxjrqZ14OwHdeOCNrIXHibJ+fcgd9gAR/zJqtfjFu4xOJBafgCiiIaIPURRdulu4Xgk1WUrKXH
jEEOffCl5r0lFEmD8rJB+2B4RrJO1kxCYMQCEZmLa76amIhdkeGnqhmNkE2SFsDVU8i5+sromkNv
Sq9R/6sfaCP4i0eNhQq1N88a6tREY+6eHwZCgL/rG4gYbP7Zni1+4iW7N6I6rQs4T5fip0RfpBuX
xuxsG4712qbPiphdGnLefBifAgkA6QPU274uJ4dnoH2ODeD98G29mM0l5WPoewOrDFS6oPybsePC
4CPBrlEAdcvpcLJ9T1VDSXYRKMF7fN42uuYiGtNkrtXaDK1wDp0m2agQq7PK6CkHnr+8fs5zE7yx
xNgJ0RhsOKPDXbwut7iLhNpTk//QRgiILVkXGS1UUzJGaVxcA9/zMoAVd69glDF/864LDHVUexZJ
oWeA7owhJ7G54YaYRkaigui0LJA0ee2PaScpl4N9t2l7z5lA+38PmNpX+123cMkwBz3v2uJYAQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Templates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dobU+fa5y03OKCfkShK673/3SBAA5Me6zBa/fZ3cqc222tC1AVVoQmUIDQLP5rY3gCKe18F+G9la9
D8WQ529v5gjczbKMbW4oGfaoOjpvLFHmu8evu2VXBMr8x2oQnHvsZGNaJLj2F7BKLZC+F+p3kD8D
Xc0ciVGvP5Pq5nM6zIjjUgnvPLYT3ZCJ7C+Jc0s2h4C91QtPqs8yYjLTtAogbIhvahxiRR4BtDZL
SfbHnKna83SyeqyUGigRBl284skkJbKh2laVB/bDOLWIFedNffU0yJ+MRAxz8+/LakJb7kJgEhip
AIxgfyWAWYH6LLyhelDJeMrPeO6MD5CJoHTMjOx8M8e9uJoD4HupRzyQvfrVE0Uk1xIG6dRmMNNv
p0LnzDry/c1IZs5//SoQ008jZN5B0S48a9yvEkeuyQNRUdViv9HeLnDCF9ErTunbvGk/VodqT4+k
/7YQ/QfWZqZxVFUIr0NyJTVdEljDJjKlU7gN/R3Ti8VgrcX3HIHXzTxjXctVs5uy4fN1qgymO8jP
MXsc1FVzxu6uwZIPlUbvGD7VRZl8VvsHjO+IAyHLbid5o6PVVbMR7Oz7kodcQdORvFSgIjhB0yMW
ElnzxnGkZTDcRtFg80Hsl2oRr/dsejN/gfCjO2mrY8sLKa9S48sYOc9DNhX2MJvV6MvICvGmdA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\UProof\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CQhoxEvONm0CSNZebM8UvQWTMrhWznvbGbUqFUKkgnRlPJFetrYydgoClswNBO6rMj1ylHaa4opgp
1OLyV9n6wayWJS0D8u7hjgsKR5QVaSuqcTVSBtRZs4kK0maQFS4Ia+6R41Hay0QoFNNiB9IgPujK
3cQtSUO533Mo86I51dpMuLqKZoKUGX4hKJbWBCiu28ipf+3hlnhS4IVYLRDFCTnymwzfYUcTuEIz
gViE5JGMEpk7OVT3sf+KaRZjEO5xQUYs4eqkwFwbu2pXF7Lv7NRRCjiYQaCIf8lINwmPD7HVeSry
IafNKgyNZot2drmuu0acBGzaVlGfUaspM+37G4mRntqeb8VRJC52dzTgtYTL3pX1qJycLh7j0rLr
81p7WVHg4PhFOCUQZ2vut2kbUGskCSV/gIT1Wx5cJscSQcYQDbkDb+BN2P6Pf0Xbbf/mJiDGdfDk
KCMx8NVTWc4MoBz6b8MxLFyzheVMDeUhvvj/FeECuEIDgr+h9frKM8l6met8c7TY6Z+oItH6Wsxh
yP9MNuT5P+BG10L/D8exP/HBcl6s9mfBGOMg1pCe7g/KKQaRiaMbObTn8ZBBnYyKAMHe1pQVjs0l
cNRfY+iTvxZZgDvc2CxkY05IKV5Au7h4w59oX48NZVksabnt7olqo1gg1wXFEbo8hNM19sASQg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kD/VPoWxfKaBvH2br0cIOG09NDqKpQE6l5UxGaxc6MfI4ypMqTpV8Rx0LYBbz4X2JCbb/zCNM6bqb
ldcNaIMy0voB4JkuY7X2hr0WCb2rmnCLuGeWj1qN8+GrSpKyX/svJz2vDOrFdHvWML9MW2m8y+hx
kQefsHWlrYZKAWWi4SJhWeJ7twoB41aUO2FPpTdBKFovzhz3cyJ8m27a2h9VVMorIY9Ciil3ApQa
fQC83+n0EAC9G+zqTvpgJKeb+82B3fsRmC2VQvavBg/4M8p1SqMccFIxKOmCWwWD81ulave62rMd
gxosT/7A6gTyLgsDWBVmkvmVA8dp1Bz+k5Gq4LcyjZ7hTYgDYACW9he/bvGEQlh9LOH5sP9oJ03R
sGMtg8cOSj6fdQtYbhduAddBWi/3VXzbcn+MqpSTnye0IybqCFTQ1Z7sJIpxHSnusFY/U8vp3C9I
cRtyOjAVDZI7lUVk6aJj4+AEh41ItSR+5lgNFIm9p7UoeyuPLF1NTVl94zesMN6Pa5cblYiA12+m
pGNgpqJ/bAOYyTpPQQQAcffR56nWKSC32BGTCOef3ZNN0OMLnc5aIKyZ6qyqlLMhIkP5p1aw6hs/
W0nqYLQujEPBwjLRyAZOEUKA7SX72/thWyovsJSTipZ1qk8gafpc17zRdCGnNnHyo//nQjrccU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
D+5de8vB1/P9kJr8Wk88MvrJ+on9L1Gj5GtnrIdJ90G3CGz0MBZVckcKIxbPg2aYlRuWZNGQZTdjO
xlYxxF/f9rwhtROt1sjJPiMZvSDqBeJK+4UiFsDbGpTgtCXogD++6CKmcbRN04R7G6yi07zWrQg1
Da5AuCmPETSIkpOX/4nIbu6uP/k6XgQdqkDoPZFRZdk6SMFiVU12c3Kz42A07CkMAN1dahC24c30
TNRlZDBCiOgqftvch6XrYpJyYx9MQkZTFmSlS80hdRj1+jhKNT+Pu5SSMCiFBXFRw1H/8x6j38Rt
x2NIvlbCiA17I9sOwh0X7IToubBzxgd30XsggRh/SP4Bbx8+r0FITqvz6sIZhIlFRmTmFc0jeL18
O99SXUfzN78K/kVKTphJoleUnONm1jb9frFi/9DY6I8SOnBAOElgYKPvEHCTCC8PdKyWSQIfbUP0
/eTB9tWC9NpnVFoBz1Ztb7rXykYoxveKoyC9n1+Q18iy5O8UEj5UEp8OGhMVvBPb6xEZoL4N8i3o
sc3BnbGRUplW98W+jkBnCitrz90R2y4jN8jnsKv3K1LX9pOKPJ6O/Wlt89+AxkHf1uXcX4kfx3jq
j/39aWL/n+qKXe4krReJsI8zy0THePC3oyMEFNfMhsd88gL8AYmZFckpTLXUKqSXldKsRbbrOA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\DNTException\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
A9WA854WEL0jQZV0s9TvWcIgJE+d9gfaUu5raKLZ7HxzLmGpeCtOZ31I25eGqYKcYTr9tFkEzR/XJ
8g3+p02oq7jbRESvEkM1E7Mv8GvjMYpYzOHWw9f4bhIBh5oxGSsWHMTEm5QJyfZ0Qk/2oImN3A6J
am1oJ5lr1ygXruNovED1Cr7C425MZq3Vr848ch9nbWeYACu8YHnCbKW1FpFKRBX7hcVl7POerb8A
W/7k7vIXw42ubrW2D086ruAW6TnjxY56CLYN5tmb3aZVGO0Xmxbh2hzrQwFX7/tX9cHcUw/52ZpO
FbK1qfIVbrL9eOhKlZVjmleiY31Jyd5gfUE5W4xXfnHfd2eo93kjSBCyq3ML3ySojC8vT7h+XxiI
Bt65EVAi0m2G/zjW9UJhGplDgAlRVDijSWcn9mXLK5QO8t878qCN2arP0+Sj/LdGI/hzBmHbYdM/
wGAZebE6E+bfk2ZXP+SwmMjoS7I7dVob9IOAaUweIfOoYRBKVCQDUoekLt3W/3b5t2ihBY6klPi8
PESxSwo29Zch4/F/cfh3pS8PdVKPPgrU1CZfKECnDTB4AGaJ9tFpxNQs0r+VsX2REEQYyijPpaV9
Ow13E8sMFj+XJyDOByiSR8IHtPUpD6YuzSjrUN+JoWjpMuFzOsiy02VJBqIW2jvm2Y+FqlA/Ss=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\DNTException\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YKQee+a9haIUh+9/RwzJ+m/h7RoRKcwfv7Xe2WgZ1XXXU2FnXSM11ogWEE0wuHRbWDFtlLGHI7ovW
XoX3xVUb707yhoJmVwsLvD2K9gCEahRWQB7uvoxRnKXFGIOzjaqqWb7d9IBI8MNZAWgAoh6jzg5k
Jm1J9ZPSq5e9t4VVfYlDZFE4TDrR1kp+4DBIhy+i/BQ3EEF/+xnbQobbBoqu/1xyO3h7AAc85Aim
rC++mdBZmJLOG009yRHeWHe6sT3O6NUDj8ahmuALe7140vKYwjayYqZMzKfZCZmb/BE7mAx00i8V
t36SF/JZXQ7+Ln9ENtvQ+SrVA9lK0fCOdIj+Wncmn8nraQCMt+Yujj+t6aJ6a3bjIgGUu7IdiYQS
OUMoD1NguARnK2Ow1ednHDtxAUQhPM2sFA/IeC9e7cRQq0uaaCdRSQd1z01f2Iw4DkNMzsrNnkPx
mM4lRckL7xpYQa9BE0h6nk3Z+V6cKgnCHKfMR6A24dfRdRpsIcxwFQFVsHCbvFawKzhiu6JQtnTs
bSEA+ZwusCPBo1tLO/SouQBNv2urGw34DgqId+wWAOKdWef3BGwkEjFCLInNHEi3bmoOYEFilVF9
lndc921vgwzUFlanLKVPY/j046zcQQOHwBOwpfdysQBaIHnO6dDnnHlvtSnum14uhU/mUCvqSA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YIB0E0FkuYpaViJdnyltNF3DX/pfM7AQGHzvLQwbVzCRdsyEv9zSnZS/hwMJRhRO8luTNovjtQRR5
2WaFiBRrJu8H+3+2IcXl0pqUss1oWG6/OM8eziMCtwtL/rs3SU9ht0I3jJlYQtLipo5Ii/3eH3aj
/EcYXA6T1sJnw1kClqZsajHf9IgNtQV46dAlWYCieVikN/wOBjqmqPfsWI5vs0Wojw1ReaOysiYo
pdQdd4pilk47et3dC38+0L/K0UxvMJOcaZ9lKm5gMfBS/8fLtlM5WVyZTbhe5d3OJWHYIPDXbXVS
aRZanIi1qK0EC8e/8PQA638Yknd7obvoJfzBskL0DRFv6jfCP7GcY/AlhQ98nSPfW/B5iQNDTGtd
KTdxCkSi41jad+XaZyng7z7fyqr0TqwWbgc+emLfoRpO4o32TB7M3GarMQ2AhALeQ50HyBKFFLBN
C3Qkt/tOI/wtr4jCNR0+ny7TVdR9rVAlL6J9c4EBxvLRJX+AzDaH7vGbp1b/ppeCJq5QF5ACh3wX
TrAdTKm0do3497DleWuQOq5OE6lnz3t3chLq3eKpH3y+MJ2CCOcQMlVpcfifGTxqJrPjhFJ2pPRm
o2UGUJ1G0f3U+RI48227KzXb4MAjSUQcKdmccGONrBESF3Y7TkI8+kkfWU9ifqXJD2bUL+rLj4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IECompatCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DpKGH/UsQwXbosqEQkrElrLoD/MfMDhb5/h+ooFqxCbYwmabbRuh1867oRr14lFygpFEI8rQv+rP4
lB/9WDsuCWLIEfYhp2i8eKm7t/RtCsTHgzxeD0+KyLFHd9mwL0I6KmTBXiHYVqtzN2oz4H0u9U/n
3oUGJuo/xQ8W3G1oVBnDDgPBJ6UEi+8JlUW9eji8NpoWJsUktjYl3tgrqFuc01pA19qBAozP+u3y
JSw0ZtETWEtgRieHzRls6tdYEBMhBL+hUP7Dvgn1Mc+ShBKInAur/yDoMdBM9CtaMBL4dnbQR1dM
DXnxKWZ6kqDMb2McbUi/0G8e72ovChJGpYfBxsMaHPnL1HozT5ccF/ofvWAoMAMaODUJVtg/6LjG
1GCH6hgQuxt4cOkipZemxTV3yM8SI/uc/nWQYg/WLfftqoDeqmw2im01OQ6F6xJnSCtSEpkV2uQH
rIEYwY/RVTPhdy27njKbffKItp/cj6yUt3azWlnOpY6M/1x5VI+XJh+wJ7gpx5EfaEGMrirH6C8H
o79V3SRZdJ2XbMWgmw6nBTPKGRpU8WBgDBcS8S1koIBf63cJDk1QVzCSrWYBcAQfKBUTKhFH0QA0
D2EvyNnVogVbdQdTCLW7dYSdbghZ+5cxowdaCER9J5tEx17vVWbMNbThm9DP9+yyLCpgISYF/U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JnMvsUyuljEqqSe/VAen//nXQZYfrILPfgKl4F/X7CRqQCFhhG2+Xl/t9P0iQMFsGPLN4IN7fI/MT
EgXgpjcNiO2Nia38YtviXMDNOCp/kCHmcUMbfvLlcKdCh+6vyGux2eZPJAJHcLQVEXIcvUG0WqJT
W0uHfckF3BTAfZF2sAp8yuLUnnZd4Ai09yXaSEuHcwMb3GE4H9mR1ivTBu8PHNb6PYAFR82CwRIe
/bbCKQWSI6jr9lD/7fnjNvLYRN+yer53vqyujZ86KTcPRg4Ps8qLssz9efNS/6sVSfzrarBGg8Du
NEkv2Hdo8mNVV2UGCz1GgQ7GpO3CplJ1KBUisMpeFYDc9J31msWsOAUUhW5uUb4n4sKMQCl0Df10
g7wCxtPpYVSZdlIMkgDYpakMI0U2cv/DbLdrTtAKYQphJAQdr69VFwwl/Voo8Hl+JkR0u1uUpCHl
ZpZgkw9tqgegOZVowpX0WjqeeumjY27eXXQet3Nqdw9xVULho/qoeeU05WgtUba1FP0TapmDR3Yk
KfOX00hxj0Ye8vd1opSCsd0z7buvigLMPehyzQNyls+HGMKNwCiQCnaucQqFgAYI1pGH+Y6lTjrg
g/kEB7dCyYfkoN1NmKxaMX4TBL9OU0nNIbLPXfzLp92ry+hxtBr7HmPS2vncx1D7NUbEOLUWvo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IECompatUACache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MFV/E/yZ7mBJ5P6GM3WMCUBIrlEbqjCA2By4UjC5Lnjs/2SVjzLLa9rds2zWcnRYeuDTHElKbuao3
SJ/khdjknpZiG7bOnc/4GmIv6Gp3QFG3hKdZjqUBVdDELJzFwlFEoe69edvRNbeoW4hZD8QKMwu9
qIDPA+1aJCd4Vem6vdC5zu53V9vJWFxL85RuKFd3Zj48dIr2ZujkZsWID5UtaWIkjBLYMXRjyMUc
jFus5SIHv5EWzY52TyjStTiUp/oL4RwND80/9gA3p38nQaNPpGMWiPR/1OlIRRf3E0QGaZ56w+w/
oZlKEQWY9in7hQLHbLZ6BKJ2DvpxFDaGBRlyf7S0la5g6b1RBstUyuw+/CHrqLlwkHXWkP5urgnU
3TSTWR9TMu/2u1cnvJ48bH3f/HEOTY43DGQ2pTKk/BogzvKPi8/Z8slkTZBwDDTzLrn5lFedgmTN
E/rhw0Ml92/c+5AGT4V7QWMiexVMuap6jPXrW6IviB7i2WWTQFelORQ71G0KX85PwXP3DhbcmBFv
Pnyqa3Jsm6KCsbM10YJDG0v6t0sAgTSp3PII0r8mE2EM39UE3thyn4qAb5GmK5H6/zJ9zm0LoqIa
AzAK3AKh295CQp6MY/j5q7C4r7dT9qYXlcaS8nF040yPtC8fFJMFklAQ96W+n2kxAwTD40/gwU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IBeggSWSmAFot/R8qYs5ad9+rB1n3yZOwdZVkqwub5ibb+JKOk6rJvTIQhrwLhjVCp/WIm35vOlh8
aRA40uivf/d9g6BrnxWDrc5KgabktNu/okh1vVBI+U5uLDKw/fL5wdPfcEkz7ptmEjty4LBAi0Uu
aR/vFk0zXvBK1iQzikd7IkWHNssON/Nk+36T4AkA2rae6/j1CbtxGRCeYyjFRzjayXXW1/LcIDl4
OGF7MZz949gf/qzRiYtggi7tuH8wArMoKRGg4zojEOHcJZ8XW2wjJebbtCqQu4eS6cEaE1T2MrMq
WZ3d5QQa/tfBN7yFW3Ki+/NFfNr4am8J2hoJge+1N9qew8iStJoxR2ba+mR+RQbkueC8JGWn/8At
/lzjsK8UiWi+MDQHOj8o1qpBnU2SAucpuTYBxpJHDyBwzw/MVZhHfnnJHlMKMoOXhnPysdWyc4hW
LwEKJpTGZuLGrSsJT+U9xIGRsTmvx29ypXqJI5a9FL8AAtA4uyRl7K6U5vSFBJhcgS8xg5ZnBvCV
qQQeqWC+ZhfdUD4cRKRTl9fvPDgo16l0LY8Mh1OWaSMKp69NsWLvh2HovaCNFeKLZkEsjnnQ0WO6
zhnSZGYg6+XMq/J3c1vhpneQxkPeZ6SeqlR9pxN5/TzVbgl/2idKBHRj/1FnMHuVSQtAyTFfts=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IETldCache\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jGYaXf+9Dyur23U67TFRH5fDrTdEl6LMfKCI39D32PDSWpdawkHcbT8sqi+SLbiMu2b0q54zIUNGB
i1W7i9VMhK1lLJlM2mul50/lYOJZ7onqVND321/dH+FTu/eIXVPzAIePSPE12/bnWQUp3bVeGN07
l6zNxAZiCKueudhCMLQttw7bLOXj2EAfzo5JA0Ls9cLDMGTqvKWstXrI2wFvyrvrZXnL3biQXwu3
mF2LXo7WVmaGSSUTu/3sUV+uVtmonPepWseVdGftPlzGoKiyUv8Hf6AOEyYRn2AFLktGCTViG6ZX
pCU0GUgk5Y/Vfj6NBXVZj2dsisqvnOr8S14OHWrb8OWc4N4gOSdvJ1HOCMI/18A2JKoUiik1cpio
NgESYhxGYW8cKQ1I5cc1mx+rZ//oZAhqaF2Opu4OvF8vk2+5IL6XvEfT6VNYP7yXksMH+CEkuZDF
fxhN+zvf4w7u4DO+AFUeWdMrgvv4H3IxzLh9Xfx6745tTiFt17CFlrh579lRAz+K4te5HbOfjNX8
cVf04x6L++iLUAJWiB/v8d6fXen6i2U0AUZ/cv6ZDixaFjw8NCu+Lr75C+bIy1+9EFEXYCi0T3h3
2UtVdvGy/DW7EfN5SrtZ2bOp0cqBvNKG2yF1I/AyaGWm8XkFMrlLvN7lMzwQXd3XX2MBK4okMY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\IETldCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
anjCQFhuArEiAAKLvpTAFcrT8UrRqJgpRettUEluracsZHv4wYKQThxHADgbbZfkTi5feLAKwFIJG
cuDAIHXujKa6dTVtNxzR3ad/w7v2h5QPzKmxVtgMVyySMHf6ZC1ZeAzOzVpZA0k5Jech1Rl9IFqb
TX8z7bCKtZvqZIXA8NFOSlOnMupCsq4DoGn3G7EQtEhPuXsMBRv6j0/OoZDPUGJgiTYKgO7PBCzj
qCajSGVRPSQNG4nxQtIoaAkB6jA2w3x8Mp7WmvBlFBKmYo2GOVjUJYQoWAKnD9gVZXLba2B7CkTX
EkA2nxUDi3OIN00tT0jwNThVv31uZhud2ics+zRfSSpAKRl4C+mywCl/HfZLRwAj3JeAiIx0HijP
nOLPr7cG5VRMgZmWk+GBxBoSWDeYAifPlcBcCr2bpl01VFxZRX8BEaSTRBT8aDre4Br1Yk1FoP5s
TLIBFLH43WYqHagOrU1cuUpU87iSTBRbvmM6BwaAovo+Hz6A3XXVhDfh04KsMJ5NxT0hnxV+4v0n
q5Y8wyhXBa8oAXbQufeDrLvpPKsdE/lvQzMqmJSIKeYYiZh5r085S51JhWVu9k6+aSbmu13/HDG+
cd1G/O/58jcOs9obBDEwpcIFRoXXrvDMzJRG73ELnufacZfP/GyS6U9LhMdyPgGo611nisb+Ho=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UvyCtX3lDscwmyHqPWZKkkRd/3zuVO2U66Lmd8ZBNA2f3CkoeuKAS1156TstjJUstAMWxUpxgc9k0
p120urteaVa5kcaR4CGomj94DjC2PL1LDltLmhW5PwQxEPstgvp//kuvg+AhuloV0nBzHD16//IU
TXTAU7IGUteDzsgZayardI9Qh592BDrcwsCumMfiMqX/ji8tHFSTLEEXTzKL9/chcpdfcfIKMznh
CFHE/IDGVqVtxQZcTevFZZlt1FU0nLxz6NE+1vtfPrpobBiRmc+ALjJEkd/80j0u19n6NEM+Rqfd
bj3G/bzmapUyoT+khymMw6mDRWuB9nTk8/NtdV78yd7hgPpoIm+Ou+SdwRrjQ10OKKfTYqhnpfOo
mvtuMwdMBewDzZNIcq+ZPhR/5GwJHwIuqlEDHbbxGOcpMqXGT1eVjN2LiiLCwcLkwBTnrW0eZdOi
fHVwXb5cWZlAvD2pU/svL5IhfG0rw0VOcY+hBoc1p4zDc8Jbckbc28MhGxGPU2hEeFmzSZ7YkMLw
BYKPX9UuZBfp336Q0TZRra00PhaNl0ou3lujyhbel+aqfB1OYwNc0NeWhWHzQKCo8IC1I8W22UGk
8CHPaG0MOZRJVF8eowP534QoaNbtm8zS24WR97weUHklV2jpcBQOsQUZKUf62wbl7gNnOWBsvw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Network Shortcuts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
P3z7ItHHFvwQjlI4Tlqfz3R3idmqF9271Mq96YfStgaJHPiwPDTvAETVycxFd2x29RIjCNvcY2Yyg
Ug+h5WTHYFf1FDII+jdrHiAFDF4GITAIBMbyo8zZcaoA1DMbrplWBrm8xu3MEUI54kAKs5eaInGC
sBm5OTO/SBNQeZ8uZ16Rdl8ANj3RmhNCwrOLLglPYSCKy89a+lFWxh1gcBuhzjMf21PElU9AfuQQ
M5BJeF8qUhJ3HbvJKkNrRGLEqC8f8XZEdnCei+c+Y3iquSQWYTTUEmBCK06mZpx1IuubFOeMLfvm
uZpITFTtdX/IX41qEG38LqrctHTXZRLaU31gswPQNme6C374iLMs9ZYGjS/dXxDlqbgbHCG4p1xd
32DuTF4mmM82Vh/19pT4AC//xLkPk3U6CFBv1dMC784WgX97sPewTdlsXxeLs7XKdtPO5OgFcVd/
nFamwvNw++42Ev7uC8rHocGdzDdTp3zQ7PWmq4UnXkDThSvb7Len1TNnVqjd1YtQgnmoVogUnBij
ZCYs2xTzcs/ponRBTF7MN98Cao2GicNnMJ8xJavgCEG9zzTwEh8fKGAB72yhVXCdBUtEyMLfCAAS
8HDG5tklVQ5FZYZao+Sdv67JQjUeS9HFKpcPFTb1nBrCyIw+vkTkL9JeXnwoHlir+JsVhNugE0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Od2kbV5WZ2/LE91V8HJ2259ml6q4/X5akF92tIcBw1kVOWUZssjyKdhT1pziYI78vJgZHQGz2KwLZ
6UpQl0ZuHl3QoIVyiSnyqtUKaDTlm0Bb3eqN+IkuMGj8ItQCoB1WzVPcnHI9WsOleBedoAi/YT9S
ZgK3tqBxqtZlXC+LeYLqpcR7J5trOnqt6IcIJUTkMdSt2Oyn4AJm4IOGki19U+jBCjcyG7MEPyHl
eeDJ0iRSPBA2AYvjKYKgsH3e4oTljw3hDGR1lAuDXeC8indzvbgb6aGRQunnGUOf6zwVQKIW62Ln
7A9W8W0Cqfk6rqw3WEeF6EFYcs9rkPPh4u18NeH5FjyyuSYOrk8PGA14edhNqeXqSqsC3VYVd1Fw
9p/QA4QfH1hVz+e60Tm2dzYOA3/TQ/b1nQUkzoTi9Hk89vQHM/xD4K9Tm4NpxplzTHGDH7q588+T
d/R3xk08cbEcauA9oXM8UCeWU7JKsh0JZSVNFOhuFfR4IYD6JRfT7Bkuy0LW4R7PWLFChoA3b3GF
7Q+puuP929XgaVzRH63ZR2Qr9OIt1Nd3UczOAtulLPSrfM6ZfAeGD+VgwgVKPG3i4ftf3MIsi2Jc
DrgF7GI51JQlFPyv1XN7B/hB3NHcyZoIv0BNbWxfBej0RFnjK+MTKqVz7ZsfU1z0Au3zbatG0g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Lzv1+j09ZXhjxDQq7GTa5x3Mbepx0GUzE0X7m3+H+e67yXLjQC4PCSp2KUo4C6y1gNqO7KOJUyV02
YOtrh600A4fuhlImmRxmOCdaxzB3rgjJXhKPD3sKCVhtN7Q7O3dP0vaD3rfe5FrgldOKX91xF8Bb
FaKwK5jYxL0y/ftes43nIxlgoon6axEywt9giUEXyb4TOmn4CYmbp6BlmEi/473XBb4pCp5Rx5bp
2/Yv3vMLGJMbnVHNwrJZbN1ghSawc+gxWjnjlmhYEvTkgjIHbXueZDbKvF9nd2y0GTt+8kgeASah
kZ5ex1GT/WQJN7G2G3rluVRjJ+QEFkBC9ZMrXn1URc45OJSVr+T/yIle8UJ13b1lQOLiECZjAQrl
QsMOD8DdYzqHh3x8aTjj8yRK/hvmbFvAQCXN3URxCBB1gUOmprkFaoCIbxIvrin38rYfEydy/HTY
slLuAdqz7IN5cJu9+C4SuySJQY73guWfKUOv6Q/0izh+r+wqnTAwLHTLmeOi3H5zOy8fJyMQXqbV
q3JCY2YUbIBbjlzqsBEAcNHHjya8ao6u3NUEWzMiD4UEhNnefiTsUk1GKpQ4yowUajDZy07+gDN/
1Sc1F3emDmQe82QZHmRcxdrhlortqyEdRe3lUwqALSS+IbnJ1DBsPaciraB1Ka75ARuHycQNHI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\PrivacIE\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ajen11pAB371bCa0n1XXxTVw7Nc1md9+GcECXIUNqzVZ8GVb/PY4a4hUc2sEBWTfWwZp2x/Paimur
0CNyHf99li1qK08DThjz+q16/fpfelWEHlTzwd6JyYoQ7HeHf1MmtOjzXXiAD4oR0GCKK9H8zaDy
NH4k5Qvz4gZ5eAGlDLfTRRew+8/ghNDg9k1zKRmVVraSyjrOw8TszLF/veDrbo8IS9FQYrkY1J58
RO3fzi1RE1XwSrPZ87mEaTTBJ+wY+piWHPGRIFKF6Qa/zVQ948RY1wRhgi62JvdoN7wKx78QiyDY
FqeyAvPUBZ6zakgJgz0eStPRLBJ3l0b56yWG31/WjpXIgqAqmUGfDDoHIes+p2nmMayyTB1N+Hp5
SClKWkbH0jxZFeaLf+jTfclIFWMdf8aJBqSeOj562nL5FM3sTqrATmT6eCfNoyjwAddF+m+ioBs/
NjsxK9w71Nslv2M6b4G4v9YZUTJRIsXO/Zwvcy0kSuQSmATP1XS8gva361FBh3FagxuYGayS1YYa
+ryaY+syvdkvvz7br6v9VucnvsB9tXph7O8fI1Ecy9bbdZf3Bbd0hvoPjaCXiXqKMaLcwx97HDWS
cm7wcKNdDCjwxvPHprr0BMQvzdJ/shpwROA1s9ew4ZmkpCjlL9Ah4TVwwNsJWZr0NzYcSQg5N4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
iVB+7gDjmOAno/z4TJMUtKn9izM5LAV6mA3YqUdcEZxG7FQ4zIDBPCMIVOkP5pahbKcriEKO1nVRa
NfQNT+B1tDAcwddNCWWUZN/UfPuENGloejqNjFiVTuefEevglZ842C5iPAdTpzbRjDDSCepRgxMW
mGO6q332VfHZoFwQylXetwYwaOvf75xiSwWtiLIaAX9W35ODWqGIBj2b/Li2pUjtEWNolkvqTBtz
iOq+yEoaKg5y/ksPfvKk03TBYwu/T37Yu+ulTe6etSbNzNYdwsXy1izlEnlT5j1WjSE+gTaj7mO1
h9rk+a/SKw8kaUBSBBc9ENETZ5we7hldnb8Rpw7u/uzBk8Na5cLKMtxb6HTJazVi2VMl8V7eZZI1
Tp+jXXHsJPyy5vEf+Yrx1N+gqs6WAUkwh9eybQZOZBlJMbxzkaKpHfAr2vTmWvaPN7pvTAYdQPhl
zShPw+8JGdbUWFTgTKkEJO+clprKHELGop5n+u5L1xHuz/Dk5IOXk7cOzkyJ8vSCZWpHbjWW2Fow
UQPh1Vh4wftkbPg/d5rLWFzJRaVopJfdE2TLGL4uvWuhXzLU+EaxPFUkcEgJ358XrUIOL7/6+d9U
hYffkhllm4LCWYzFDtxFFOvTjlqImhvBNokr/5LLhqH7N+fPkrpY51iY/B51Vcf8pgGBEoymvk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
djar+8keu1MHp3ctmxpBjaFht81LVGjncyu15ztU4S/y+Cm480Op6KQyIL6uRfZYqCKDPhr8m6O+Q
w6kVNl1RDcNbbha/5GiUQa5ZPs+kyeP5ofxKaqPDcl/WB8N7LZOrFDaIc+3QVS2CDaAd8Iw7yVEj
agSn2sF3tkbIFCdIUmU5hTEn9kRIy3xtCLJ08GjuywKwVoPaQxe6fqY+4FwO6CXU7GnkSVvCmx7U
SeLVmBwWEMY3VJoygYnexTUyz8gR21jvfUruQP5P4aFSFg6bHFTLgDDw/T59Q/6Z3hrodYIltQpA
KAJBBIBleIj/LzpDC+u9xzv3lGDpJZrt18YQaEzstKJ51keQu7UwmBbUY2Svd/IyKYmd/H6NnKRm
UvEK6ZSOEgXlfd0g40Jo9PPGF6Z/z8hznHCaToEBbGGJFJpKu5lka8dHEIzdG4PokZYYSFVUf+ve
Qj3lzdd20Nc3lxxJrEH2eOZKlq6nbNYRmMcE0R5GHa/xAJM+Il2+VBhKZSGsG7nE0xph8A+lAkVG
PChrxFuhwlthfDkFvahq1r5yxmTNwngOQvxwzjx3jWh+EFXrTQLlz4QaW6CMJlWn+g4FrV8GQDx7
A9UWGImE9crRKJxv65bfb8FXLW7VXWP4vakNg4R7qgaYd/lFnXCfvtVM72BuyAGPFUMHhphgiQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
j9DmqeSrh/uEXIQ3G8I1QJyHpoy2FLj48Z4epyhpL5qv9pgcz4DAFt1bcRFbIvj+S2ZsjU/jxz3Cu
6WQH+IOrG7u6gWn0HXVZi3rLZssZpkb+06sGdo+7K00ZVymzoNpt3LL552FOfwGtKCHV54Jl8e/n
237L6NNcCdeAbKb6a64acHh5y1PGangrRNpmSzs/zcIPYlCLkjdAjB/Az2vmOyfEB9Opgq9VjlLG
zGuwIMvU6LaRGItn6LUy80AxNiGQzKjF7SKU6wzjkT027FCaU3Qj3IDMF/tgcz71kqOuztJPSgqH
OhjyelNn7pIh3/hATftu93Rg9+QMCw33L/aGCZ0A8ic/lwcQHyDsh1Pmrvr+/OS8+KmcCkfNh1yh
Excg6twuNwt66WqqB4e7chJUkqE+udS0V1ssAyZSdW72tGTEZEWlMVZ6sBuMwFNLYyj88lh03ds8
t4puHyopj5oOUQ9L7sI3VlJ8A7OJS6+txRp071b5fAqxrRWDW/6rRuxVt9i9tE1ZFAzpDLP2MP/r
0sNFqYNUgYG3N8Fw/mbTpv95yQJbFhLTz3q4fGMuQkOg7gLHvuscH2xiWhvPBTc92yGn7B5OvFUt
pPKLnUCv6PdOc4RcfDDSbLTiZQUb0+roMPyRkHMNmAY/JKJzesL/O8rJbnamKbhz7ua7vksw24=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
l5fyzW4hX24jdCqqlnbB4vFevAyiWYllbJx0/2S3ciM8oDyAGHoGq92UlsOboGSZVewxphPzmSJc0
L0c8+oNR1cnSefDs2qIwYyut2ReEd/5S7n5RUzsNnu3FIc+9OzAW5E1i06+7b2+NwF0NlgN3GwQN
m+MGPU5nEsXlUCgjsIr679F3qtzVli/4SkbUqif3MExtHl7mI+iAU0XPQE0xahJLIXffLHvKAuYF
OjEMuIC3QShbdNwX7jsbHVn5zXq+674fwAjAunBVFAHOixIEhq/b8FbJtOH3jSWDIbO2pnPpfxV5
MdIP0NJqqFX64GDQuPJveGqhisFJhM+zUM24OROhxe3dTbOwf907TFYRjZWSW3J6p9F788Yw5OcF
eAGiDMvQURaEu9H1dyX59Kj7NDjf/BuQ/vozN+PfjgeU0gN+OiUKvWBKSf88EcjMv1lUdoj739gE
vfhIB69bRVAUo4bTL3StzZZ7w9CnYgv65yBzjhpTi6L4BaF6CjwYXpmBaRQ2OQX3LE8obFv1EwFW
WE7qfIC0OS3hJlVLo01l1PPkhwGmrEz2DWVAHTlAdJW5/gEQMhzGiTfdyL5wnl15rpaP74XxG/6A
ydO3QyjnxcAkhNl+qlKr+3qy/ci/H9Fx4J6hPHHTESbYVrU74vcxYewyklCKY4vRBnO6XGX6Po=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SFj/Mu5QWyIJW2r3Vgwy2SCT/sPILOy8K34GPcyTHBz/u6PkUT8JK8F4hPCudf6YAjUNrZ236lswI
QI7am4wjHQQRslI15j0uk6zWQp7iemlwCnp9eqBy+elqkleDO4KcJaoCOQ4xihGeZBzmiT1KZRTc
3A7JMP0oL17PL4/FBrDsW22noqoxmk0alzNNnRpql6P9LFpXzhRw4yDKGieJt0g3kh7/NqtYJrLg
2GPgGoQqwRelT8cmsGUSShxsZcedP3txZHFRyDSRM1Jw7wOpOXYI+fj1Km4kncuG2XYTiKjVV9jO
OHv8M6BG17DjP46OqYLBo+CdB5lG1bVHb63wQnMBDzlmwIzqMzjhmN3z2BhGOIygcjCjllEBPfGM
u/29O7ytB0YcgFvtabU7IGh+RbrotSJ7IYfpPufBoqAzBzaDRm5WA6Kf19aXD8xtC45aDyQS77zJ
JKm07cJcUGdhV47/9L8Qh8yB3AYpixUjeQPWuyOK8U6t+tZy1ZkCu7xzIDnka5VoSRiQ6M9LPjjw
Gsmk3/+XqEzggoCaz8KBZ2CZ8IgIxsap3TeqrY70uDti5bxLzy5k+y07yhLCaDeAZgrYx7r7CRHj
LEyyse73pGjPtFK1Da1ONhRXxR0tvoYtoA5jCJ1VylfJqE0u/5MNr1i3/mQihp+J7m38AXJTdQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Zxn1SQoQvcNBs5/gOVVZLahtkliLKZv6hXVS2vVXQDPJ6buCsfLA5JNQY5U0eg7vRbCUwe1jrl4MX
LaWHeUEVeaTFyimUn4zBrPBXBaX5xFZxWUujM2lH9yuOaJSYGchWOWC+FezhOot6byVl+dzo1YPG
Ggb1Q/MnZ4fJB6J6SXW6ND5BWauz99tZIFSQUJE/T0wI0/O37+pl0ohFPX+d/8lpIg9A57KYNPa8
j6kvu6cOkji1tFhXTYL4mpS/unNaWsyVonKnaShCKslz3bm6pI6IbmN+56+QvV1CWcvgXELDWpmU
+AK1FK08hWj1CSK/yvSqIjTuOcTB/jmXYQ5eMewFNVfWnq1dLCvWRSz/4poqDf5/v/tlMQhnyA6U
Luh5l7RlF5bdcH5vCTcAHtFf5j5LgMO9HHztt2nplAc+JSBAkEQ7SoMa/aGyMpF+AZRRka9WpFJD
RIxnVH0y7mAXSdVBEUCpdZ09NMXVfNGKtsegPaioogvBDyJZ5/mYczkQUtaaOdVjOrvUNp0yG38p
SXw8yKpMt8GPlSkMftPpcpKBjVw3yIFgCFog5lUxYbarfK8/ixAJx/z5JTCf9PyfBjGwF8lFidEL
KTpIUA9isOfI/ekFbOxUKVRRZM6Oc2akDvkH/s4BjVoPUZROmL3qbAS1QwM54CJfLrfp/tZVqA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
duwXfyrj20qjCqcJM07sDd+qpwvf+6TP257uihQstfcyZ/zWp+HZTGPDPO6CsPgjeqhrp9hZk1Gvs
dHaeFAdvtM9FRi0f8Z4ZEzfOy9GO1Qvi6/tQwPE4JteTbDLTHxZb6DLgyZDzPdmV0fn/h90msOVe
C17uOu4Jt0EI3iYvD1Ie+APiIYH/eHdzf2q2MRkr+z0joth/O7hVzDpCnyJp7wh3rklsvTgvcYUg
q2F3JUiTjjxiBxjXscTtfHEl2P5mfrh4V09tLerWQVfnDSvSga1iP737IN1c5bqfuLHUzZ1sL/gA
PJ2HIJTBF5DsR9H3MWQPa5pubzbhwOGHCIPz5u1zPqKvGqBt8L9uoWI2pnajibrl1D8wQGbOoaK8
5VnvWIzH8XrkJRAwee1lhfgJZzpXFTtJLmUw+nT1e3sI9AND55/MHesPfmRmVW9kN3auGz4/wt2C
E38IbnZN/PEMFv1QenWTZIPFrGrOALB5vRnJwPHME6mii1z4qV37SRr5oUUpSE7AP9WIrzW7NyeI
zu1aySX/qOkKsyyvocwvJk90+lc9t9ilfM6xIcORL/2qYvW8tMiD7jcqIE0U99eDp+HBZ4r2XgpE
ZiOfm6jgyZ4dHHM1F7v8PT5jHnbEMu+N15iMd6ojzHsc6+5lcJjVw5RQkyqI6tajCC5b3t4a0c=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KxTn5DIZ+Dkrdl+AsnzQVip4qakvSSsGeeECi2mBYam8cHC+bkBL8kXa7IOwVFGF6r683imQFLTD7
wwkw94wWnT/OQNW1J5BkoUZmVRLQaVkqGT8Fowk4OrNySmYf92egWKtVcj7/t/akVbGP1D/S/T4x
auczqhJxwDl7jtJ8HBzaBPuHQpEZhg8BPjQWhuB38Q32wwLWDzFm3cLFmEoeAE83GH2NPOcGfPib
A+U2sBTQ7avAl2WBEZPli9F7WmFTGZ3ziyqCJy5jPeMgCezDyNf3fREkSF3/i14fdJtg4m1xVBK9
tws2awWwtxfqK5/fUGsRyIHHNxvmSbZ2zlWvdVSDKlFoUa9us0vHnz2vIKwQyEaJ5QEkiQzv4Bx3
RD3nNay80VziPKZfo+3A9SifaKHtmi4JIMcIx3Ax9iDoMEqsiP+mrRUqT4XfeoPTiUgo3umF/j1W
0WXTosgTaetDgrri8NeGnYBKdrSJvXVSkkylqTZfVIlMACR36BazqMfntoMw2v8MdwbiQUJqAXyD
HjHDp/hY0ld0MX5I15e1Ve2dEFnj2GX5KdLYTsRDsaQ3h7G12sxOh6uGwZs1XUNwAGCy+fWKaxlN
iAXsaBGI9TwGOH/5QiOpLvIe0BB8QsExYLb203WXKJGpm42yxt0JfJA9PzEyF7E7CWUlkCKqWY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
b9wh/1E6UX7X9xSBao+UfGb02uCQ718J5HNFaeHcogDDEvdbegu3DwhoDq7uyZGQ89aYSqBBuPq4s
CHdZkYnv6t3e4Zkj4RBwvOYiQVLnz35pIgj0WGgC3hDN1erI3IOwJsc+GEnNzBNwM/nIhHRcswpg
8cyJhhJp/6OC8z7U350CSsY0a9ArlhxGxuastka2NcD0yPMqzGYP99oKu7blwuVSyQ4OqnZxzojQ
t7iFDqTdWK7xDeNie4IxK6UZ2Gd2QpXIzmNau1Pc2Aepw9mqyLyrPionyzaxflTS/8O8JVXFHG1u
ZwSLcAyi4sSlkDo0+yG8ZBuE0YPB+3pe7qvWvjgF512Ziq95p7/kah88QBFWxT8713sVfhQ/yHI7
X9eq8IQAeiExoPRaZtpPN+V/fUVT/1crgkmeNSCOHOpzM8L7OOrxSCvMzq6RsgHI9VwAsuurZt+r
Wpz6S9dQFh9IPSP5BEdIKVmIXaMmmgizbAoHLX7/uQ7rl5koVqQjgVVSBQdVmF7SzAVFhpGQOfHW
bSlmRX1On0WVOzp1DdMfMQo8BHSlomvhITrQHa8dS8Ar3FC6LuAnpGvcCdddI2zuyCtKqAT3B5y1
EfzdAVk67y+itehDBYGpbVb5hqmo1ADmSt0cazaRzbc8/vCa+R3kf6s2rZcPOch24NAeji+FxM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fBCHeX6lUIVRMvGThVXvgNJq3MPmT8eJtT5a/XiLrCiFOLi7WocIuQl7Pg/BfrJIlQTaQ2kOVlFv/
h2oElvZyNDr8Ww24IHYWm6GiHSXjP7Ld5K2ScgOlYomI+fHv4b7+9PsrpXANoIMijpJCLhNCt/Gk
qeEvjrCact4AxpmKQGeQL6uDdDsLyaujke5IQ5vA19p57qg1wvwuQ9QmguA5KtRcyyHrc5oA9mcp
Esl5jF29b+diQ9QKxYTIXE/Xbsaf/+vlB2nppTtsRatIHNg+9iBTA6uuA3oGNtE06cAHo0fz1QsB
JZgJBnWFYSb90JFxPhChMP3yVcEnUQ3SmbR7ZqV4kD8CKefOWvxTAX36FntprafQau//eOepmHB/
Hkk2QuW6jFMoKLCUFLZdZ9HwBHBLIXKkWzs3zx8PYRm3+2K5/h/ghfpeOQAlR3xcIQ9s6LWaEQqY
3C2rfqe1eaTnqV3lxNZSvG8wdvcUFKWtqjwyunnchTIIB/OIlu7KJ5sP6rHhmVHcM5JosatVMz+M
QREOHb8gjOuyzDD9NF3TExhvFetP+tfjyiNn0WbDWxorlvSn2O3hVvFQFmBveDUr2xe+QeAns5z/
uu4rF3Amx2g4LUVU6VfuQcC1LdHmFoOkJm+8ituWJC/fwiCQ81C8mMbAVo9DWC9KZiG93YDbH4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JQ+4no8Lz7E1O7uWTXNbGn9FCZqPA2dtpFIV3TUge4187UOTdgtupHdx1bE3GSV+4ZxgrSjFJ17S3
aVT1DRG/SclThDApdNmd7nUS4OvKuVKWU0j2mtvabhXUdTLZCTbuQmRvQWQASEw11q1+tY/Q2k6v
izug4Y/FqztE86TsOEdwI/eV9E5UL5eLP9G0VserNWVrB4TcdGMN7M+zWvwnFpDn3GpQ7i1JLedS
EiOwJ83j3kzgiQgDFH+sjyoJvjtvTqIkjLekrVuOPhWsOrNdSi/9mjjTKJAQLtb0dkJmE+v+DKDY
4T8T8GCvadgZjZUTsSZ0J49c+rA8SPlbb69CubwXtx8BEuWPHC8Sy6Y/2fULltHVvU6JoPW/em3d
EGOfqhoEN98JYgIMwiVYCVijMKcmY0sTufk+4ZYqCmGtdGG9AmDMENja+nkcemFfGV5TZyBMO9wB
ILIHdpbIsm9H11GiOldjep/UuQyWq9T8qnZtWDQDaaWZ0iBQ8KkFJ6EwfyArZMqcoJqCHyM0s6qj
6Gq3cHtsRpCTz/9Y+ktayxOaPQcxspYDhCFVLIwqXCzRXgvRTWGLYREjvpexttACNDgbYlROdZkY
bzHLhyv7Z/MEmtiNOx3JK5g9m+ZNmRrZEUuBffuzIu8HINH4A2g9jQ/8cDww0u2Vyv4RUWKnvo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jAMoRoXNiNLYsVr8Nf5BcqPKdv5yzCiAv9Xv/LMMSTF3NU6WAFJ1PDH1mpvHOuJTbH+vhsZHrkyHO
1herif3SqwEY1G868cb1/2zGBLLHmv4AExso/gt9K+g4n/AjKI/jQU/E+ns1bWpfypUZPO2RPBy3
WjL6vE7+OLa3gQUq/iNe48IbRx4QCBxSuyGTugEvph1yNJTXOv7HYIWXlaVp+nSLhqyuqoqR4i/X
L4H8qqpvEos2WTuzDWbyW4CcRzD6/nfgr56BZEWLyv+oKua28xN09q+lcle/VuyPRylFOujvmHth
Oh1984sZfbGE/04NkfOPlQp/+VcZ2tE1QJSvnLleeLD1+UIIOG0nGW8jhhMDt0fa5Yj4QLmkiSwR
Oug2N+eqrBOlTAmZ4VSU3iPyHVzQ2e5QPRe2JLprebFDs+oxjuGfvOjkGCJLme98y6UQcFKXYtlV
FQJqc/LTCh7JU0XZX3QfXAzXgeRSCqF5eZxYG7GyHNDa2zW/aLt0vFFjsu3FwhXUCd9HGy5is9el
lsxDu9YUET0YPdDM3WVq9dpryqL1D4KL6732npEQPQ0NfBbjIKZBBhDAE5TRjLx45f1v05xEWdvf
Cz8jkYfAFz19e3ff57jZds9EJnB2BLW8LTEL+Z8VxWtDkEH6r8qeDMw2WcVJPYPe30OIoZ9PEI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Templates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ikkwaz27dUwdhjtAkhx53Do95IzxVgnOhOMPYdQprWJ/ccTK1GE7m4TvjwgzCRfCwX7+OgFp/9LNt
ZenlNV5J3nywlJN5t7PpmoZE9djF42FlwiTkEGh1s+NbudFzOjuZltKGLR+IQja204O3t0jGOI7O
b3Td1QFbKdS+9vBBEh1Pj6M+N4jx93PpiImQ5vVmP397Ln23dzDlC8cGIIjvvUuDOc9RpiuLgOxh
uslC6zRB/TbVGyHl20fsvjbVNp16KutGBJT1pgGf/VDPVpWWjkW0Z6qT/LRaOHMlCfa+mu6wohgo
hRAw9vaN6Lbb0idrqJrj4/AtuZ+bgvju98aa2/qQC92UJ5PgVhEUg7s01Z1Xj15rIQO5jg/yH3k/
hlNXraHGBVWo51LfO4g+8Bd+PohsK9600Wr8M1Uyz+k/BCwhSxyx8aUZ8tARy6JLxwjUcXz3amky
O5env3F1+A2gvJ5listwSWPttpLfDxOFCPFFFFRdvtd/nbZ0NitedExcdFxz62RwguiFjKnmSwCR
w8FuBcQ3EtGoe3VsVC7dw1t6b42K0/wV3+xALJw/lpOCFxw8rhfghGIqcAmarb1F2ge1e6CzuOCQ
LPthcefXyh5oeJzxIwsT9yR1YBwz17CRulOUYDYOm7G/Z9cHXrit20AwoPsBVG4U+zZhoIobo8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jx9fAU/MlInY0ZwoD9PsboDbJaDF6fVsEWoX7NkvFNERdTzl17NkhMsVb8O6CcU5DbPtIlK7YfQ62
Krm6QO3OXtFr9oWbAT7oKzjiL5qcCY5HennTSPj2IanSdD7uoUPCE766ObgDIFVcaXId6fom4Wwd
0Z3V0C27iJiOegfnKZyMwXX3fs+hAs3ZJTR/Phak8flyMsCLqXeDiUqV9alOD7Z95neGSVbiVXaf
HVouHioAUA0giSqvQzCCsGMWV+3Q18Qsw2Vt8UDLbOilYWyYaBW2qAIM0kTR9YUVFfgWhbRWV/Ut
glPh5WPbbAsR1ensh3M5eJ9bGLzamIUfjh+m5JTwIyTidl6nR5x2i7tPBBBMz4avZvv68xhQr9k5
NvHwkxpIEUTBwPFiteRwWwWUm5efgE092Ep8FyoXzv14xf7+QZyRk6FZHYXCY16J4ak8LND40GOF
7Mm3RWo9FFB96BhaP0HcYxGfcs8y8TMPddE4i6mv3L3rcfqXrszN+nPpaFXIg8daDWU/VfG9dVLP
zVRF5R91N20nXWq0usKCTBrZt3QqrH1TFSYiR4UM6XagGgUOVQEwK8QIPfPkjWrR+2XW7ZhheldB
ZmTCb0fPlm/aYYtM2DmYEoOiALCanpjBRSlxTKWCFialysb+aISb3L+IpPkjst2MP96hyd97oE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
igibSIlMk6O5uEz87B9TZFs7FhlWQkMogOS78cJVax6OT1+Xolxc1pGxa+gKAOVx0YA1yylPQMuYs
bndjUIruVrULCGMWrQE2GECQ6PExPSNKKL+yt7QqiAoJzZv+bMYRO985D4+kTeG+Xe1KkeZiolGw
n8HYFFjTcjlmV+IGbmkVYWpyVpxRUxq2ynf0JAO+ONt3IEHg4ADelTRxldQXUQudutAs+jhQAjKh
Tc1gtsHjqBspeJJIzSaGntEDM5iL3Vh3P6YsT+TnOoPXzaqwRSiaTd7ShV4upLe53PD+U43qUo2Z
nr8T7+YHGxnADQ0GLGvwXQ/lMVBzbTKxR0I1FbmfNv3eGjM+CUtPuSP+eylob4mtaYluz7G2TLyp
Mr21UrraUHbZQTMh8di8Uc0fw8alvIUuie0X63DKrOSaQVjfZXTjBSgk9lhToOQxMdhUqSVn2K00
1ZL4hsQjHkCK64NJyVmaIiNpzGARTLLwb5z76ubqu8Pf26u0Xh7sciZ5YZreYAn97wKW6fLt5Py/
ywwUNLojK/j7NySm/prwCpmoEuAzQHysNPI7S27+h+Js5nmud1lLXlWKjEdvmTzWL83tva3uPopH
MkVx4Y55BilmOecyDP7ne21u4BgwJm60he/TKakuyqwJyAWcsZZKroKd05rk6VLGJ2z9ex8f10=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hrNt6QjxN5r4cs9I9ojOwhxYUg/d/ginRS7+6ElY6Bg0fvKmJiqOJlW0aaTwISfb/NzeY4VQvbE6k
cDJID+Rz7aUGnBGAuXsZUdj1+h8LcjhqnXuqbPbnYMHRfC1ajYNQlvyF6XXBlg8oIYgPavRmTSyu
nFCHgM39fiKEM9SaI36JO8wp8joZeEGLr2kGE3TX1oGgq5ypyy4T+BA3vdgPp40jlM7AuJV5qEoL
efNi29anO4Dodj44ppTvJ3XTnOI2IPMrE5E8RCS/yFV+jiQePNNalZNdNL1Er+6g1noRyCSGMoOr
WBJjXz57AjQXy0tsNEMoT7z60c8XleGau3ybltdt3036m9rkzDvSk4bxQ4K8Jy8p0fpMLEjD/psi
koU7H7oXSRBJ6Yl0WRTiw14+w6Ao7eLqIxhYa4FGHK6uXRTbhl9OwtDHC3nYObH/VDTzja4Rxcnn
1TJYRGEtwU0fXc8tfJfR5Jr/rfWOdThwRXZ5/qUvYYY+WsxY2YrQtBAqrMPrqoMsrzovnaE4xZ/j
sUFzol7xVKvd1MUiz06/Rr3W2u0SQZcCz5c3GkMKTzStxQ/G++R88UDw8+piQoR2oSi+cBQCswEt
iLCtlD3AypcBkl8oN1cpKo7RUlLIW4Q/HY04IG8AzcI8ctdfvFQqeTvHoCUdKx3dR1icurMImc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\Word\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Di0PfFPw1403gVtYwpIC7uEfkeFFyG84dzEWT1TEs5nAESgdKZjMbd1iNDWJlYblpWRRrRfh++ufz
J8KL/XRBM0c25Pz5qyODNcyLM2jXgyL+URmU+Mjng/FcxiG1ZAcDd2D2iP0l4gWVOp6Ef2IKuCw9
RM7rtX30+v9vS81QxcFUY/QlKd12dCOezUhFkSosz0fvFzYP86TM2ekl7mF44GnDV5+j/cEXlToS
iqKim3pXUbcEkmOQGSlgSYeWGQ9DuckFC0bEzptxq7DjCyu94mP7huwLPV+guCPe5neAxGsrLFd8
l04732q7SngQKaoOpM8qrRNUmGl3ETs2mIlQzDJWyQLJx9eDwE+eZK9l2R0sOue8uhQMTODm+Iy6
xXr3PEuYaK85PVoPzYXJCIyXQDbn2w4oi+uP1NDUTqEb99zubeYhxl7r35NKYZMjhn3GkGKqYhL/
Yuhrfzy3HKuthg8D2/dz3trYk1/U0Gar8BqYrzCxtFAIXN4GUH0EC3+7HRlQaYB6mkFHVx/ChKcM
JvTIomsJAUSTtLi+zUBP1W+SKxsEe0cMB39fCd8wGAmzwCqkINTPrQe65Gri/lEnQXadDlSCOeSY
2AdvvlleyUGysGuQMnIxN3LHB0aPmvrnd69vY+i0ukdFAhMCRWjXMwzzDzlCVPtK/p189r9m2o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
chI26o4X1X392DSwqs4Ci+Bw+wmS4+d/Ed6LV0PCtMnOwDK/VI53Gz40MG15E6NHlN2Fu9BwWz2Hu
LteA02bQJQzCe9CzPnkBvE3Wh4kKpU8bUxHR6PMVASl79fbh3bj0cieMV2Fus7yEDe6DDor4nz6f
lbH1/vkHB1WMlSXjVDoykrVu5VILeUM9vpYnX1Xzllj80wrCfOBQaDTX/8ngPlesrztgacGf/FC9
v7OcSZIDtrVKiek2gIRaAkag3I9csRvmNHxsz2F/oQZUhIGm7QqKfeNyXo+o3gEckglx3upkuP4e
nCALv7R+faoEMCjajh6Qqfbb2samm8QCbUm0/+siAQcqQ4I99lm2KDSIl+iVBje8pqTzF6ge5Qnx
GibD1DS3xrmP+Nwxjgxft8G2btIQ1jwu0cYODKx5pM2dR01zQeVsHXDza6WDKfsNJA4vaSCJy4ww
cTQTjfTMDLF3aIm+DBdhpf5WSNdOVAlwV6DER+xhVPGM6tTPRMzZoCMgU8ZjZqJvomJs4nAyM9G3
L1ZAJi6cokpB8HdcaU0tLUvFHJNTM/3uAXY+HprZrvGkO6SimtanVu7I+3vuh1tPulUkTQzkrpEO
60+lqsnOYOaArGfTAbNZJL/A+2ypuXF4B7EVUNN1dOfK7LpM4V6zaBLLLFXS61o22e1eQqNkZM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Extensions\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jD4ihlhkPcBcLhiXdbqI9W9K8wb5LwYI68PasUYFp+M5rcWi27Hsr4ujgBWvzLyi3iSiUJc7obhms
4n9S9NzHA+nAdy/wYCYP7PISgGmhxQYBkjLv1oX//S/NuONWiFKRV37CJo5w8tU6N2V8OB1Jq47M
FHxaBYO9RmTtF3StoVLobLxjw7wH25GM7hcZN6c8mjXb/taCkMNC0F8RwF5+0sr0uGoFmaCPFXlY
CWc+0WRZdacDpMiK0we5di+eFatln3mpR6L/uOGdY5Re6EP2UQdBxhriz15I+y6ts/0IuydiKeOi
MwFfnVYsw2KcVsxpBpcInQPyeNkq8J2sckuOaqYuRFDKHYoKwt6iYVfgtP8dCgi09LEOzUjFGxE4
zVlWWdx7i3LbpgV5jFHGvBib51fOdg/CAdC8e+UnkBaGFZ0QPau9xzlvePEr5HEqm+3Q3ANOBtMR
4TXgK/TKGW3Aqs/mGXGxmwf0U20DfhuBzcA6fganMdZAezDaExNsTUsbyoiHZMAev70cdng0QXsh
M8RdCLkcpaQh2v1bZIIOtVw17+7otEclSVMlGH2vcjzH9o3bvMi7shneVI3cwS0qcYc2RiiDYtSR
zLzTcaFmCbX6xekJrskvxspIzvLkpmwF5TUYeWe3OZ3aKSzTdFBLKcD863FIx3qSltRQfipDCM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Crash Reports\events\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c3lUdGseE+KJk8ymYbPsm0JEu60qSgFW70BiJlLwkJpjGCeJtdLAquSttsBoD8CM5MZZgz9bLNGxc
O/zKgWHIy42NdoS7d+rkzNZ1KsHQM+KqZuf3XoSzw/eclwMxSb5L6D0jyZ/cQJn9RstFr3ryWzFK
TdHwur4GsX///ViUgem7xmZgpKGtUMJUlMdM/KBhoOpYjZDTjFPl6SQ+fpf1d66uLHNTGSggsURM
nSgaimlXrnG4sMa78L4HnZBItsXwV5gezjzZ07w0c6EhYzU5QQ9P3+BHLnlMO/xZc8bSLMehWC9B
mTQAsycGZ4KbPTxYKYYWcHqEGpqn+3gmTNnF7QxT2X5yKz0dweDsDNz7w57Nm0svfMJKLRpF+y1+
3qz3qJHO8Py5BbIx5Vt0BwQYhWWZJGGrrU+3Qz2cEN/E1BFV02WaR0tLDUBvN+o620bj49BoSlXX
8SzPSoQ/aGUsfILbIaknGGysKWpc8gzQ5xC0+lCdTPxtb46RU0dos8Du2yhENZg0LbhyM8kYcL//
ehLGOdO4cz+dM+SN8S0ctotuHxvxf+cfR2TDKyx6ISE2oKE7WcndVkedqBoMR093gGQ6Dvu+inlz
xuEYOdiMVRCeXXOaUxXFx1ZNbas7/CJ/p7wM46YytypX17FCICX+RdUuOUjUW8qyHCuwHXSpkM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Crash Reports\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
BYHknv4rHn+49diM5+p1UsiOsLDorsMQVaHYOkPqeUJ+QM9CbBZWVac+IYtjoBVZlGYpgsUKv1Hm/
+JZ+cGK7OI7pW+/LMH0wwF73ygoTas8302xyrUgzuiVAAcpUUyks4Lb2d73+iPZhu09HtNJF5Qw9
qvtRUjfvKxNg55dnbMjd6IL+DLL/sGBkNl28UzO2d/tWo3/LoX2HRYJcDVwefo3fVbgVAWJv5xnD
NHBlQedygcUq3pKjPrds6/1QXNl+eRH+4/eo0b9/BK6rbRzRSTVqa5RKkL2jdq6H8nCDAzoyHOIr
+D4aYCZYIUYV2TKkpv9RwzK8+Cqza4CiKVvw2H2vrw5c9d8nJnN+mKDR4CVFROjB97ZVCYs8VHLQ
UgOxstfJUypaXaSTNiW2FbzhSwTkepmIFTOYwtMDSbc7rb0moSyDmUoP7gf23NTknbsLKXmwHRji
0JyqSGjkCu8RHKU+cBu6h2EjQkHysJ+4rNzzVR/BvIAJ3UIzGSsPgPvesS39JRI5DVcVBXjOOPbL
sW5ivh96XQdBrab8/zDQiYm+IRiCb6o9QpRGyaESqJLMAD3/GMMoSQ8S5wM5dGHIwyjmA31tklBK
Kbz28BIreXbtkLjIygwR0sqCzyo/U0S7EMqYw+9wPKcWTEmeHXH9VUonfkRQ+IUJ2flNpX9iaU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Pending Pings\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QgjtTehcnFFwDTYtFQLVgYi6MSuaH/PTOLkxEphVQ8OkoY3cpCyHS4o7T667UJK3vJY6SS2fteVKM
cBr0xVtZr0QUCQMTicJxSkM4WzWOdc1BLi/WF+U8L0/N2FBGNxgnaNReUbg4wTq/kU1EjPNhOZ5i
kPxhV8kU/f9lJnWqpUR28vlK/l+MC+SM+Y4hOrNB63A+R9MgKKt0R1CVRHONh8iGytiWXmGbyabD
I7sL7iRSJYa9uH8tOIVhFgoLYz7eKuvof1TswETGSNP9QCPl55A11knAZg+IS9vwYgWlrmaSh8VX
AdVEFoLmvGXfdwhf+cPMcQO6e6LTqzCL3r/uRYVHVTLR3FtMPlYq6Qzmdl8REMX/GmCLf7S/OBh6
lyopi2+VvfAF4e/RHvhXKwV1+sZkU3rvZQJzUPHAitkUEOiYhQM1fh27tv3GBF/kLvB70+GQ5KAE
Clwfzgb3qQ3fC8EX9QxDzp0cpRDqeIxqeEm06d30kl77JENMhlQIEl92VWFnTBlbnmSdQR3V2WeR
Lf0IUZRfcdkzqj2EKI+Nv4tIRywOmZvOfmienibZJYy5SYM6XlCioeo/PmRANH/TBCFac2TpW4tp
dHDoNKiEsgLGfr3pQ2NCuRj2GiHqQi9JFeytwcqi2zdvgxbtRnaX0okJ2GxqJorD4O2YuTuV2Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\bookmarkbackups\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
bKsiIPnYWlhjjZ3Gej9y6ZVvhR4ezcTWI5fGEXFPlIkay1Z0nTCpKE39pj7ohY8KlS63bChbYqZJ3
ocz7YgmiLeyTstGCKe98r/4jwnSIHzMSeclG1QDweiKg/IR+WwqW6uqeXeUnalKp78CK2CLFWo6h
B8hAB33tuxT4G3Bi9LGaBCkpzDyyVOp+yNhzjpdzfAqzeF9ApLMbP76micxpGG4chp7By61PmnJf
vYBD67joLKD37Yc9gGLUaPV2pgsxEBL2jGeTCuCdOMh0EBmCHiN5s27twYMcsqODg7CWjpqZ8oRa
nW2SrVkvsOhTXTnFOFe3h/yGQI8FEhd5ri8wf/79dayHV4/PuluSa1ETJtg0fKJy7LuL8x0HfifI
TwexSmfCE2Sa21hcMz7j4MZeNdxkGuSrhM+RolduMcvMoJR0JriaXuft7BkU1Quo50Bhl6Ea2lWy
vK/iLIg+rezZnp95HFA2ZUuZUX1Mjptlim3JiHYMo0mTQMriEzFyz8p3alnPvDgwEEz9NiNAJt5u
byX+Rf3gvECr4zevxflbGXDMv5T60pUiT95UlRN9H5lm7WIiCO3tMBh3P4+wx3O4jPHPjXn3J8na
M9Yl6/2jiMShKUqlnGrBDqcObm2nTkmZ62CVOMvA+H9LoukLqg9BjZzDCgmgTNwVH4dUm92zUY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\crashes\events\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Vks1TAyjr0KmaW/iQ76Y8CGRhBYr/JxhO55XSStEGe0+x9w+BRgb0OpQ6OdKXwcKP+XyAgCBXFvyb
GRICQRS2VoHhe4njF8s+y/bSaB5hoHalk9RZcM9ltzV3weYkAKTd0eYFI6eOP6xmfr1IOiU+gbr2
G+0HvRNfKBhk01YB8NgSc8/Th9ztZAasS/epiXNj1I8TH2SXq07NEHxkJUURdhlU10X71/eLxdpN
YZh7VmskrI8U0vQWTZev0UMHQCxevsCONhs8xNL7XGgGNcrPDX6H/sVN/xvHJNOeovr/o6djv+wS
mmiQ2XixD+ERmBU4o9ay6t65p3vjDg5izM65kmc7Gnfw+j4Q5GpN/+OAtKwtBDqdBI7AmU03wN+P
6Grpmc+56jLc+11Il2PtuTfbuxXv+V8VM4ccVkUVAQmaOOtt/2bKBdL6HBeXMPqZBi2Y/iGoF97X
7BF0bATqC48Dp7z2ncE3cb5pCYHLdvOErBqWbboLedkYTTieT59+xWHl2vqQtRCmk8ypPlHPUiAt
vfUvlcwcMZKS141OVX45P1EFGZcD4M9FdMW+NhRCV42210aWDtVGJu0VvKT+KpMnwqtYXL5ovV9I
LteXmTclgpnl5fE1kj1nGUk8FlGbvS9IeRbm8sq/oYqyuCA7yELRybX0VliFYOobI78Wa6NngA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Config\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AqGiglcFLx7qDSLj3TaowQgxBtaeTksXQRs1+syEe0KtA+lERcnXCI0k1/fmiUCZLWruPE8sITH6E
tAm99eggt7YC1eTmSppzzI46QOnU9CrsUDL3fksaT7tw8UiiiipbHMVCMC453p8V3/oHHpGBLzbA
9EPO7DWJ1wujGjGoF69ED77Uf/7AZRGMZoYn+mAzpj1XazmfoNlTWN4c+drNR3l+0VDaUGgOCptu
z5S5k3PolDjHwG0C+GZ2kQNeJGI1R3AGQqqzXNlRCCHuLQf+utXhcgQ0IX8PeWPljC00zzanORp0
k53Vbo2XsEd8n1M8HDb5H99/mo898tbLmItQUgA0kBSU5GUNBEvOVU4TDlJZjJDp0gbAaJqcMC3Z
4qzhR3fxHkw0+2jwTsRGK0XW26LprmtE4wwyTpxidYANh054CqJUFkRENOnEkUj8YVkihE7viHSl
c8spd6IP7kAag8ql8CYB5paNUFcH9zl/J7d/pZtGj8raZSq9nyoWauTcECN59jjpo+wxw4466Ull
9hhSdpYhLTbc1+jEJQAYjTrbH/xB22P3OdhaiAFkDXCgqjr8rtCYw/Wvm2j2s3C0aY5oEJR8Wi+P
J1GGp6Et0NJiWu3o/ko3UwNCkZhXWa4OrYzYSSyY9WcRB9yA3yZEAM9Dt7+wUj6bjkdhur+Sq0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TCdcScYYtrYIjsd2C8ZEWDBaTNceP4CbC41eXAB5x+yVpSstUzMKAFFTnsPbz61Td/YcihSsc46yc
JLriLXtirlM0fGM/3rB84WGMLGyWQiKlJcIr2QDZmoB/VPvudVBe915aDKoC8S/ubC3N71iXviPR
QQ0NhOtDjidVQzafs6eADoUUgM/6NEpmw/ro+ctAYn9XRgjESpGcj02Kn1/ZdKLFROqRhHsTS1Tl
Y87saewr+en1fbhYVIMTxGr2L3P25pEhDJkMeZUEUzQUnZc4FOdw6YO5itySfyBX6Zn9sVI57CTv
eg62JR9ahbtyVp8fIaEs8h/t2R2xABzzJc+CtfUWoCfd+4c5KQnWSxQ0+Zkuzn2Goj0MqvDbe2c1
8LpCE9WTM8d/1zFwEwBLLhL6o6+woQdnLpBKCPW5Rf8uKEG+XwO5byG2JYq5qPTV2PZgWAIeilx3
onOfnW4Y0I9WxQ9kjsPjbSbXMXl2GnVkeYr0mghJBwGaIGnQfs4KKaXadRCkgjG19C8uE/Grwway
54oyIcUnIYUw+eRDQWgUJn9xORlfRaQ2CUYSxb+JTXYZgHuGalhmoPATmYjeVPUDVGSZBrthk6MF
gvyYFBJS2axp7RriZOe4SGu9HKmkJeKq/Sldaj3DmskYeQjtgnc97FPWeg6c/086JIbom66g38=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RsG0RqmHUvd38Q7vFOWEivDK/YuDD6fvbvWtfnBdi/JqlWFqDiqaFJ9qaLUx4IRnGv4ihR4MfFi1Y
hMVyUt2zrZc79NfMaOeb/npQZjfhm3mDuAqUTra/gewDwYHf/Ka2bK2MXXedmAkuTy7lie4loOIp
ID23t+4ypZQ0l+xgbabCDcHgtRAMjoX0Ld6TN8jQYQNw8QZB3A83HMSLI7MNDv/6+rm7/pLrwukn
rkE9YS6BZt/PXbVjt/8MFuznYeSfRzjkwwRTMNujes1FuG1eVdN0gzl4KAsyo5QfU7NjzRCQq0cD
MhikHoaRkugbgYfuHX95GwDkaDzQRZeE/h0li7MuF8qx8FHvM0oUVaeMoz5tyCjw91yL0kNZEJYB
ApiVz+wsnWs5knhDRbjBbTJE8LR8lZsREVNg4WDCtI7QM/rCXi5N14nnAEPJHGkVq+054iaweqm3
vWBh/vxYjdd7JXUjrcbUw+/+ie4zWnkkpAclOeABRV/eAESK6lSM4nDehqLFCFvzPdHjdGKLqHJY
bHJROIlCwqKWZ4H3zfYwmvoykGHs4jnxvp+mGZpumBQ/r+oqFj8WrXU74ggtDjY9EAmpJQuoVjyE
ikmKu2nEqOhLIQ37ZaTNCOw16xXNlVgeAfgShHV+BYvtVS59B/L6WzUHhhu5BlS98WcI77ruWI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\crashes\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
XHEN8uVVvfr6Jnn2QMVQPG6RPzf5uPeJo+ce9T2Vqm7rBGYvZBYlDNKnUri3pAf8oB7z9EiGp9HaY
phaqRdaRkhcIo1gDK7id2auhXkE8hp1XD+YC/RD4Amrlk03w8b3WdBcH+Z0ISCI5PSY297kyd9Ei
1YRPAnxGMGWpNEUSqSvMYFT0fDln1N3Rau+Yp2ZvQAYWPaMWoPZJL6wFh8QGaKRmgvbwuAzG0XuO
MtW4RBFebiciUcPSCg4zfeoTzbczxIEqHyCRwgpAsaE4wBDgYmPA5q4BhBajt8Dmfj92ZCxXo1gP
OOjwSTamMi7659FlJI6d7KFNtvuyGbNSqqpP3E+hZ87LAce5b9hveVueVAPkub/dlY6zQmgAYjI4
oOOMWc7XVKuYlVM9dQZZS7VS6I7Xk4jigs/QzOM5L4Jr7WtWiWfOn97X8TMon8kESDvw2RHZbePA
wo12NsLHObC+wkrc54g6gYIY8xMID2rG+s8U2am1svufEDdUGWIhTocaycGCC7dq3ZNRlR7NdM70
KGn7Ihj5dIqiIsu7oKHo5KTo75QYvDaJk2a7ZIu1dvpnEJRHl/Qsb6eHdG7jVesJgNsUnYBfwXYz
pn8WiN7UCO6AGoy1K4lPSKwEsiCJO8cI0xArS3Xx8/q48BPnTd2YQHaffKWou0yURqJ8eyIwUg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\datareporting\archived\2020-07\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JfoinUxiegh4RmQiBztx7o76xpezReYUCiIo/PbNS9iaHNb1tolvh5wnCt5tN23puMEjrxk8o/bBL
juoKdYaj3OiysUOedXw9CT4RERskHeLjHw/DnSqcWcW/5R3YMju0j3ZXnB9TscJUsnNNcnF/JW/h
fC88pDMRJo7rJWPnx9HsdCQpwzPHbuVi6EcHeRbD1f7e8X5m/9W9Q+cGC4FglDQgRDsQLiTZNrN3
sBB2WNsDCYCRgfwYSfcPd5mGBqEun3bh44hMAsJoclKqQ+a27wsJwpCyzsUpQkEBR4ojTpHJ0/iB
smVMcLMlcJX+hXbN28HRzSrAQnI3ZEstm+xf8EHzih6KgrDasl+oSEOGwKPAA7FGyAohdXPU5OQ+
zQLfthyQzSvpgQo7dhAvjmHFTxc2zBlOMymRN5kLVWCvOpabLk0gvIYQ7sXYrTQtPxOE9Vbpcsay
UrdHFh/1eg6UIPalPJ2PbfJTlKexmlVwYJGElL7TVtbTu9ulVR6M7RJW4pA+zp0PIulREpTrWkG6
AVgudZrdmtRwjiciez1p9WwkZyLbw5RJ5cvoAhB+6njiWBXS9Y5vAI/jPor2bHk6HCzLmow7zAjC
lGyaYn9cV4/ew8GLaufbQxBlm77yOvkug7UWOe5o3RuTw7E7iaXaI5PPew/h86I47/Pf9S/W1o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\datareporting\archived\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FcEdeJUSlKtkZkAFaXfrd4/EOQlM5Al6QsZSYOzehrbhzZw3hXNSWBc4T0iSrs/ze9ljSItZrQqjo
XkzRATVwkjD41dDYBEbucxHJbf7VA3E5DCbkFo++J8cROzn9r6ydTG6v3p8SKJ+446My/SwqiTJp
EFGT9wJZCC6RpN9Z4w+gqOmi8BbQFn/HJdTGR6uzoI01GTxxdn/UJS3o33PU6bgow0OPXJ9nsBL0
cKNBwESzgoVz3AYHzh0WjnMbMO+Q7fp8pBxkAjZFPgYVmBruY5p7Oi3EoRJMTxBF65xfhek3Mo8/
BzGC0PeQcaRZ1INQtbzR7M+A971sfKtxesbSTnXjNXVukR7uK8vZISwx1dif7Di6kxA9yjw3iKV7
yDgXoa5WvFSnYzK/t5dGSM/v5uhhCc7hYqQm++THDFevlcKaA7Gq1wihLKg+PYCX88wvXi6icF/F
C7FaSBYI3R3Q+7soXfjXnQnzO9OnF9yX20g+gKXgKoroP92hoERCeJiOllsJmW0yJqF9ZM85N81S
w58e5rynzqbhuIU+04rdW7ojTQ/O9ZtZKvtVwi0oCZXns6rUDPsFISTm40KiIEeZmhv+Gzzz4Jz3
s15f3xZHqUlUOjM3BEdZWkXFosy188Vm4hfijWZaAK1Kz+9yIvRt8yZtypow8iVKSqVVTWc/UA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\datareporting\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
YzKQy7FI0MRsnhvEeASQhpVExoKR3RpD588yFmvh3mRgfVKlN+604+6eZi+fwLRkoUvnOZNzRHgU8
kQwiG2/HnsbMV0uR0rSlVNBkiZ7FUWzmYhY7yoqSKBMc6FSbBKXtAUEO82AdhsJKI61fwyU/jL1/
ki5hUm4fYVMZecqTV/3/Mg93gwwhnkEjZf3iVi6FNuZQ6SUlI+Doj3kMo9NfEKcNqaJyarRv5RaL
QAljWv3r5c3fn0YFM/0eT9isgGSCnLJXOewjBXVV8CgzqnRlDCjSgrIdr1ziB2cTURx6OKMWKOAS
u4RpcT0ebBPoEt3kiwz1bXk1ndlGdix/ozwWCuijp4FdNlVii8X7TSIon7PUr+x2I08+dX+te/BP
1x7FYTFtfRWdKO0XhA5SJlzOxyLTtit9SIa00RSh25xdvo41N8qWenBrLz89LBb4JQtIN1XkBe6X
3UJySTfPkupHRMhy+gj40raOATLX5OwyD+lYOBq9h2+VPMDk02Xg9yoabFKjEd2GTepL09vo5rwp
4bqQm+RF40hBpVMiiJ99Y3T+2Ps4hgv4GOLd0telObP0ts6oEAR1w48bM2sNVgzUV9lZmfsOO/gv
+hdAs+zsLQ8oVHHCxa29PKnec1T59QIx78v9ENAdYGx/kAe76deE2L9EL+sQzbm+DjSdd+fxGw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\extensions\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cBUYQvX/dQgAEJT63QliO5AiTBwlyMsOw8ijBNs4HK+CtYKYf5tC+SSoeWQGOMKxuYw+VsqkvGiMI
vqRfTdfnJFByEbBR2xvP1L3q5vcIEFAY2tRViGT46BBqW9RXMudfnW6PZrPJ3LMbwX+y+zatD8ZA
QYNsDDijQUbbV0zm6QjEWAoPBOHJUTN+X+W8GRtza7yjYngBhL7ZOTPQeqMn+sQpX+kxM0NBUKCe
kAjKih2HmzUBPac/cG413ZwfhxPOI9uVsSX9LeaL7sESg/o8Lvuc/Q8VBnHi2W9YhpW4X5SVTsoM
XwMPhXVqk12B8vY5Dq3vO4GcYDD+Go3kXQCyjvuo8UMXTOIWBAwTUNU8OiKbtNIMtMz/iyRdcTt/
uignuD6T0Mk8HL1UiG8wBtDeBvYq2SCqV05lN5Cth+RoUuyl3xr9Lu4NPmwZRito99KSb6VEKQnS
5eqC6B+qAnveTvj38hfNqWUrkd8+CbaGnyVjQt7tOsru5pOhCDicFgIPhBUd4aye1W3mCVukqzra
s6Xl2hYFVJFrtIOykrANxg6nGQgKoE0w8V3z+AjcmRlA59rIvDgraYhAAxuAyqOw/pBs86kEMjxz
MoajMn3Zh1doVkNKYw4DqRkeoHPPc+1+/01qB3VbciWhXJrBwVtqKtezK3lLlUmyhN1ci+PRxw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\minidumps\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IVuOAY8ltTp0o7ia5Oc+k0NLAjX3Bmg3fnFhDJ9XFPbulS2sL6K4+qlKlzO+fD74s77V2AVP9n5AV
LxyF5dwvsKIJRITA4jL6Pdi4/8by5ZZ6F3Un5oO31F4hxyOhwjIK9v1uT/lBbKBVcmWw1XTb9G2X
D/q9Masj6yYCxslElH1bAmCHMXxlg7olOwpier1Qi9kXTjGw0Kgd92bP5fOjwcScxqnn6ZGkTHsi
VF+WeGEyNtBHrwjsYZ26aLmuaeRop3nM8TpcG4p25/C3UduEk+21nSsnPb16mBT/OASdtkoSB/5U
3SYW2fxAFuJrYi4ull85OKjmGitAa/oGtSlnrCOSVCMIn+9xrn/Ymn74tSap9LiD6FVDsK+stbYh
Zih7UYIVGfQhm7dYIb61PyI9WvdGhfQK3FyZZX2FK+S78byMhwgn6HfJwBrjR4CqndLYhWIlbgNT
yBrTBkx/0HGjkYG904W+w6FIHzRERtnHcysfb5lieEm4qjGHYI3kbkthNCkZZh0m1NPLPJRqpwqy
VWf5k+tU8Hl7HOOZP3J0KvhKuJQRtHjUIFpGQGAhe4TIbakkxfse773LJv2nQRXgC7rciA4YlB1t
HzpTFZ93g82WF7ddMu4pS8AxiisS9RLxeRPHemvOQNMQnVBsVk81hbSytcwB9wOaEBwiQPaUQY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\security_state\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FqrH7VkAvuP6BzWBXWLdDKMfNnbuzcQ+iCNgJIFAoNNnB/X2keltV8aa6DLAwuivtDH9Hg09dhqZO
TJV+15k2DryxqpKDZOGTkPHHJKAyayKg7Z+tjYnpsaZaIvOoRFk/t+YMaO8VtO4qI53SpD1aHi6A
rJUIAnTGJ0PsbLTMqvIV9Alxt82aWDuEXtOGF2bUunX3ASRU9VUrM2uqDF0n3QOLXubBaxiZKdg0
0yI14EejkHyiwjEg2Gj5tbPRzwHEgY45eD3GWmlfHpmXChbepVFKxq+v3JV4C5ewJZTNtztwkjnq
OAyzT/9SkdyYCJO3i9MSnKzeI6XE7MYq2kxLQi862rBYpD+fNlzbnDpzxPHnDxf/Y5y0vDe9vvN1
jyBwhgWlHKPfb26OgyVd+JJdoevUC1wIczSYnW9rXuCGFOSTWDnVfWQnBD7UbGO9O+IXytwpr9DK
vQKCA1M7Ysxqw0HPRVxEif25pM48oXXC0isJKWlxgRdwtCJbq7gfZZVLQDpf1T/LexysZ11/5QNJ
509Ja9l//ERSh2BLNFUBH5PkfLaT5a+hOU/dM2nxBkkT1jDkyczyqZN06WE9aco8mdZ75F3kuORN
TzblPIDtvdfcHoUVzysCx7Mj9L3AK54hXPaDwbpn/R5jFDEDjTXYA3NJCxOwOB4e8uVHazInf8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\sessionstore-backups\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gLsThgvsFwlJb/oA0sjbhDQblRfJzpmopdu5OTVCMWbgEmtgipZe9rP8KoVLTAgEb8943JbYBYIAB
95mLSPcnUl+CpC5w1U6DxBLU0qJq6+fj6K7wO/qVWfPy06b+sIXG4Sf1nKQsKiRKQaj/RU4I299N
t4wBkv/OJd2xe5E/jJI5JDFPeekLePXN473uuxiD6XXYr6d3jlVndX+piTzHRx4212v9TzMHRlrO
5BnVV/FWhsqPte9sl+YnBi4N9SgLId25lipE696g4ELRpq41bhWmYYvvn7pNkwd9dOs139Z2jJ/s
fSU1uazfvr3bZAWs2mQm2moHm98UkMzNhF35TTnDF6hN6leNgnlnf6nE0Mq/UcLpMMFEJvgWbH/X
EVV9Yui1yUan6eN0sZoKs5K2/mOw4w+K0EBDvBGuqQ4tCJXmqa9oHNyf5jG/2ZfEuRGGPm+ERCDp
2nLWJNjtNBiFhlisO/xACsnT5bmcxkAzBQIVPOShR2/uFR6Ecs04IewXidzO0UVv0R3IxyzJ7TkT
3RSswzEBv35r8ILQKDv4cxXYuPoGUmDXK6g5Z660l4h9oL9cxHIYqDmGuhZxXQN9JaZaBC98Stss
7XbvmQUkfW4LcQAob12lMbki3oDa5BtlNNzWWdbq6YbetQIh+Xi2ESUtFmktR2nXdf2z3NER4Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
m76L6zdhqqyzOZp8ozMNQ+h6J5jfx8W3Q0VoYy3+3o3ErykzOOSG3n0ur+w5U/rz0/wIyqHDCaZ+4
UAy8kYf7Oad3uU4g8nqgH7/6Kc+6gYEToFttoBMwUsrlOQmLcnS8fbsoLp6HpINdOs6PFlCwTSmf
QQAboYRGTgeIlW9NaVz4VssUWw7pOjn8opJLVu/yp45I2p0GqQUZbKb7efFXNtALPbMsD2gig/he
+vKQNH1877EkTs6HEibTkxMk+kejmAUZtpDqUt8AJ1MJdUs4aK4QSHibQ2zj6eCFpJSltjZIvcx9
AfuD+mHOr4pWt/rM3BWp924lWdlTppqM5PtjdZs1sr1BjO7IPNABrlKyvpHX4KsTy7f/2QQ/l8vm
7HOuQTBnrAGUF2eg/k2S0zssVnCcrZjfT2gW0MTbeF5poiogECi1Zehs6op8ZipfFiwchRr8g/Y1
rtELR9iUtpQTZNzW0BKodbSx+N5nNDF1jKgaX4t2bXQSVRsmN1zZmOyYg1Moj1GcuVJ9BCPd1BvP
vEUL/2COJ6xEXHA/a7N76o1DknZF5p09yrAwlEkLLacBGLzg3TXcLqB5yEYymDU3JqdMbTR0WxfZ
eZuHfUFoIoeHw+8ryn7IytGzBq9BOXA5Fpc73T33X5zZ7feSEsqxrIy649F1P9XD+TlLPEKXBE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cCr+dx0zzeiFiUnMWmh16q/Xx519ASwH+Ku7Q9CBpxsFyj4LYpNRfwVck5Z4gLAu8e989cSipydkR
70PvqLcmyyCuJjsfGTmoT+3dkEG2tuy44hRU35q9JlG/YByyK++Ay2g41nHB6X8+P+bBcMAr34L5
5/9sANwohDkiUGkZIS95QsAurwyIXLCUzSV86eZJ+KzGWTKWr2VoANsfUE8V0HgdZ4Xter3Nr/vO
BePy1QCj3Kte8issv2RzAN9Hv4euDv0JjPnCNpX7fzMZwcrklUl5alfT7DdIex9c3taW0t3mtr3i
lkoxBIY9KlLO69Ubsq20TzD033lLxzXcj1/KmIkhVJgWW/fNt8TA0gm22sEsqrQRZwGnk0mQvh1N
JzMddJlFT3dtA9sia4xhD5jZ8iwZWVqDbK2h2tN6Znwp5SprcM+cX4tx+RZSJFW5J99+yKTjZ9oQ
JfwndtGNKWDwa9RiMMyVOmKNJhTiUVynIkzSwnmZKGr+U5YdGlQ9swhsMHS5jj9yBBHQPt8EBc0I
7Psq0hxowb2qHBacPp0JaY7r+3T225sOzk8nhJqnJWMm+Yld6AW0p9rGFzn+vXYOKCwU5MHGkpeY
0hX+FnFp53Ub6J+wGwbb0R5XAkBQMLPKT+bSbd2ms0MHDNkTRMCDwYvOiU87YW0dTCkrZOepck=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\moz-extension+++355a24d0-6cfc-4451-9595-11d186f69ab7^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VbJAvBfWpBSSZc0RsjCxMAKdhiB0YYHuknydurHCh6b8aC966eIosJ1mVqd4q7XrNA1m+UwA8FztO
uTqjNhou6Gg0neXqBrlR2ncfTBY+IbipdXd6jJmX/53JBJr9NonbEYM9PViYzYx6QUwOpJD+fcKn
RQUTN6y706tmy5d93kRLzVSLBxhzjELBo4uhrD2v7zH2PJJ4af9F+hr8EdsaWlj/QcclAMXClFFy
ADKlUQTn+b2lK0EPluoRDs8B1AiPaIGdEDHRbCBahrEBP/eDCbhwnY+/zMAhgTvvbZjm/B7QFOy9
pIi1K9pihm6eAczh75GS5YGDG5/1lSrHXsktlXW188H2CWiNWGj9M2KwT592TxUc9wF0loNc6wtR
W60HcKiiF1dNXfzr/JXH984am+aWLMkyZLEgVd30Db331P6vctp0oPckboAK+CojgTXjVMbXjcWf
Mug9vUKKQcNkZ3IkIVTSFjrgX7N9TLahhnjsOMHUU2ue49L4W1K0fEyXzEmOC8GQYP2XDYRf9v3j
Du3YjI/5tBWsPUpkznPWCeVCveaJV6oxtELKZvrn2MjUPjy3JZ1G+Qawb7RUOEcnWb/x8O99ZYid
p4CmuFASb+DJGw935x0R274nN9leRBXdWB4/t6rNEpIMCpW4qSS0IJGyQwCFO6U7sKj8k9kJxQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\moz-extension+++355a24d0-6cfc-4451-9595-11d186f69ab7^userContextId=4294967295\idb\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ENeNDjw6Qiz2Yfb1ad4IFYx6B7sL2TDdKSTO5p+rssDnsX2IDiJPxHgtz7IPytCQJ0YbbaEDf9yv1
LC7HYwnVuHWhNRCHqeAVD3EzZW7LwPyqbd1nwuLQPbve/Nx/v/hWeze7RKmwfCBTVVjcudimjGJ3
/ujaagJD1CD3CNPyNCaKgunTPBIBDTGy0VE/kdLl/jMyF78fFQ7/NotUqfi1216vnsCq/jrQOwiy
xwlcMFg9VqqsoD7VdKFM9//7zNNeS2mKBJTP/I5+VKJtjhTJ75tZoEQfvcmjG5pTpQdvyXwnLoJ7
c+cJNMeKjrD0uCdxtuo5CIzj3iUfeaetLwGGVsbvqP2nsfK+pOQKxkO/OR6pRg47Iu5zw/R0dIXk
OJDd/qYiAYp8hadvfyuORFYwKRPJP9LjPKUcjLJmwkpjyyhyK7rBR5X3ug8EoGdL12cDPDHuJSI0
ck7I97a8n/Ipqwwp5GdP+zAgzfJ9QjW9iXJhGrvsDLoNH7HRSNNFr8xryajr539cx5qg4NYfYz4F
EuFh/WkGjWbsdqNsmvb97ebK4J6caVfwxmKa0+w5BqcdSf/OTMDoxIPVLwCNDcua+SbYacg5Rk3R
kJ+n/luY+PAmo4TqqfZ25dvAxiTalvM7pAdZX95DbVy5cGRpqYfHvZ1rQIbgz//IFGq8ysDRcM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\moz-extension+++355a24d0-6cfc-4451-9595-11d186f69ab7^userContextId=4294967295\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZQVVjL81A5KZsUuzLsyBPBdkqb/b9LaZuzzkoiLO2iw/27XpGFIk9VXLokbMzOMKpDe1k74IYRziu
PvVzxYeqmX/GHLi96qdxL8AJatqzirRPsURh6YAlYAxWYu9wNN9Q/dHDx2eS3scv9tibPs6WaroS
PumffjD9tkFW+uXIz/hnFKCspiTYMFZThgH/s3yrsiGbZOGHVJSgEvUmnXUGudExW4pyRAVxD6uy
jM2+EyDXL6GYMSJh++ZtPi2E7lOvXC3Mo2LIL1vlP2Sx3uGr/k88eXmnw6utPP8zBHSqCH8kkE71
dt0S2bR6dQWYu02DsRSW98iTe/Xc/GS0oz1yeNtiBJzvo4KAYpzBkLc3MipYiJlg3+2pChr3WUE7
73T2tEgGRI+cza0YRdGIpHK63wvwcLRy0cWQgJ0IwarBpuUjJswvr/ShS1LDM6W3nOEf6wmkwyVJ
FKhM8BSGeorHPp46JnfTDv1ZOCBSwE4boY3FjYrVRDiH0EU+Ep/t0R7kOfC2UmX4azW8njRx9nt0
9KPnT9Wy0ZxFkNYlweryVad+Tq7KEjEOIjg66GYw8f/8Hj8HQJIZrGI+TMkcAsqbDdRkhukbkQmf
pgszSEdm2cF8gjz8+2B7+IEFNZR0pMroPsY5KNWgA3GplnjkFGNFuXcpXTnD1IkFcv7/jmI+Io=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\default\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
V0Vp1shsvR98dJdXxMLjV7PLHKj/jaZe4wu+D3/vobt/2P5SblAaeZR+bfdzpL7JDQRTM4vqTAtjg
ojl+MJ0I5u/ztQ/+uA4mWUsgTzN6jphDFLvfy0686vzhZcp8d7NJiY4RJ4hOswi+ulDo7hAEm37X
Ox7EQfC3gUjIZ8iFujRXEf+h9CJF9GmggCh/Wh3tI+18yV+8oIqwfAP58ARXH5UrfUpBH5LhJCXo
EPUsmOU6Ls+3FVnZq9u1cvO27MOkdao1F6NNpDiLmeoOA+yUFf2vTPKTVppGaIHi79YnwKHA7LOg
VTbtwspbN6NsjNdK0O+BbNAKrS7KWKkk7nB7v60SzzPhpaodGkWKwvf8J7rCqqylOOKeVjDWEpaf
SzkBtMgCGBF2csC7WPo7HWul1U8mEHHcUp3NU7t7jst5NEc4jl53GRcMxD3en7RcoC0X1ALyEarC
RAHWTQNb2fzsDG9dCHaH/r42pPBJQvMH+suBOF5XM+5mNQ6pTfUUCXWZENs5w4r3OVwYz9Y3PtFh
ebrQdJBFZVfAZan7oOeqzEBYtcH48agilUQec0AxU6P5ELzFVM2SD9VY5RgISdplNWnJEOMeJCc1
52ESvpswBZgX/ucNM4YDBD3ix4NI/ADHytS5Th/IJ4lDkP56CxjXdwKv4sbAVVJaCTiVO+yZo8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Px6pOYoht7XehxLZB4ndVhDawqpk9kpWPGTWOlCSDSn62eCsLVw4q/HRrwgOLet6XwByUdTNAKsOO
y3AaitlV6jpwkHQQ2Hqvz1sAGR98J7fmi2X/FDqldb4X30EcoG1FKHxHqkHNxhFBDLVkkg0UfQ+Y
kbs0rypFIv0kbN1EcywQnMOlED1F2AMI4hiBJI1nnQ/mNfCCsNrpeTQ5j97x6qdQmf03FdKJ5qpp
VimWJ1JRxyUoUAY5LkK5BHw7PWs/y//Ec479+7ZT+QcsF9r8ScAykDqgcfv0wvyddgwcD+6ZqzBl
E7yV7m+yqsAaZfWOejeihQnCo9hh8PvegUYi5FRRKYf6y0scPN/rtU5OJD/Oded2cEEjrYLUNfaJ
Roep2LHmrNTa3MWi0Qkvu8FAk9QG7Uolg1KJ9hvwHxozm5iiCPuffjy0rRCwMM91MwQ1kNrsozo5
slDvG+lAVz1hxQyn6t+yAecYMy5+BAlyoqFU0H+Gd2wxiKQR6Apvi2119Y8EaUqZJg32blJ8qseJ
xPx2mysJd1Quhbmas3uIjV/rLvnZ5KR6lWtSL1TksMV+ScT1XFrdANsNYTuQ0VyaqWeX5+C2ucWt
Q5zsr3JKXvoi9XgO9TsAENQAMPzX/eczl92pfDzQLMrp0IJY5r795f6bfA1fz+WeR8NPRaosXk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VdHwbBadx+bPmWTu+SfJXrE0xBBLSjGkJ5IyyGs+dDE6x9zhT7iXPkb3nBvb14adHUTjqvVvjMDQ0
IXaKEHIEQ8RpOcPp0xL76ELHFTG8I3PVfZBTrW/LxrsvxDO36Gtcu9FawnZlcG+hoBn3vFRHDTCm
JvTgtqDt5esP9NAHXOBx1cuteJj+C3uujpC5q1SGKwpRbglOuoQDCyHp4bUtWK/5eZY81zhJ6g8r
YCvaFMMxPEca7qgKhuKeHLiRTcpoipBQOoNOnVsZNO2ovV133EFcPVx92l/C+7wUck2gg3ICV+/q
QlD6DoxNPCrlbEbAdkMhcOXEPHQ5m6tMXZVWija7mnrp5FAiubGiLtqaSdEiVy7mlXOAzflxB+MC
SROKr69l4ByBYT7/bpXblIgL5oIVcUw3vV7GmBil9e+OSHdb5B513fKrSHrTMS4HG0hnJsnFGFOM
9H60JA3WdC/MP9Aspmy7oi3fg6CbkaHYmwxGAJj/w+bROiqEDm7ZSW+y12EnGqdBE0nqYD2MyWi4
z8eU10CCWaeROlQSW6c1qo38At61jmAVQr1xmNxZOi+7NoIBRXZSGkISbPdmxhXkiZ/gFRmU6Dox
5ToZtONHp/fiIWXrPdKK0c7/M0cDRJePF5vG6AggyeCg8Hrpskg0XOTWbr/FveI7RZYDjQzMj8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\All Users\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OjhGbOT517e8lcKZSpXYRPAqrg9uumS3P4zJvJF0dVbJG7NMsYq6VEwGJ2uJRhJXYc00Q3FQiX31h
AAZ/FEF627kusQC7SrpqeEq/Vw3qxFrKlImjfPorS5K3iAC16kHvhGgi1kVB8d9u/3UuDjGz1eR8
CXcrrOYEkyAxKDf35lWfYMU4A7Kgcp/9jtyktTJU96N1UGkCTDCr+FIH9EMsao7pWT/ttAFlsus4
VwWy6JMO/BElE4+0RHOU+G+xZK32BSGqhG621T0fPbNrGcGTA2PdS8A9fuMXQxunyedlSBclnU+x
aer3e0btfqsCHhcTPNVgXDEL2RkGGkAtznS/j+WJxRio0X9p0b03obOe1t6iojzyR0ifQmzMJb0e
8qehxPeM1sFj5E0w4QR3w/HJukN0FMkWtoJwtqb8E1lenn84V1x83uTTCqlc8Bb33tI8NBVlWYRC
apo2ecfM+QS/EfEOgyrDLDXc/rL6jPvStnQTJ7ib6tmb+HBRtM4jJ1fyCBUR9cNC0Awep3YOfqiR
0o9mGzAeiYIaysb0zHgvZf6hWk7v2S8jpIvqVszMFQX41HvnYKfTPDnDavf1F69IOBO5sOWAgMMt
Ixa+NpKRb62+6bFd0v3zKLUhBkrWN7VfJD6i/5aIT7RvX/1j/leyum2DsUOS1lvxMpysGm1NxY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\MSOCache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gU7AI5tWpJdmN8pLTlmNXJhKyGStB2swO2Ov/STxpiS776Z8ApTvhIawmDzdK+SifR8iM/TBseF8a
FFKYBrVbI/saD6X1lISqqKlC/cB2fSRIL6CE6FIw8Wm1Vd3gT1BNaRFAiXOSp0qTozxN6fQytyj8
Ua6gufwmY1HAB8qJTTyxfw38DIjt/A+Jx4fYYWbh0ZWCQDtpjTRukm6a75qfoH1W+XHv/YqF/L20
STG7eEc8TTuY2ROuKO45d9hyjOxA0YBXQxSVFolLwiUylTmJUOY2VAS0+0R0O0GFztyD/pNG9sNa
/Qru72JcCupkw8mnRrmJLRgDREIa03LSP0DGYM/qSgkGxv3pRxWCsxCVYhkQjjwjz6pPfhu6GV8N
eqW7ayvOK7Ju00YR6YahMuScIDPaBQ5oCe8JX1Wfnoc1VpiGZ3yH/SSs2U5TSWgZ/rVP/wr+WT9/
UsZ3EHnxd0OtLqZ+B1/wjTSV8fWVjxyr3OUtoXD/EYnOrxqQMYhwAMc0Lu+R042No0FvvPlBUjv2
eNRZM6PjzPM85yVdLfjB6P4IY8NRKewpQ+7dYzz1ZdlC/8gan6dO8PGXkx9D4ySydYn5lMjmJS2M
2TnygxyhxwSyUe5KDQOnp8AbMv0qEv3O6xARKDYOzFNtT7wJUutV0lMIODyvmIxg0pxsoNYLeg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
l0/Zf1NawadnAsaYStH+XcxNC8V4A3q/3XSefDB5JDwo9YIO2Prs8k2VquU1oh46Bx5LEBUaKpDfp
HSHZz0hTWlqLJ3L644m+XnmkTHxt4DoFHsBQSmANKmnydCkYcZ1Kc+VIOzkmKPFNI0Rha1DdDZfA
jnHHdydG82NFsK1qU3Dfw/L0PeH2jzbVk2AgNZuayzr6UeWjdahUr9ozDl3VqxZK+qhf7X8MrJJZ
QrQY9Chce0/0OkJo3bI56x2cZZPsuBoSNuUCUvvih5pkby3hD4mWaeoHaZHOa3LiSCxuvQ2gbcgx
KSnqhQnfa11LMaPWoo+Ul5JMopA0jzhVRx5YI4jvjdV06mm9UmB7GTiv+CtvRoBgqtmmjGj+KFXu
Byd+EME/8WQAmUAvCPct7lfVZ76deuWHQ9HDagCKYCHL9qAAl5IHfqFIF00eY88RJEwDNVJ+pl6j
N2Jg2nDktjRf67ao1rKdf2VbVbWgyWatrtcuCM8x9pV61I9LcZmIYVsMdnSIQ+mg7ZrftKNqI+f/
JWlEUSS8TbrFlkU0vm+N7Lzt0yV6Yvy8AzQJ0FPRctYb5O2WEHYZpGuclNu2Ca9/SmoF2WbajZEU
B1PCD2OEFuDTmX06wWFY1GT4TqfTGN1OtilBE6niw2qQs3xn4lMCEanaVFkIwwp9Yxsj8OeobM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Z86wC9itV+9RTtz+T7mmf2sYSKVZl3OL2jtRBHsE+HF/145DwXJOr9yM+0wTHtfY3GlcY8eJXXA+k
hLm9lIfy1O0thxWjaerhiRUxYVaqxjbK9ZIyyUXqo/4ONGYKcGVbP7RzXrVnz9nbWZGpoF0e+dZk
8icDUOCtE0ZsysemxzlB3GbpQP9yVR6rF/QONUUs99gtgLkT7Hs2+Oi5TzQNDens2fw9VNCSAvnS
mk9nf5MHQR5OKMzXfGPydNiOk+XBFVp9XGgjLxP2nUvZ2yX0OIsfGVfMHFjN0b9wKoBzn0UGgIyo
c/Gh/czTISd9GYj0ZzoWtgjVwrdXtrfP/CmiA3flFMMldX3IcM61ZZlfNMlHpDHXkkVnRVdnoWrL
N0niYrmJj2BaN6FxwUWfyozW0yek4xGHsWYMAoVhs45/z7mSOLwyHFq9fP2hS8NmShAHtgkFQkVk
MzL/HfcMrxYaDynxX7cLh0FbciWre2J797kVuvvYcm85Expo4ej4bbDzUu6jle9IJqjhi/Smx5BQ
3XwHuAp7GlRFz5l8Da/Qv1wnpQVLCMsdvVjgwoqlusjIoa+091WTylxuNdrnp2radL9tknNa7GAr
qGB+1lQojEtJLovG1LI+/YBU6g16om9rxZgcsv9w6U/tUSV72UqqCiCLzloLVIElDVDh+srIXo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c+hBcsTHtNylgmJTw94cA5FKJjR/15b9YyhFo6HinFVk0xbIyTpuWuH8GobYS6nubjb8/53+DF387
U4b/rMboKc7Q7COS7pclgs+lfkyZxegPr8i/GBmV4J/DARcK/v2ArWP/DNxxm3bke43tzmcwJtU9
E2kotA/AxBP3qiVPzISMBpkcVYzALp/E4ierOLr7ot8Zde6BlGLdS6GtGoAA80t9IRC0Q7vLkKnH
scgKx4GvpmzVZ7dFMUCbJgpMVl6u8NR2TXzSRpP/kZh2SK9PIPZpM5gg3JDjIp+RAnAI9U3Zhye+
d0iEvCMUZBrqeUBzCxgGqRT8zfYgIfiyBxed1YHolI9/nNkuP3jkh7yYOf7Mi2vTAyWRRZOs7u/W
OAPfXeeorBm3PzVCZYoeCQe3EfnNHLkNJIEgM1T9qyTsCK5etiPAmqOIp6dONQk8gFMSZ3fUbxBm
u4l7PkQAHI7MCnH8xp1fcRRzyzNjZVRdADZQymHUBtOCJWuzTgQlo9je9/psNOe/OgCHDxDdcBQ1
co05YiyJsY6Je+dugQwAdoAoPd5w1yLALXp0Z1Lr9pbECBIvtAUnhWHIsP0aXVdYpEpHLXR+BFd+
80Pi1ZAOvCGAQEYlzSHXhbsBmLfNTGeEjdi543AaKqXrFwJo1uK4Bfm0Y5vo4LaG62/kBKw4wg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jqPA4hh6+1oiK90hKifKGhxsztqWeF/Pji/1S+fEMqb7uzCi4/1h3ituM0Hv8qgPeMS3isW2Ret1y
57oE2bCh+MbKL18QbNWbZVOFlmkC0fEESGqiH9pbCNHbkLksMhQWDixX0Y0AS2CQ4xL+gxiG/rNY
1ENRwTMUV89Ej/Ro0Vb6uenTwm6vVhlo5YBe1cdR2DjGO97Qdkxdgt74QHLOFMLZLlBIR/XSSA4V
7l5BfsW0LMNUb+uNGdvh1kxshu7wFah1uiQcA2IA8paVly6rjU9j+fWKAtHoIGfq8tSILlnrKDI8
mFl3x4CDF+mbKcKzWoprzUwJQfHcNbPpR/fVKoYu3P46EDSCCBfAlMThHc6CsKLsHonQGVeysvfH
j+RdoDQFFAkFDgN3u5ksU3FI4SzVl18MyLYn84ryLOZNyQ/3dvf6REQ19Ljopu4yXQrlf7dC6TuK
MUusFMN9cfREFzwklImahzPRo+6jZQrJ2UHLrlJ32M5Zh1Dr7MKSuFrVEbi7R4ja1pA8s/JcxyRR
nTekZ4bAwgdBABXXw+8QmgRrLEd3jqURRK7Dduh3pXAxNW+u0kb5Vj//FKTVhWTh1MQY4SSQYsS4
9c5xlolO4yJrnLRPvVPwB7YHbETI60BFCL1f4SUCfY7sltbP7RmhoKnR6ZG7F2SQgNZagyMW3M=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Applications\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c1M1zNMi2dqGH0sSTjWohWciRPLWSTkbZXcyLYl7QP0BWsSK27DvlqDQUMItty25OQ5ld6KXRKLct
LErD9pPg18qkxnsjqkj67a7CshEtZiTx8hLP4vpAx/gRW3fN7alw5LO0VfxG1Zw5qf2q4X2A9cKc
KO5y2umCoD1/KiGM5y3t+hhrd5YlYNGCvSryvtVXjnQDMjL8iZSGvbfIiL2CChOSzyyq+o2SIHxT
C5i1K8BSCnP1KOw9q4p4KL4NdJ9xHAKk6sJT+FuyfPL+90u757CB+oek6eEncskZKpN20a8u4TH0
fomKM/GNaWVqgWQGKmyjVli9WrLcpthGLjiUOEIxjgLTSUF20+8G7biMk3bJ25G4FdNN6eeXILzd
Re0i2WpoTyZydrE35eLYNUbrPtp1yLhzFX0skUjMAxjRTtQdfmO+uSopErk5Ii9rCh9hTdCE2hWA
VLeUC1EV+uaiwRoqdwtMWvbfphXA88oGrhjcXWlzC9VYJjRx+dcr/taTSzBd14gigwA0TfMu5PY7
sADeJHlP5uo03ghyiMQ0fQqKkKGmn6BGKyh7nKE/RZN8EdddF1wk8qBc8+A/FuXMrffYSbhy6JHS
ia/IhP3eqADFd2R0KBeE10eSUk0t5q6SvvfVozqJV6PxvY2fFYeAG5X1H3XHr02cRdNsfo4yaM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\Temp\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GjYG168jFafk6AbG4AwXtr2YOy3tFR83HVRhORHV4aXprpYTOpz9G7a8fmcpkWA7ALQjZKBBLDPtG
0qEdrOYUlP15aJf8lzisxrvkxyMmWO46ox1Lx5h3yAl7RMblLdgzUk1qBIcFpxcOZky94/5c/s6m
rRYy59rkPT/IuAUfP6pXokcdzMEb+Aa48YI5mnDB3Pk/iP3VN0Wul989b9WiCj+CjRMA3adsy3BQ
Tcq9wtaeX/EdFTnI6BDydNjRUeD+E4nrkgJpMFX5y/3PD5NnvNpimdEkhfjJW/dG6Y502PC/3zFs
lzwjDq82aEHQNcJzY5Zq8m0Zfz7tKJewKBqn24C2ofec5unBMJquF/ztY8v710rqE8NwtoYQSz6J
IWIwsXQI5GCCHJbNWMVUqO8zimwAR40rtp2yF5oryBR2GAXBUCX88eoWW4qzCztz28tYAZgnjMsN
RlF55hHBePFYmpU7L1MMwqgVZXQSoTLzKD6hT5Ka9jPV0am7d8KO5rpManb/88MObk7rwiLtV7NM
+YzSVUV+G4wXbvJykvsR4lgEaoHDXBlJAXKJ7NoWd1sHbzWfYfpU+OD72zylVxR94vacvg+agIhr
026aznX7aZbWirox2i3udtGrLgFHzDGWCmxKLuevS5Ll23H8ne3gZ7cAm8NsiM1iH5kVEvnIao=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\Data\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aRdBPpetsWougNctb4EBmvZoQ1SgLuvwKP/Bi20hkSgQ3/IRBCn0GkolwRmubPkTiwngZ6UadXRZ3
w93e1M5aN499Ka1s/gk+eeP2yx3ZHdOjsGFuOA4d2R1QXzFmXLLm5/uitBfaKf/+etZQkPB4mRpe
6tBiabgSbZeyXmtq7DNt8t86we3lWkfUql2jcyTKFGHkBGI3XozCuRWQduJkN2dNkdW3LHX3dpGN
gJtjhnCTOwpvNcnyEuVsKBkLBWwUEXhxecxqiSXLpUJ8Jj5Mg3MNiL+7YftODVtkt2augQzpB/T9
4XuItb4wq4R8X15ltchzQZdDRno8srFa0k3unV0e5BxT5dehNQ2K4Jo9RJQIbJi+4r660NjVr2k2
/JbvJrqDOQkEY/t6ytDfeLTvNK4xcetOsQN6FLafc/jtpVoNUm+WAfWsqUf/YSrq3fhJDKlhXP3J
BeJn/iGPAIrCdskoncLyCkoMPqCHSQITmIt3KnInNxX5oKz3uMY9SD6M66znqq+Bx+zUhPRqKUWz
M3Pdf84BjqdMuPXle7wZnr/c4AfRUcRibhFkfmqj2brWOEeT9KwErW+PIOxXR/Ssexte8SCrSEpD
eHgtvizYngSZRSwI2A2DGuZNbsj9GtXSfhMOo5BXdkTR2IywMzx6pwPdxXdXzHGGNnldOubFb0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Search\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hxSmPrbwbdwSy9ZscRb7sn357RJaREikqPYfTj5E8SHh1hQRxAIEumReetdE1RNPWsy4L05JbgBai
1tl4KMNzl+L1x+zoAPTr2hph3TICIw7N+uF0emSqCqtTIZMo/CgWq4wWe6+RCofqmGo2cVmI6v/A
ghf+Avcf3amfWyT7Yfh5p23x+AGgZgZD3W364VaZnkWqx5VGqy1UxbuSOgZwuCYp7/RDbIcOlstM
DP5ijMV/fuLdMfsKobSoE+HP+6pYkYek2dmPyhLKr1FEz8hgHXVOsnE23p+YGM44kCpuWEDEEf86
NPOEw3Fn3ZTdKaWs4W2YO9Lo5KicvImf5jazDmcodk4ZhiT3+ahcMQDniypXIgSEx2+Gnkqr7p/Z
BbNNymjONQTKmsYyL+NfZVo3GotQqDGJPwL8yb79yhauHIbr+fJCJQ4zVnnUOv9GCkLDJe9MQfWj
K/xlN9AOrfBacgx3YWm+8mSnyzW6olzXfjNM3IhK6pwVa5SrXbMFsmGyyjI/qvqAQZ4FRUhpw3eL
XtfNZmtuAw7P8Wl5vnvgbWd+DicTvoYmB4uEzndl2d5NG0Z6LdcV6NPmwx3GMRuYvVz+/EKgj7bV
flJ5vZ97W8lZ7CVITpXcroIUl7DCHUf/An0LJ8jFlzpFi9+ntH09o65otkY3IHLTyIvX4PboQM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UJ23ThvcvzYsHx8iAfkrc+ce30P3jjjk5/yJ5o4ChuMkJh57ngUZSXqtbX7pvPQ212CWXmkQjAagH
8kaU1xxKNQysB1bWbD2coVkxILzN0Maaxv65vHQ6YKthZcD0zIUfNY025jkdc2qdKyRbaDWjCv88
pCodjEyUuPiCa0eNaBZZVxWXmlmjckQfxN/67x9h34Hdu0JlqwKR5eO7dTFR8YxuMdfC7of+FR3V
SBNZZsdL2lg2sngZb15hi5iojFRnz/f3TSwooVZX62h90/apyQiKo0PJXlQAXoyMVxWrN5fDwrcN
WnJC9gmQWevHF445SQWt1hIzcuN6J9Yq1eEoFcTUhndr3RUKJCjNkR5xVv78dN5rUrryoxRgX1hM
FqHeN4hB6kYa7dNMqs5OTG86D2ENxOa7upGJCpS47Wrsv5h3YH/1DgOMirKDPXYmlo4rMm6R3AwU
Z7koSb2WIChPzDpO3YvE3b4N645JGlJUxslVIXfwznb+M7fKahYJfgVj8xq0MIR5sDrXHOBjHbb0
558T3sJwQQcjbl4usMRWHrHPUOU3gNfv+U6wAnHZ7mZck7xMGah/LJpfnUydaYMho1MBSBGb+CZd
g//8wF6IxP2ZRv/76eFxyCUke7rhnbeESmXFvvn/1aVrfaeboQztI8+m4K5ArQNbMv0GKTizgc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
k7BW4JdUygGElhi4PIm5fdhFu6mpJzA5f8taEdVA0ec6DT00tKf4yGIjnzUJz4ukClvidvihc9BVK
4RfPmVAnn8oSswyym7owNJzhz2C0+Ia67tfNEepESFY/npASvjKgIh9G5sMrA5fFhSQ4AaHkLffm
iRYmmALGi6P9JujsU+FFkgOHTHAlW9R3FQ8okkP8HaLD/TMMxc2naNw/EJnuWZgkQZjdTO+tHic6
YqskILbaYunc+TS8nSitgF7RWcmzHeTRP9+f3mh0ysYma+OmcJasoAAIm027ZUnLpg0aiCOXAxbK
aIrDl7EY2eXqAWvA4xXUpwxK4v+jObf88n6/+kiDJEWHc7qkCvoEfe2DbuylFbh4vNl0CZDtS+Di
bsU583OLeN7i9f/tK7DyHcQ1yZ8miEowrei0tveCIwcu5+jYWVHRDbq7qXsJqYVkDmqS9rGyk7t7
A5HvFj4QAWc8TG9ZBO1U7djT26O+ztCA0FO648oa7AXHG0d2eBHrBchWijpwCLRvM4+A9dkEYQZj
J8UZzO4BIsFWWcuOZC4L9lunUrnlO1RUKJDS8Bh6J7zEPv7cAxy6biCDfBI4/HQXgpnDd5yHkA0+
1fEB4HlT4mtyaFrfOC5uSrn7wqJkf6dNLYZ6KKvMfuW0CjJNsiXJS70Wk+IRvnOP0DpUO8mbCE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Vvt8ZiWNKijwaeQUYyGKaoh+On2lXXXMVENTfEERS52wHv4inordN/9XQ+BGqGHdGbhMfrNwHQ5Sn
stHj8pj9B+x/fwEUMx3uXiYYc9P1MzPwbpDVCvOgdf+2eA40vFiUN7fKjt92DkcZ1CU1MxctTDil
pMWaIs2byCS+jb4Bscy07lTxnNIjj5OO22pS0M5QS/BMesgu3YhEIPtUzyQUvTwZO4iSbWzE49l9
D3Srxk4t3O7RHFOH/03BUg7LGfBHJ2LO7IEYSIlu51BnHWKC/yfiJdFs1qTRK9EHwx2WqKD3cPlw
RlZ24qzxBM6Kxq+xM9LoFQ5wgtG3xon5s//dLyYHvMH2k9TnugydEywvyZYpfWVF0lyysLcGBC1D
3TMs2vysQ1FFFeDZfviNVb2gezjurJgkhKlWlP4Zw7zNkkxBSuRI8kq3cA6lajtSLCFQdonMSPDA
lzDkWs4TEgcuev88JzdWkOhi6p63gEkV3ObQYTQl2VruSsZ4WzwFn4giAft1lkAfojLVcNeeMx4y
K1BvQ2De82rxUVxHw3iGR1hjJkdW+sWIZR0C/b+M3ka0qfGrVJ3DVNabdpzJx2dcAbarUpDxjaDS
UZYLcCOaZxAJfs4/cJZL3IQc5m/OPPRLfXTSUekzK+uUHZbgiWLcL+E+UFKmP0CHiMWCDRWctM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jTu5UAmmCZg+V/6kC1V/UnDRnoTv6Q7t0VC2TThj8PDK41d6hm30Eid48i9fDXnKZ8DSpD55iDvZ4
fgzTv/BD201dx7edenX8Af84vSWck3EOkV3krRvIAMu/MfivpmEtxZJIHNs4S8v2O8nS1XNyrv+Q
vd+amDY31//+BiFp0FGyKjI/o34KPw7dDYo1j48XGmHiqOG40pbjZXwdlLt116Lr2F8InT4QeeHG
dLUhPkK7Fq0pWa5y7CMfpu+T9TgjvDx4hXVOz9EEyGd1XHOA9yl3329bkqVBxjK0x3JDCG8dq7d4
+fYrYzUKop+TLffUs5Tn1DroQraJ3Vi9tK+POqGhgrmRxxaNYrMEiOOVpY/eVcdBd/CgOFtJ7YzP
PATrdani0QOsYwYwb+WHh1J0EvjPY+x+Zio2dnSsC/aIgnzdb1Bg0Lv7gZXvIlJqJaQQ3AoZA1lz
TW076ssvzCjft3cmah6/08hgdeirXcdR/bKKEzOmoSIbULjHHkhTJFYHJ4x/EaVDYmfJlpTML2OO
uDeh9CKp5PRSuIiSPiqdgJxnCDm6iDIFSW18CMvjuClEmppfCKcChinBqHg9t7ni5A5D6JuZMF1K
kCSK4IbaU1R6j/12GcjtIC93WjI4A78Z89tdWYcn/HSh5DL6OqC+JlXfzlqd99YWG5z+n09DlE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JD4ylbnu4wmJgrhiOPu2we2dl6TlfyUPo5VJ4NSZtwvz9yTwSt5BHO4nnjZjOVXgqMXsYG3Uwx0wa
/jbqMda3IfesVqaPOPvGK5aoYAVt2ec/ESNFGCSVZh6OCsUMZ9eROmriPRz1rajC34SvSPBAEXTN
O6AXgvKdBSn9ROYTGySozBSd4xVZWetwjYz3DxHFhnYz9mpb6o8ON4HEtlpPA/aymmYyjqbd/wcx
ksSbpfRM83IPDPX9sPa0GxVpTIMnnJiww6Cg08SEjZJbCsLDqvIrXuiGgNr00pw7tsQoV2N9Y10O
R0xA4er2aaG1UtdAcx77NXdJH5mobUgTzdOpjiWKXG3ESpZBcKZj33UeoR/SkQhgT5UFNMe8L+F8
EBYtRwb2tctOVTee6+qZ5tbUEvuOqKpq07kit+zUT1OJabnqJep/lp7g2CM8/XgVWnI/hkRX9Qr0
Xy1ShTlRNEBPFB+byHQ1YbTn6L8/A+L6fz1on8P0qNxR3dDz+EB3czjycxm/be+AEANUuzEpQ+Z+
0U+HMzL/JlOtDsxkZn5nDBimIu+JShvyyN96dG/RIWiopOd7Z5qNOhGIXP+SfVmY+kOyBXxwtWY5
FMX2TM0MbpMbrZ0ZrwOw+aGyr3PDhca7ONkUjUFL0G9jGyMPo2oXNsgEj4Y0a+TiYqGV4snJrQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
boubCf5j81QVC6jvZ5M1iwmte9Hkpx9RBRsFcTTuBy/OPaTyxcR4gv1jR0v+3YF2nxjvWvwIhBprY
gdLG4WSSbo340dp9spbU7IaRwi2mVT4yFt3gFTwA834SWqinyt203totFsVFAsFFU04AGp3JTqPh
QN3XCmJoW8snBaYVVINQ+rsCd6zzH5dB92nFuM+D6dYGHxr4PL/ePuq8W8dOVlE25XpjjldpBGji
zt19pN6QgrS+p2xEPsE4mq6+2DJFgZD4HxCyd0L+LhYWLwmYFSMBAMcDPgUmIOJMXPEXMxyNgkfB
DWXbGFJDIT06EFjP/HxUa2DzDKanmk4O3zg/G48Cptr+6884FHC/K3vb2GdUFr1e2EvF7SOWaAmc
h01W9Tsz/oFP81DCamp1ukAG1bzm2yE4KQ/F7BgPsFc+74MDzUZ4QHyN3T/ZjUFV1bVS8/Vcmx4F
3wxyyy5Nx0a07a8hphuWUtCgRbcoE6TnSJa74U/jVEBvLf/V3Ra5oyAfSn05hPCttt5kE0JNcDDc
m7xbxddzpI3v5BQ4KmtB/N4qbhN+QoBXX8S+drUDQJKi0XMQxm+er1E6i6zkNhlAvU81YvuXkVGV
WFbYdkJdutYG/ha4LIg8CStwU/+V71kU+teIY4C/0Axas7kimcwNVOoGI4VWj1QCoo0RGVt1LI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\idb\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
k18rv9Op5lqKzQlOtRWjb8PXxb2k6oUPkTzsVkIf3DKE2K9uOtoaMuV5var7J8nsIC6Vdr3sTDh8n
gQ56ITpGWtZ39NkywicnM/ThaoBPGyryCio3EbP+w9wjIfbIgqjcXWtWRbhNeQp/bab7jPuh7gMy
vGuqoG7z5H3IaVwIgsxlsSruuhXJoxAfhrdkLE3SzHqRc005dkx84lMDixkY8rl8H1aZPNX7CKiw
PxbSjP44TzBrNsKriW0MU7j16hMe2RbRAzZyS4Y0ZKsRecZI8UhXuaH6sbSTV0XEjHVv7WeKQte+
o9z36QiK889LviyfxRYBMlcA9Sospuf51C7c6PxobyjR3gT8l3dDKj6j3WDl+4CRGpu8/GhypfR9
ks1i58djXYM4p+wEcZ4AJOhOq+YD0LWL+DFiweCupncjJ9+gNLKfELYljcDZyzC9x1s1hf65Q/dQ
8U3na9HPspwSb8nNi1L2Jd8vVpfWWjyAgmqHsMrxzV7JlzkMqaWEklKk3ROfF8ryr/gKBH86Aro2
t8SBJdcwv8xkhY8aks6un43+c6ypARKycOuXybyaCtfOeT2slZ5LGlV7LFvoKU09cAXp23vCEyqh
BeSLcV6aoH44OOu2ypZXY/Tf2dOOvMaJUUkwLWw4x5AL21AwwJA3cTuDGLiM+tIsujzwjlA5uA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\chrome\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JJNyJS51R6QWBqULhgiViEtvDUlAv3Dl4mTuHsAMncsFffsylUapm4RBp+Poae20DRPfxpL4pGUl0
dkInLwf3ow2tSDquIiGhA8XoWbfaUrh5w+xAKyaJwmNwjaC9s7IKFy8K50G7lHwBq2N+DyKXHyXc
xX50ckCGQ3YR1CDZO0scOsVtV9l9C1dsx+IacL9GkouHpszZ+424cVKg/P/40vzrzqO+1/uEIsQm
2TrQQ0h/9ypUqgzjEtvj1HObf8c8ehqYHyFKn4p1CiseP0tDI8qLpBv1L00DA9i8ltzZ473xS01R
+jfwYHlErRafP4yym2SjQY6nl8Ovhv0BDlHCl1PusKmzRP2HBvzfppZOBBwcSHIsS9cJXVEh6L4V
o4QrzUkqJMdYeIPbR2svYJriKCy+6TwQpsTSwpFZsNmFbJWkyQ3ps0fCU64Ifb2Vs2MvUrfd9/nT
FYwJBNj2QMiS0ejX5baJAC8urSF+7XBxut4XlX+JuvnDVkAxmT0pkWPXZEfBpalZRPGTj620jZJQ
sN6v/ClH1z0aiVT4sdacBH0g4dsXNvPmnmrqO3++PgtjhPM9MbXG/dEmvoZzoHJT4cHdyKDmI3UE
ZTSV1h0xVqWGjE3URtYeSBHGTUSI5J9jITUhuGz8nfrP6Q16Ol1WOLBbt/vzSzg9/xCYIlUigY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\permanent\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
U608Qrk01qL8puLmgMZoAzf5hLZgGwByINSYBX/o1At8x1KyNvuKMnYehLNGeOx9dWLwJ5H+ADL7j
S7BqpC7Rfr53sLHcEBIhInacBVNrWN58+jROCZA/c0mPK/4q55nx/gF8Ca03pYSQ5VdjnJD/dLq1
oiAz7F7D6E6jhml4LtnoPxU5Rht6tEOJDzPt/mwjTLAfyuuluj2g5qJy0qMGhIB3TPptwTMY5cHy
SwREa0hOj+b+rQWmMy/uen4cRrRjWa4wuyxoYGevcEM6ZW/Jvtm9mN5WXxr9Pa2d4woVrsM1ncLB
RNBF0SG2RFL6OblES/kcfwYAZ6ANYP8et/Z80VEI+ItYzXhUPvyv8bL1HnEhCfmYvzY8SGiICuv+
fH9H22jKyeic/71sd/KVCKuHAsHMKlR3y/cjPXgwqSpnuK3+M8A9FyZS/KBIRcusLLpUsDra6JHl
7sR/gzheY66+1A//EEvD07gZDl7o2m/BgUqq1jvU4HrYzoF5w2d5TeKNbfFzPRdNUK+PhADRW9+F
exEG6G4zgSfUtNL3LfQlPGLFPF+ITNPBoKnB/kr6ZITQnV8cPcuuU3iOLVGr9XxI//gREMPAG1VH
wU/m6PE6gOPn6/f24viD+r3cQvLuXL+VKtdp1hz5QyztjZ4pIM18YB8inny1gU8QaGLZbhXr0g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\temporary\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
DAi2UFCr38kbE2lhWRzmj+CYTYx4o79evg3AOK1OzQKQdVlvi/ICagetCWjhT/ECYURf44w5i7DGV
WUH9HBXqIW1+ax9I5u2Ojo+qDXCWaIVIxCmdmKFmM4/B+vP6WGSZNtmuS8NZJaMqPA+XlQCJcN0m
GmzwvcssuGXMKem2QE2ahG/PsUz2jUtu37isBCbXfQ9lgQOS7l1hKbKKsZ9IMVZguSACv8P5h0vA
m3lxrcYPTkJGhWRzZv8UWMSGaWbuxgEQGFnCa65R4ShKTFkfBb8o5cmQKKpOpCMKKJJbXlGbQhN/
wN762mrtTgqAK8P5sZqJJtz0dn2tChm2qxqUptouh9CtY7S6xkEYYWxKsSUQU7NPaQbsRR0WT2+D
5pfkHEWkL+fIzF8KKMY/IyidR9ML0upNhD2YamNSKVyquSCIqaeCHVcq5kVksRaSNJILXTIZ9soc
mVhnQ7sVx/3SfUruxUesiR3E5rKqehpDNJ7m02QokfYMACo+pZJXaXimLOKt81taVGzeeuPLMp9G
j9knwMaKq5xMq1Uo8YnAbooklfMiKLVnQ2xqCUTodGXPrONfLp6wiX6X6fu3M3kuMaXpVzP6kbm0
pzsg862Bt05w9jptuBz/66RVgBwpzxuqlY2UuuNELZdnvTUjW3zbRcAQ1MVN5q8JC1Qv7TFkpg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\storage\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RUYuiuu+IU7oGdAPRcFsJ6UWhoh1oFM4Viz+bLKsqOOflnnxy1DAtA22AiFtm1A45bN8dxkdHMuLF
ioXA2EQ1qso7X7kvTGfpz/VEJhc/EZOJwZ32WbESS5avsPJz4AyvVX0ZqYPMq16GRsUynGwvBwHj
jGuGWDunP16e9cH4V+fctmU910v4GRmIMkXw4EL4+VeBjoaZ5I6yVlfpZ0wklvnS/4DToSC5Wt2J
ZT74kfNOshfvBse+HGWwVWeHG+JRwPeWMI6ABBTVmvHxrAZF5fhxcEuit/bR2FORzTslBb6/XHva
33ED2u25MCNRlaLdObGStiqY/+GDAuopzevtyVQD3LSxFrHLEvf8gaw2jJjK4BaxI/Cdip3QrXay
zo0XU47Cxgmxxx4NCdN3OIZWJ53UoTc4WyghXyvtENwNiEzDX6YjTWI0/TVIQ2VMsGotgH1xbmGt
rLptLdgbnZVvzpKxcJXaqildsdezW64zG6Pe8Kp2xU/VM+4dHVPI8kD8Tlz15644/Qv3YdNspiZC
2uZopxK8pmQIQWpNbDEdVseXJH37JMjQyajpEMJpTewEkyBgWG7JT2G1Bs6EP84Tws7mbq17lNlU
NYHEBzt5LzmTV+5Vc6cRywXheG12fSrr5GOt48alo5tpStEmPg43ZipMLmKXPjmOF+JZJVnh2A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ulz21c5.default-release\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
F/1+xAVA8IiPl6TzFmk9+8ZzoB4b/lLvY0Kifcin1Medn8yT53PPul/UyAzl90biuerZ8UmHuReyA
5nSpIrF0p++N8moexArgVTtInOdp6z6hzoN3F9y9Dko487CJLTKhq7d18SonvwYM+STMiX0bJndy
0lVKOrHPO2WWRzuJPxmX+wJ/EAyd5/6DuNAfhOMQaMoZIryJIkx7Zz/ZtxScpDPvnFO3lXL85JuP
a9oP1CAcfazNJ+54PAIn2yLd4/axrHf8Xqgy3hJ2+IrWD3Yh00fMMnwCmszZdGOFOimS7htByMgg
PUajHXXxghX51FhOp8wPXaO/gowd6sbANM85UvyIGlQr+w9TT7xtJriBw1TQM2XXhFHsOVyFWEff
ibljbxeaWYKYfPJXi/ui5rz4BGbk9s8BumCdpTkZXiC8cixL2kdziiSM7TdQ726Yfg5lOzRSjOtp
1JXnxyjQfpDuFFTC4wJd9MrwTNkDZVZ8hR9yl2sOc/7lf5Td6bq65trr+fzPuQRg1B2yVoR9DSi7
yJTgldzoYPF2Y455/KDvo/KBGHOG1kNvmD+FGjuXYZPSl+GRnDgSb1YUNKEdU2j+nvBf7bh0SM9T
5XItSDpMhyxRP6FaOqCI8JgqPOKjiuYolBGHyqHCKzVas74McRUO5XlGpKMFHSyQHr77CjyjGU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zalsryvg.Admin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KfvnRc2K4IBspxm/t/xoISf1DqJWdzBtxh5SvOU2fsSTwRZP5G0CohkoBysH2xoKxJKocAbq+0Hx9
+0QnO+qvF2jkp2psOcOAk8VznFHefbXgo+TbpmODlX1ebqiTe1mf45muFIuJGOiKZCHTuk7e5qIm
rj7KZDGSic+1o4Cg+uOF/h84jZtq+XfxhSWsuARYy7j1J/Kv+W9vhRtB9nsiWq2+O5gmcl10idxI
nEB7jtRIuHfFCRAptGsbntnaa+0u0qGOBolhy9tHHE3ked8eK9jZqL9HCYYn2rAdR+/gmBX+uAmA
oBhD2ebcv3zUPABfnHQJnBUlgaOxBP70Iv3SPRoilHhic/FsO4ude6hlhoMFICBlFLIH8YBK6WnW
9TgJeAb98+LVm9zg7zv1+eA7xpVQ6JQ+0IO71fdZqy9y450C8m5Nvn/3T8xwCGFGJXJHC9irfPWn
I2Yd6QUgpkD99qNONjit6qE1vIA8M9Kj5Y+T1Z/xVhroGAY4/iCbZnXrMrOtvBuBmTvSOU3SkL1v
5mgJm1Lq8xh4Wr5O029vf1pueeYR+09/ecj58eCi+PMaJdCbfGnlNdxbPcO/UPJ8p+xKmB/Oduii
KNzPpzdcxvBciqInf/gDnfTznCINOBiSpMV/uPdyRdDnrpBcUurI6Sla/6qJygm6dMvg7DMboQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QXHbn6yAmt0q1Y9Md21dFm4Hsgs5jdT5XPNfft+a+JfVE6BdurSMoMY5QZQf1/DbTMfzcdlyTNMoa
Wq1veXpOqx/mGg42RVXFBHbsf8MxMLziTm0sR0HBjEXfg4bR02wifs7vEkm+YkUeZE9lVbnoaTxi
q+7MjvcU1gbYfAeX3YzwNMtpFvxti1A5G5TN8J0HuZDM2d5dlQCUWTd/nXvn8TWxbqVoORL1xIOq
W2Z02GdPiUfwEQ0N+zgsJWZsvbq7erEtAJExX43JrUxnPAY/6u0F8c5Oj+Vblvm/MvjplW8E4ctR
eiHM1Cy2XQmDAyY4AVecIg8TvsdIqoAXqwWi3tnfM1ZmxJRXkGMqXCZg7tUY26OPw+6K+EdE8JT9
C4HWpMTogTJJGcMbUloB5MgpXpFvrreYJ0VUZaL3y7QoiWdHMloGJ0dX0KSGvcFTfFNiv6ll6Zhs
4SS9mJvED7SgBXAkCTmuFaAskfJcNrsC+UO+3y+qBx05dQ5NcbYS95SZ0fyn3fvBAW83yAkhp03H
UqGBNC32n5PmZkZsFzQo+Y7bi5UPjiyUzB+6bTtttVsJ35Lk+zmZO1sty1iXwgWO1ZGhcojF1u0G
D3ScAvhjQgwzVU4iIC2w3u9dP4mO3bOFQEl7Hb59cVJwi346rySS+Aqc2k7CWKyjPpVUWpbaas=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NgRhNwyjIX94aGHl6+r7l+3CVowZBXq2iZMXox+18Avgna7kJOzYJ0hOslBnSV6DRm06ix9Pr5oqU
DM57tnLwoW/HpoU09fh3VK1hUcJ3HC4mnndbOyW+5wuPjuuXW7V4fl4XQOmprCiRTxZdRbSEM9od
0TPNu0odZx0N8d6f6Vy1g8bd8DFphgkGoqNgm5TKn+RcYbhKh8xEi0dnn2enSvalz1v1zCwgPhuj
E+wyT6k6X10JwtThqC4ME5zaxINPW1NlAokEwWgyeYkmZ/9iWF/8LqMPxpE7McResrxp1c0QwkFi
pPsvchpHwR1WWZGwwciapTjpI63C9uCnpigD79rSTRQaVD8xCVNucd/2SwcrbbAk/ity/jlyTQH+
TeeoTB+RZ65sK1WerZGvczXMzSimN/AE9A63aYRGPOFM8fMv4GLbAvKRLVpmgC2r+UKbgfqpvoox
f9oY5Yvcwbw3Q9P/Oq9qqB2E1Ngjk5i/4OTCMgjgZZ01rAMMmmZKLG+TRfl7ZeRdXaN5w47DVj5V
sog2IjdtyPkp5WbArX69iYst2GWNPf/gfNWGoF/85fGDKOmK6yKk3iVI2QTxyYGLuwObenTfCuIw
s7u9W5DtgB9h7Ng6SKT4U8B4KQpjqCWJMnvwQuhcvby+LagGcJzicaCVzQfbvruihQPfsB1was=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\SystemExtensionsDev\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZPzRajCnQ5ryhdVt0TLvVafuGHzI3pfVR1tLXHEMM4tJcmln37qadvX00Wa73wUcG3Pl2i6g5MKcJ
EvNmfYUhC6Iekk6cLrQMY+ZpPjEKose/OC+Zrk7qojwTw/MM8yweRSp+GD7L2u6qF9EZ8WHMDLWS
7NL2v2N0E8WPzf0SshDvW+u42tgHJFGRaxL6kicqHwIhDYD0MOPl9ekNysEtT4AfZra4buF0KSMe
ZMTeFYsWZxlZ7LFRhvRUBo27KUin4TqeKy6o+iuKr91DViISLQf5D/W2xneBAEXAIgPClF1n4NoC
E5phJzIka7oRKtNWMwZ4KsTlh3BaIolorBuwyhdNFn4ny4DMg8C1+7IQIIfiVLRu+QDLF8uXnT7j
axVXEJxMD10ooN8Da1swz5FYKXpGMQSoy9h9/qbbtSrJJo8UsSz011Hi2k7kW+BHags6kNdgql7s
h+04lmN4KRJ4HqMl5tTW+SGUFNYz+oNYPB8LUnyXEaF8mSJ+p/viy07o+0RUE829A7uvNQd41IBJ
vA+hn76NyjF5ts5ZJRQu0XF/nx+vh/DMnhQelk/3/Us/Sp0Pzf2lcNZss/FXcOLQtRe4g4MC2uhE
ckO7n4Vbb4o7LuZco+JRi2LcWvUjmPoxR01YNkQK5VVSIbIgW/eF16z6MOHppCuZi7vvnhc/ms=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\Mozilla\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hTRHeGrdyDD14kdA9uvvxU3lgGNFZuBfPg5vMZ0SFKirwzg7ofEsdCjCvvFJ9bkhGF9/oocPQtfLI
8jyAYFFQOgtNrCgG+vPIU4igInay7WjaX2J1BrMJbRF31L/FTj1R3vT2sDxASUHW64yZGuHdkhKD
FVI9Yd2A11WuLmVU7WizQdLl3ZwDaV617Xgccpbxf6Tv8z6e4f+4GjHBaSEzobHAO1lTfvXSevke
4WyXLSkIBhtNM9HyVAMpB7ogCK3/4IXC8k6hxzMn+DQduszBUzi2lm34AQvuKhehQGPk1X1UzmLA
BPfYffvP3CLvNqGKKgVyHVOFfwyL17YSmdG+WlUqCUHA0Fee7hz1PFTNygeIFRtvDk6NZuUURGPr
vTpWg+QKaGj8Qj8hWTP/21FILf5JYeGYsysucyAIwa1Uu4Xvp4M2YIZh1NT1Wx4nrhjfjRUHUtvr
i0UGQGu0Uz1hY/CSQrERHi8R8WHBKTh07yaTNiYF0EBcHRJ7Y0FoaxBYcAiGFSwmFqzgxrTdLn3T
Nt/SXNUbnx+kdmBSbpBSEoslStYmL4OUn/etDMwlwOjMzoY1Mofzdsc/ZYcYSB4vN2xOrdQ3c9uL
PRTDhgbZN3xlSjvEouBooXvc6vDASgEGdhTluY6u8qYR4Cprzftq1y1dit+ZT4e8BU1WzK94m8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\Roaming\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
dRbApiiu7bwgPh+zDjJoYlTghVUc9t2UVzUZp+ThEu+n9vyD2sGwV9tBUx2jQPFs5SEwi3H9wZjrg
vQgu3f5+wzXgN8ZavmgMSQ2f+OpAuRBscLYHl/3HxQ1bUTNLngyE3uJ3vJFvjTIuR8yJQUC2UjXu
12jN4u/RENnYeZkb9qqSm0au8vUBvBj4E21TN3AyCk718w6TgewmT3hsu3xieZlbV8TiybJUgUgt
L73iFGj/4zvJVkard+v1qGMURjVRxseqt+fzAYtHcAneuGaDgrAGEvVN9rJYdpiuxo5I67vuDaf1
3NwMfzizlM+4Gn+Wu28JxvGpDSyjCO7I4S4rQPlfTDXI0VpFzj/JVclNuLiEgb71zxqXskYs1xMN
M0PoWuh7KaPsUDUo40Ei9jQdfbB/ijz9VNUsIDYnvc3LSyUrec9FmMZzS+5cAWZ9PqL9hlvqNSa+
C/M1ZoJQqCIhH2UUI3QXzmSiogri1GCLXU6bqL+WRXYIIeTQgz277BpbgmK3/OqWJwUt2rDBW236
ykN1j88EAXI/RiR8qs5ddEeUIdFg5x+bUXcyfZ+Wsgbl6Oo6lvTABdFC0/PvnXDdrDo6ixpd0pBn
o8W6ZHbhy4csVBaaAvLrV50/YUT4uAAIDGEnuf9ctEyN7DCC/glCEZZfVNIGvy0ggXIubhQsi8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\jdk1.7.0_80_x64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SWW7S8f9VUeKZq1Kdw/pr7f7a9M/Fv5Z6lgpur4chWKEEuLjdhXuZZG+z4rXRr8djMxaJPvob3Djr
a/DLAkOjMyPudtwt/BoWoSd2CaTlIWD+pPgCadP9hN3hq4qA8YEfhdc/L+zZLDQAdQs/uOqQ79IE
lh4ACP2piIUcIElNNU2iM2H/Mvl/vxEytFVblad5DSojcdS1KtsJxPO+uGFyJfqDSB4FaDevlo7v
rDGpMcFTxBeCJd3kIXLKhyU7NRgQizxDbLyetLd+T0qH3lJnJmokHkEom1v1MVMxX5sSys2EKwmR
WSzJcu+ubyiiC8UNy4Lf+UONw/028nAqkuLF7exAUZob+Hjyhx+/Opyl1do4a9l5+r6CiEuaAF9Q
yW73ox+eIoI89tciY7GNyhwnG0MWkc24oCjGEdgwJbYK49hu5EQGd6MbOpRKbKYZRD3wtgNms3t9
K7pjtvnZp08MCj0j9uXK5LlYVh1S07tkQURIpkA4jU2qqEOvGwIu9E435dwpVmYCMXfUmdJRxDoj
XSrrpnFT9/HzQUtXS5G36fIYlI1je7ptx9pY/LBz6tOkoEB0fPIj+o5sF+fbygJ13JwyfWdBA7II
PnidhcYsg73Y2IVJD56IMdfYQs7KkW/HO/rNnBRdpSVlNPn2IYVhHBrWgSh1RN5ZR5jDT2VH+o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\Java\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UB4UeKLYFRF2z36XbHVmafRodSRc9r0WeC2ja88gOSpZjLUEnKQVSkIKEb/Ui3yserzPboPb5OR1J
524L79MXbA8JVIf9EXwnjZZ6ea+ibCo53hJHs6VLV4k+i2LEbuGgRz47FmHo1hJYQ2jc/mDE2Ur8
vQMUAXSBBJAyuaXPyAx2TnwHW20ITEICu4Hup+bqOKY7S9P1+boUGXxi7zmfwf1tBN+HOaKAOwUH
Dv82REVasKy2jaYAatDbd8AJh881tpyEbSIwl0yNuSV6WkoqP/jqtlJqpr+YK8n88wdrSDX6ghlF
yv797HPjrLy+pVLSARxMrtZ6OjRfXYf5M89lxxUwuRpSYBSjkzBcyPr0ASybrHsZ8OpToB65jqV0
2ozmZ5CWUUU+LnE/8aZAprhGXUdeZZgS72rIgugyjwTLpy+PUSAI+3y5aoDxeyZ39UjxUwfD4KcR
Je1rAQGCOdNhL4XVuHdZwzrGh8Gkw4rQVSjgPwhKdkV4nFlHaBbC9Jh/8UoAKnE3koz5t45DgdCU
76ZiBkIRqgzq47A7/3z7Vv/j2Jlmwn2K3uPfb8wcu31fxuyDaLUnnx4p72fVI3KgoZeYjUaYw9Qp
gbGnTBegHo5sYWvoZ9lc+j493NBjstx/Z40xWQk8j+qpivg3TpV8eWLVL/usLB0QEP8GcsMrkc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\Sun\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jvbPCy1t5H0k5hj5IC/JvceJb88lplkP+BmfZpnNIT1ZGQgU4OR200o2SbAsb9AYllBE8xyKOajFT
8TZqeij36iXJcGt5q0DKQ7CZC3UlhV1o+uMISUeepQySdGsVTsoSjkHMoaau0zoBeq4B+7yO5xTU
oK5sqa7vcKZ+qX79njYMLk1aL3QcWi1cR9lROcss/+HtqrG+q/ePd12ZsYOBzU/XFY1FQl/Loh1P
rmfrOCLUwi/Xtf/5MTdH+24zF6+BOdAJjagjO/bAwgl3sq6DUQz8symMyw73aB9LV0X6K+TJfAvE
exuma33xPBmwE5/Tjoh7fIulRKhIIO4uCJUVp+wPqcrOFlZY7z/OpdJlMogOlM2bAZr8DWUpv4Dh
gAvLjvBW7zS6np73bOM7jYKAVc465Ijv4BSzWt667a7d/d2aeiATGW4K4f1apwaRRbSCApDnGvT7
nBkbhfYKytJLMghMV5znbWGeW2sMih587ZufbliikjQ8DT6tXGwOgIpnDQZspGBlQKeFpls/TX6r
8qMVskaP96xm8CjFhV2vXfjXRMJ/JTBsOIdsruAlz2YYi1s+VybZ60mEA4YaqMZfMpM+VPpJt5gt
+lw3zwU3aq2Vo6MH+4SnbKdvlcWpzsoy4LDTIfNajTDwHaa21a+xdS6g9waTAMgPPUUJNScZPI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\LocalLow\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IvCbPhR5IsDQE7PV2G4Vud5DYZS16V+/k3R+xPEwYsRTkzFRQCZYWH9MQrVtMYcB7KylUz+kW4oJQ
9mvVVK53HqsLYh9ic+R8+0AU7HpLsFkrV5Bew7XiMhj7YKrgQGBESxCpErunZPcGWDQ6i1FNEykB
ll7ca8cJwfT6mbr1fZgfcw3+mWaWjxrqRiNjqpF6cQQtZr+15JKkESccVmlhpqe0gS/Zb14oBMLB
7Une0jZiw659d+J1avHg3VPuMgoM0Scav7bRt3Amr8C0tXtBXNSEd89JXISnZplVeEaMkuiOjOY9
sTlCLyph0uRzVUtrbbUiqz4K5xq9gcrK71BzVK5L7XJQHBF3LsyK4GI7W9EVBPUD358YowkzHa1g
uhe/A7uoqrVOn6CtaWDVX98hA7N0Qi5twndzehB6LiI6LqYiNfNlaz33KewF0kaNEc/wzxXaJB7N
Y5HINRJU2p0eJNOuoee28jxeuwnSDkXPEmy8k+AqXWUGLkYtH9oY+4m43zJuUth4ydlA52faLkbX
Dw3nAdXKdX/5s84edVbs/RsK6UF6dv3CCNVYtAXoO+GmulpKGgZoT3KQt73dSV62q7U0g8YhirH3
TP2vPvx91U0Q2HzvHRTE/jZxHagDWCYrMP+4Po0qKMW8PquJhnEYdmzGC6vBEaeQVmPQAmeTu4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\AppData\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
VCaM5yNweso780YJU8J9wL1ecN7uOhDmd6DK10v5WGgihMkxPzBr23mNW7W0wLEQ9oxmESO0HaxD8
+y8A/EF8MmFHZ9rhHE4DMaNiQl0zwGEOSDYIVnsKRzZm38nVIRL2uYOSyzR5LJj+RLRKx55IdCir
YGgYzpr47HmXER6C1VFWm/GzVyXFbc1/YIeIuYbdgBtxLWgyztkzdBL7J5/HTEtKQZ0kZ7r9Jmsq
TYzQMZ38a/vgwwvc+P2Qun5Ihjd2Ej5nraOT5kuLjDAs0RTom3EbPdIqmJODprKUbKUycYDGyhbS
B7Ubgfsb8ffezQTaHCCDSqimr4OVsO+P53lE7tEUmo9ZsrCV30P+6ozy5gC28aJ13Z0YEF4GB8Rj
JEFD9jBjeOI1U2MKwo4t8uqcVBdZgt7tAi8AVAHRnQjKq+HF2T588apBxA0EIwSxcyuDRjw0Ce57
y94uoINThKKeSE/afNS27bnaVbYQNt1czkBSnXh0ZPVdoPTdM9Jpst4dsMlrgNDTKffRegyw7ejS
pAyfz4fkRZnjc/EOvI9HxWAJ/fvZfBISQTb1p4nAr0i50mm12Ebyv5SI2wPL5fr7Xdi4+OC68wpy
/W71vEsrBfxz/FuP5H8AGmB+qN0lxBZxoTNry1YzI1N9WMQfs2gM8sYqo0D0J4QUOV29s0lWj4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\Admin\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hkqovjad0dDOMyVXJAWdVPzDSVz5ITEVrmY5RkW/AayCshUrvuQXLytgQp257Qml6zoEaAuwxSYd1
3QinlHhURe9K3IPm/Ak+EsUd2hc1dxDEhzsNnu5Dn3F0HmkGvYhahHcz+kaxH8jPhTFWcrNtZwKD
vRQEWqJlCGAccdyY0R5VPMhzxjGTOO9fsfYen3EilABhBrC6U92juO5/m89TkGnuXSkAFHH44aIA
//sigzo/fUKkhvjmCwRbMqYBzLvM9wtXuRhCpBglqGLd+XlnT3oG8Mpp4Qw3CowWNDS76sIIR53o
FA4Jct5W4N2CH0kbYQk2beoUvvqr39mHS53LTVG0FtLwFaAIrOnre/sP5559cAqrLtABaUe5dBq3
DZepFLpkPj5zi4xrnzFiti7kAyea58BKjPDi4waMby2A8ryopJUl+P4oD68zrVnJjk0bdrcFmBcp
DaqjTjPmztOm92HVy6gB+jMory7FqIb3iNfgqfOLojP9r5HyGX8jdROB065HuuCEXyzGWtzor2WD
52kEgpBaOz7KcE7pRDcu9h6zohYIvewhntyKDYqrxUpxPgPa4qWxG7UETuJvYKC1+gDzD6y01sF+
oyIk/LOWMefz36kSnDyAP/KEWRO4gF1rXxWB5j8KWR2su2KE+BAts5G1iowzuHyKbdHrMPm2x4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\User Account Pictures\Default Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ITN3qbFprBOYciA2YJWnR3JMT+zEzxjOUBio9XNmq7xWNxo5Js3ezQIH0HrCUfLFwDdWkwlY7Hk3l
hcIenfDuAfbV8D/86D0SA0LXxEfEEtTibiyRUG3Y4uOpiBudQw0ojfY/oAlbmJjI7f4P3bp+bLaJ
ALMQaJgGlCArXrVuYQYtojTbnDyekQOYydtu+fX35jfWe8gD8O0bNFqnI/+fTQSQqK1NfypmmfJt
SF+99ewRBlGvsQmWJ4i8vTK2J5hmdmcM0O/d6utm8zzah+ZK/LkGuCRxmlFyvbd2GeFV0r5kJect
qA/wuxNglJaurSY2iEXXb6BtEqznaLnCSlS2CYgTBLKNC4kVej2/dR3gvQybrD4euNvHOiev6l5e
rsXTh90fHSpGYeY4O2KlddyCROEj8IfFQCDKuuHQqj73PrP2ARUJSV4NQE+X25mzzHyOOxyNZrmD
WECQUQAWWwqWj5Rur2ynZtVz0qSi8LnHWzie3cvxlQrH6jVgeP9SBvmmYgqjjleMIy5AeoN+/kUb
t1rd9lhz8HS1Oz8S0wEdwXUqrhgwzCUXknDKWvxM8uymh6ctGQ2mfjfNE4jm3tOs7ETUeBtPKe6g
UITBvWvHr6DdMehiyKNSwZGrhhit/PdGVjEOfPWpnADxGLRxQ7AQRf5O7ag6anI1ZnH0Vy39pg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\User Account Pictures\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
eR+nQQ45Vbnwht9CXwFdmnOlwbXV5mnX1Ych/SOn7pkKixQf1eE7zSwJV6CYQXsJf+R+ccHQ64PPk
EIFj6ozNQXr34Z5XN/TtL1G7N7cGriwXqAz9daqWEe0RTCSSrLVcMIbyEftxaZzWRjiuCXeB3XMT
FjMJsJ3h7GiDYCIvhko1r3DZFcpaGj+lgO2IwwHCCbf5pK9rygBS8Ovh5JxFNDWLHY478eivyPIN
QqZAhMooK3oLMuA8HYRKeTZgG26fwE857zG+7tnISSxOZ13Qn/XELr3Izdc9tZFvA0i1VKVBK9md
KrGIZhXG91B7TykjsGMD5LUuu3fZPcp9MIZEJceXsnyhweeVu62VXQ9pcd5yKRgkqxXxwZK3QNRP
/kbETnzKDvJ1jL5Mrv/c8+zkGyjeUjK/fQwOyoLjKUho2UXneaMCSLyA0rQ+fi0EIRF6ZNoM25/I
/7JE17HCpKU5/0YqzPchjMRqzDKdUsncnnJTWFnYdtPn+YcIAHOhZR1XfKg0eV8LzZAMByQY/zJF
ppj2f3Kcmm0UGDgKJ3C4DNWX2PiMkBnaHrsp2WPtx2ETdl+gu6Q757Udl2and1GPG4Q8NbPpIU2n
30LZBORb1z7scO4D6C/pQoNMcAKMDjojUBTJgmOin38sv2V/fmeP6J3Sx7F7sxr/GvEwNQJrsM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Vault\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Rbr49Th9ly9zdYFO1AG72x3ByP0xnlbVZt5WEBne3opp7g3ItYevQpKe+c0g0T83W+xDBN9SwiiVD
GDlCACqQ4n6rxP7vjCLhiQysj7IxOTuVEAvSglr4NkifRD74eKfQuZOGvinzLcj+BxypKgZBKSCH
4aa8rMrIdgZlzDDeVdfSFc8VDHACJ5eOACfUGlTtt8L/ux5g3iD9+QD/xx7ZfgmFHKbLJQOkqB7U
vKMGeHyUAhK8Wxy+RQrB+EUlQ3xSIRBxRGbXXKW0ygo8bGAuHo9NwB2Zkm65XrYmCZT3ySXZZe/7
1gEL0bIriVnnXuyuekMOrW6OjiVco8rgrgWt4R3By2sfJneEkLBr17+hlpIn2tAhpmcbCzeUI4Jn
ahUsKGxh5zOZuHqNJksCQdhPWGdGqp3WqOrs6ze2igopcEO9+r0t3EzBgPyXM7SxLZx/7QvPNkXh
ti9L9tD6MSUxNvE3EDWI6u4l1jBM7/N/X0h3PNNje+U2akiKqLYq397Iwaniv0/rbEgSt5davps9
l4f2eLdusf1s6OoGfRIbQ2YA1WDbwzU9eAtYHyPknbpGCwllcTvMey9J+7p3fCH0Xgb8yUf5N9LV
62z9DiklpBnTGJx2y9nQpzznzgAdCF7GmbTakb/UGBRDiANQeprt6Gg724Ps2R/9YAJfw1NZGo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\AIT\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GXrrkMF2TXnVfxubM3fsgzqKY4aCtoqqV6/HrINu+jsQ7Ly1WZiKidSi8ys+T5gq0MYmZ00noKrpe
5xNZqFz+Ahl5SBNExPue9BFpUPUExSb1fLaMUQvFivuXen72Kb9C6oRgZ8OzOxWTpIt4oeIwxZmO
H2XSueehYt9hlCj2yku2edxyeeAvNvhhur9eta4xP9LdatUi41M+VG118eE+gFV4WIrVY65lXEuG
MJPSOY0mOPKxLHQNeZYxNPCeaWDcLqJXXpL+t6kX837AUN7pL1oMFBv9BwwoCSuS8q8rFrqq//wP
iaPvdVJeIMZUr0pEMKb3w9ZA7C1OMn/uGbcTruw3yP8RNLCAW0L+X2v4REKh/9S5NepxplciICpG
BjKoqm5ffnB6GldyTWkGNSeHTqGPMiQWD+zhq8tsKqr+7+pRWrnA7Khuk9yJVzUDsTJgKjHRqtLI
QcElgAZI7TVdfK6WlF7Ngb5rLLY36udmtHXwnAgFimeArzSXjyWkRbtgBvWZS+oY6Y3B1DYbRE0g
p1A35xai4l2ldgWe9+bPCBfzDdQqTtgoctjwPIELKWk0LIVNTafYBdnXuq04Jbf3vtBER+dKXNoV
pPJbtSP4xI0IU/u4kFxfZjne0vkv4SuLH608/FZag94nmWLd69mjKWZYo5AelOGtdYU2TswOPU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Caches\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
N6uc894D6Hh6O0LC5jANpCyUL1kG/SiLxftkSxM6pwuey2H6fxwDjJhlNeB64xb23xXhHfBcWXmaN
jpn73bPRSQwtqwgUqzYkxDuNKIOP3WJmfn6+tUPY7P4kJUVeX8YL6g/mHjgsbXPe40LRUDryEzbT
A/UhbTo1IFJwgMov64+X8gRnZcEq5/Skvwu9ZU4wZXqD0vQ1uPsLdudzz4QWfk+7DeL76O21mj6T
QCpoNSpyFRJkW2LE/kz7+mdhcUsON6eD5APgjKLcS+EUcblhQZFayNwoyA1YyZmZW2KVRXXHG4p1
1YZavDtkvCKakpk+9QW8iGTBMPuVhzLXgOoEJtr/m6hp76hvMMxuiNhuzJZpfPPfc0XCydQ8xqDU
HEMtOwFKF2hP04rn/dZirMmgzTTQGf7nNX4ptbCZun8BYOSaVfAMlskWjfHczIvUemPU+sftcneG
MDri74EpviEiWVa4Q9xn6OR+VAVmtx2NOBU6kmj/7U2Bqs4XRCpfy6vyP62jBH8Xj+UgZpw3a/C4
VJkVyRAfDHISYOCBUbsu/v8jD5tGYDrT3SeYvAqsrf/LmV7tkEjLQ6ex6tP9VJlY5zycbkDUYQKm
jMQgKMghjd4Dctez3+HuWGSiCa8Y2mcQVX23Qg5XC2drVbVdUPuGdxHU8N6AXXA7Vb6mlqP9tA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\DeviceMetadataStore\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cZBs9pNlzgPeFi2dX+c74sRVnIn2nQmXuD4fI8frWm92cnGftSHg9nn5VFGCZS3y9BLEkHBTSG09L
n921lmucuwVV8Lp6BSbGLN9JOlpH9XqVlU0L/8ZZ0/xnyQCMSNNCLGa429Vmgx0qGbBC9LwKCH0e
p5oR+z47e6N+x8smZfCe62bkxuFokwrbEcy6Q26bBC7ShQvXx5GfOywMYe59ZCUc3rlD8akhtBOV
plFdh9m7qn3opm9zMlJq4v45LNqd2fWtBwYMEmnA7avQpZAiAwGKMwQH+3z8CxKZuB9ItxkXIwZ1
sIt9RKxfllOIAIukYRQraEZUgolZbSVr2a0JAdrq3C1/cd1g+skZfWaJ9l1OEArLwS1H45Alhj9H
FlTFJSXJStDMZp/81sb8ZQwrZhHSEMyQ5bcQdY/z4REwGxCkiwG5rnYd8optR1AUQX+AjuDHL1Xw
3JS5KD0o3Pjfawe2goMDUL6QHRBS+hHt9I6ObnewJ/cB+ZpmlLs70zf5f9GS3v++4pRskUlef/Kw
mRApwFNstZZikE4+rTO09b07wVlgLSZBStB5FV2oTfoJ1GAtvGZED+at84Wf9+oZ0unWf3HXeEy3
PYuyFsMCUWkIXNCEwWvdzqFrjkd9iCTVVqUUonNG1RsuMaJFEkx0KyzoGlFlGNNrhB2O+58BYo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\DeviceMetadataStore\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lyn2o7J/HTeteuK/l98/OXO9UXoHyQmrMYPtBHg4F5whWwwzECqo9gJ0brt0EVEtJtFTqRNKDKzjf
FTS1Jd+cKVHZpo19RhPbAfTJP1ac/QNoVJFharbY5sDggqQIPTOnQKYNbmMvdSq2rzTC6/HoBK7+
Z8t3ny8X+MxshzDQWIFYly9kJzo8FPuGP9bcIWMhufMOLSp14jQuJGDCpvxRp1D5G8UYTQYDAmvy
W4Hajp5hxCT7nSPf6e4e62F4OWKFIbmJNnFISHfXuvbspbiPzvicY4//deVnc/IdHVDMXH/kLJun
Ts7OEw/jm6RyWYC/Fg14fBIbfWGcMF33j1wRXuCI/LsmNd/BsJfmAj/Dgnjrpyja72v23nkqzN0D
iOe4oyHeaP+Yy7Oh+Z+FqJqDq2EaW2a6Lnapfp5lrZ/3zrRDDYZK+xFLUjeJL+SkzI2mkTGMbH3c
7SvqMIr5MFsnQNWWyFkG200rExD2NSM/F1XkWCizcdYtQ+p4eniZN8wu/eClcUOS8IoU/lEA/gsh
UB06PM/tCN852cU+phY7DjgScps7K2+I3NcrUPzA4USt33Wkk+9fZJu03S9vZCyHmM180nelyjGM
tXHu/gyEC+OzyRdWd74kyEcwDDea0tc8hu2TLZsyB8unf8mM9n9BNY1qUfBpZBjUq5fl67X2/8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\DRM\Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
bF6JubllXorBPf3fFUNiRKrmQQMoaDAMHNCGvus8KGxhy8NB0Tjk7CKIpjKU2luWdI73KhoU/N8zD
Eib3z/ZLu0f1x/JH3E+xcaxV2hv3dWYHJQVvp2FAjBFx2gwFtE6YSrqUaStCyY8MZ+pnVvnKKHbw
a6kgju9PP95JLkMYWy9T/39f/EKMeycVsiIx1TW2CG/+gcFOXLqUZNcUYVItcGwwl/otMtlHEdGE
JgqAqcWR7NEE7zZPSAE5FHVimxOtRjVthlkj8oM507YoITLUKSEeimaO+yFtdJ7s5VFA9/tVeYDe
UWxci87TVRWfHYH8V46WJUZuZ79y/ShRhHHWxWPs2S1PMlQ3GS+QWEQbc3Z7ggIy4w009y3fprO4
AaoPAGZaUE//NUimqybIhvqzUjjYH86gnqbmWd3RJ/oH0Yu89y9YHbhetoF5O7CiBje96Peu8j9N
jl+sQJwxY77Yb8RaBA5NpRK7D2DQVwhflBHYVFGaG9hQCIEnPJwXU4qOqSm5cmmWFaAhpEbQ7GeJ
uJEcdqppMKLp+D6Ur8soTa5938j/XVyIyIxZs0aFhn+YeJxEvvuN9vzFy+krx0KHYE62eeTbwrn0
dkAM48vgYIlKIP/JmO2Xa7VGb2R541uHV9S+yG7DAYA96RisFf29PbH327E7Stls+e0L2hMxng=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\DRM\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
G4r+NEPhFhQaQZ1g2fIj9FPfF0BBjv7r0+ncJlaTxt1jqsYpAWjRlv8DhJfZMvbf0Ll/WKmfANDc7
Ff8qqFPGn7EUbmzlBTepLdu2vQBfSoMlU1jZVj7RQzX/QhABbklsZDtQ8iDUTeIQgYr4dS0a1SXU
PN9V2vuGb73b+AbY+vQ3qGm5EXjwi8PvnuWDJt4tXrNi1VwcJMJKqgfpSS3/uEBnsesx31g3td2M
EbScgE8QVdHpT0Syp+EqjS2o5Xu4Qw5RmT5yLjifkYL/X4f26Op1TplHM0Gc0j0H3m+YU78lTnrS
ErqJBUFRZ4yMl5lloXSfE8fZWjLFerycpp8/IjykFTcE98g44eVhBXSMV0It83ubm9nnIJJxDRZQ
EeHNnRD4EvmTuJSVUbrVRjJszHAvzXMddGohxrA9v7PpnG1rM4FrRFz12AqKmbmHeuKEF0UUEDT2
YE6imTptsK5FkvvDs/yi0yhhxkmF3a2O0vvvRo+C0r0T1aKWiLdnAMRIkYY4GRmTYY/vxMnaHJb8
iqLbAXvFK5lFpEBZsAB67IXzojJ1XTdj3LIh0tzue3lOjCMY9kVizoxYYpbZzNkz8iE2B03cmeP4
A6UsiK4CQMx0ipHqMcEnU86I2gQ7KH1CAB/yMMpkI50J2h9wZvWeht5n4tdjwLz72MGac7BvDY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\GameExplorer\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Nt4TCvYh1nqkRzCChKaWUwZmUfWMcX8vWagU0Zxl8tHvGJhinftWZq8Ii/W8gWGlB2lkhYBba8VeQ
5yk/5KK2PZDaEKi8fyQHet0zY6CIxeTfY40McY9XPKUQEinV2TJVCaKIazO6AW4a4jO2CD5TMmUL
WmnK9fhlMOJgSwDWiY+PS9NT0phUkAE56oBvzdPriHZOLDA4Z0mMN/4VYZkDFXQKKBL8/PvomWkp
DopVRQE5njOhduhHI2LYiz817gUL25AnziT7JyMmVwN82WDMmvEZ3mTv8gmWupzFQKYMlcJTdGYM
ESzB1iHw9Yn2iMPrp43Hw/nMQM6W6nrwzOACJfisf0oM8v6QFDUcOF7V2yUMDrDIXz4M/ouXx1+Y
1R5+mmFu/dTXDPoP3FQqI9zP/AgqyrtxhE0asCpf0QNdymPpTBvNeyGcscu38l9H29sh/toCmHOq
pteYJ6QIL2N6OZZy143ErjWjhhiveq9T0Yml8k4sK1oXfxhIf/iqHYY5C7xv2FWUd3cykkG+2vRe
oAZrisEiUzqIOZsGjBRfd2mMMxG/4ioF5pYZUSm5GTgkSr6hka80t2ssU/E92JKG7LQw+pob+VyK
E8qRMZuzLfWNpwB7VsYd2Akezekfk+pXmvydK+2lR+te/G+d1FLWl7DroDPDzUJsSD68SQChP0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Power Efficiency Diagnostics\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
X/DKb/St+W0y+yB/xQ8JSluh1hEz0mVfi89nt1GDwhbt2ML4fARcbV7y0aDGplMsqB80Qw3Qb0+vJ
i+E/tD9h6Wh396DS4nxRdDp9697UkGg0Zz4zEXC6/mYxVrcPppyEwFxaJYB336NqKykVxHy9tfI+
tUkSdVvbUIigFeKQ93bhDiTctS61XWm4U87/t1GpHnL0qJ7x+LWoQ1gh5U2ZvKHaaBYYiZJMhzLt
ivIZxDJ+Rf+buH3A/gnDNMDRJLn7F0ZKNTJOmjao5bZ4s+lejYmHb1iSYuTprXwGEYXtWjIFvOIh
4RbKnRrmFDJDwC7C1zfcLI3xAMc2a4pAintTH7Mdqw/9lH7uzfzzKffqKiR2kJQ4gUF7M7MiXzOF
yYpLq+JATuSsoNPr2pV0T95vEicDFpSERGsc4wE55yIsoeZ5KkQMQD60JhHCAQU7yetTWiz5KcwH
Pai99vRkCw8D7dW/ycybUxy1i7H2r2e4T5yynjVbXR11LNEA6q/iPmeTiR+jiu7jlHTERc0XaKEZ
/W6wgweKoCMpYg7ZynYPMnt04LNWUdvo6GrcDHLt6GIpUUxRHJvNtKkAwXK2IwY/oSw6o3xXGSUy
9quLIkkAX0SK98UdFuGH4wpHconhU+bQ7O+jIYlo3NsRyS/IMdei/koo4LDp7HcY16WI/wd2dY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Ringtones\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
fPVtQVLdxBrFdT0aEBd5szkU0CY6o1roVcp4XEu9UnpyR2iNrbAcU7XtoLX4epe1WqIdk3nQYNQrh
92ftOh5Mko2Gbx42CJiWcIMFrv6iTOyVfvUgneg7SfG+PbcpKLw9zhQkSTrXBBHGi8fZhbNF+s88
pq1IOldE8zxmbKa68gFGcErT7fgISSFndliW66XV/GYp+MnO2s+KXbPWNSUfFs5A5l9QkyYsvFu6
rMobrQ6bWD9r5kBaXC6egiR9KfsLtAxoDOEzBuqv8Svu19i8t7pyfII7jNjJ1cxOwHtxL1ToL3Y2
zs+1pOuAnc1h90YyaRSivIO0bwvI1oXu/eLXYSAmNWePxr7+4Hd2YGpzuesa5Xqy0KyCioyGJZpj
8Y46ajtAlhs82ffkF1wLGojovP/SXvJLJ3j9aBi+hgKIBi8IQHdEpwuqkbRzqvEkAoBLjgKi2zcX
UsiwA3C7iQqQpBMzVmCT2q9jzesC49eQc/Cv0Hbazz3I1eNvOIu2mRzolsV/AHAD3Zrb5/2/lkeg
aCYXC3C2rINgRqJ58U+JHO010+dUJ5IZ7ap//9TxFSiBNq22+8tfmvYTVuXaZ70dzcusbe/Qr/pO
YUBDSFv4nLTChkuXZ2oZOjqqNlag6ZkEjAsTSPCmF6natIG3I9C/AdgyalPW8ydfJ7X8to0y4E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Sqm\Manifest\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
k8C4vcmscJodjFNIB5t6ZrZ4+9dGyTnR3zdpeiv/ZbWZuiDN56lz6Whq+kRmTTlQkZlFQyZfgSQmV
R9qNB6ZxZMhanTZH0gFlhS+xo0yeyT/NFLYsDdWIZuGBR3249eGMJhFLH+ja4tCwY/VH50fLqK5+
FOuMqFH3MWhbG5mV8W7KTF4eu7hSHpP038c/Z2Ph2vZSBFmIMjA+rtiDJ5GG/XD4FbRzwbRX7Mfx
2u//QNVQ8yZziHoZpNNde7CGCzHxCwK1s86QOGqsVp8HoRTgICeEmB4SY0bn3x8ySeNFyQ3NLwCz
W2xnKcvW2tNUb0pPKgb2/3yH/90EzBNCUzmP31zkaOLfzREbgdmJa5WlQOSkfA8UH7Y3yQimnDtC
APcQ/vQY0c4oofDwNR0h68DbVmoLSxtW6xurWOmm/5EQzKUWHR6M6ly5oqcX/HeWp/EVoJ9LXcBy
BALCg/4HXvHaIGCQrxMcgr6pvF4YRoP2VHLM7Onw6qhGBY8ArkL5evForfdZm4J6E9V0UnlkME2H
O76+8yDeAW4ZDD4N5tymY9SOjtPEYWffQQ6J0ztXnCYoHwa57ID0g/kMgQwv5t0zbFNJl3gyDhZS
+2C1JxnVpRc+lwtjq2XBO9ufgsj4lr/Hfu1aWpAqMhZuapAK3gvVlcmi+1MkChQZoU1JJGNyxs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Sqm\Sessions\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HSitUs09TIlS7iK3xYiBo6FtHbeLr1arrbrgI7YPzigD5gxL/Ok66pPb4vFBkxO2D/E7l1v6rfEPw
xL416Rwf4V8BMARKDk9R5O4yu8c5uFqnE8kupwsELTqbGUAHur8c9lMOGhkd5uP+cicD6fTBvFgo
0h5xfuGSmf5e7aXF9H3UccsdlEz/xP9SFSFC3T1OuwOduW/5RzM9E3+kC92hvyAGWxK17JiYO07/
xe477cUHpgHI5JtFgRYdIaAO1lyDqvfYonmk0torcINtecK4K5N+74W0hAZibQoaNK+vv31vXQFH
OmIH7SoZz73ZyE5qc1mztVkhnWj64HDKNHMAaObXpL+1GCkcQhih9nKJyNKM/aDAejqTLVR3HiL3
MWxpMftqtImlSvh0y0qqBLf0zxBPA+3YGYsHt22u+EtIbX2iuew0Ua2huK5YBwsOuYrHLZiDbIof
pddsuPZS9C/jnsztka91OFaMU3TS9JoNQozCn4FF0B7rX6T0Nhw2FWJI5NPBxRYSmF5vX3R26mub
H2JOxAaJ3iWgpvu5OaonfzB98x41ImB+m42TbDb+PuJjQrRH3uq1R2sIvms79JGYDLxLknN4Q7D0
AOe456HsCjiN8TvQNOlg/ViOb0Ny6oM7Ccz2vbdfV3qGhR+wqWfS3AMlPBLLSbzM1wd/e77D7Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Sqm\Upload\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MFyfbk4NnO1+ydJVCzh5TDPlScDj+NB9lD/QJ0dEnYU1gw5z0vaneG9ky8DUuX4H3OnIJvgBofh70
59N43XunjaDxgo4xBMeRFJVdyjGyimeCqgGRbxSwz4pkIlcEvX4dEnTGai2iwV5AnSsIdjcc2HCB
2N68i3mKyNCAehZouoX4et5r8lVgxiOiOn1+vQIN+iAvG5FEKcObC6jkOiSrdDpyBDKBx5/dQFvy
lk+6nnmxqpco8cQCkW1njlWm+m5e1tNARL61q0bzBpphWhyBkTQVop1pWj1wvBDg1PwpOUd7UY6Z
ELmcF6BFcWE1trGsuCvlpUoLtj6NrzzH9EbclUTyHU16n2ZkhxxkKc3ll7Z3EBgUGAVj2CiIW2y5
yYHCo+wlBQJIL4M830+cP8l2WwRAMBqEF3XyR22SdRuoQ472RZqUBJ2msRraUzDWZ3EeZ1gjfG2j
KiYVPZG3BS0fEurm32pDKa2Eh9CRVtZLcr0lVQcZZiWtYiQnazfg+DVO27B6CZ/pFdRLR/qOBW4a
Ev7d4JZ4C7SUyb52LX2+0Z+l6Pbif90eYCCt7S+OYyQ5KlJRU1mHX5LeLaSlLvT7eK9DcvbFsmA5
8QtOvz/eufqhT7wS74fNJFiKuheE5Ujp+qHC+IUnVi/UxNWAWXywvX0rQv8bTPf/jAK0r1qEIE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Sqm\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TbAheTJBMUmviEjvgbxecXEQQFKZS3FnI+Fl76HQS6OomsA/CC7FNnNjZD4mcApMnkfxqMf/k0aFL
s1NgR+DCegcRoRAthP3Whrh/qys3wYQFVaACJ/vEoOshA58T6czPRd3e2b872OHk4qaJSXsxtdOQ
kUWYdWyFsKmJTKSBdyNXC3Q72masppa+s7+63foZRtrvraGhmhEt1SCKxFVt0LFuaZYcD4VxFSFV
nockXImKgV+I/VOi1/NgE0lKVHdi3oNfUX8K77XvTI8n9KXnC1BAhDjSMTXZAN/SgYgv+6q/SUaC
8sWO3icenW1JwBV9L4Gx0OQKidr1IhFPpS77zHmIZ2qI6KDTpn3DDTLwPwOrz3qKtfDfSE4v+1l3
jHY8auvLf9O3NxY8XKW21a7o84YgJZw3/KjyfhOFJVAz5pJ2sjcHt2O/doe88pQ/4/6VipQ6Pvbv
gOSN8rGeNMnSDGOfUsZ5mlrF2PrT7Qp+hGW3Hqi0GszTRxOce0CXT/zSEJfMY6py876tGNFvZ2S2
nZ8QtpHVzsXXj8RmXJQs4QmWsrKXvGrXSAgO+fNbSx6MOf8hr+NbRO+e9YukdhlTodQemBFLjL9c
R5wibamyfPvfIQ+JdG7A6tn5aoAxtkGeO3r508ZpH7Y3bHsJfo4dBZZdFqiGtIU4YB4H7z5R+s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OXGsytyBYpksto4gwZmZwtTMZ68FX1V6aM0JoUruvLesPpXkdUn7nx5WaKeyUXDppwI+52p8gXU3K
5njdylx4i6XIs+qPRdU3j6msquZS6t0jA2JnW5O4hR4xBS7AIfz6OTC37HJXOi+NU8GjK0XAoo6T
Ou5up/tIWOB5nRbLNa0Eyc3/Cykk8GhPBdPVYTsQKlOas78w2dNmKQAWPtCwl581W7yY9DqCznRo
+vVJMh/cVuMlpEf16EzAtE7UAvEny+1eLOoNu2XqgIPwnJvmUvHUAmg8u/9pU/bMQs7cD5FxUHJS
HxV/91CXkG+1iczO0F+xAGcFZhgDHTmOXOISzjnt+NMO72IlHp7ibUxI8pgI5k9hn3F7ta7SqYRx
vPzrapl2LfaK5vnFJ6MbIjSdCK42cOSgN7QsaJ3f+oXR7gSojhvjDO0I+gurCWhC5aqrMph6LT+4
Ns8VhkAxznHgVZVJdDXr/x+02oN0pQ/b+S8CNZjI56ZHbmHL+Xd8V4sYvRFJ8U9m/mVbYlH6NTxC
0c8JzmhvtQ/K8scYXjPR2DWq6W4A5iYzoEwwylWTAvHed8fAsyNXTZg8/hFWzljp+ZQUy1HphDQe
SeEQfDXVD3P78Ym2O4sgsDpcPyAOqSARK3DM5JSYszNddBnQzD8LiTHKIkhadO+y4dAAe9antg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_14581a24ae3cd03160d66be822236893de867_cab_048c6d71\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OinMy8NrapnzCnSw0GvmelimnixQLfTXE2HXwkaYQMHDNFEK5RdTXrpppKsqeURPBhK+LDy0ai3Ip
mw8T5VZEZ6047vdGPKIEX3CcueiQA7IeGbjcpeBPl/2hZYEiygIxmDbTpzTcnMw7vBsvnIFXPhSU
1vesSBjoY3ZP8aOkszc9M/4WyVwHYX5pEpTFvprz7il5RRt2/vGVc5rYObRYnqE0NP9bhBnuc7Un
tPRx15MvzjMi9KJZBR+YzT3wChx6LhKilOaNuvQGfCScb1GJgm7s/2qpLcn0i83BpmKLXeSQNCQj
ZK52Z0aLj7uCRWtUMeZfXDvYwq87bmEc7yVOHv2YscdctTyMyfIXXd1ZP2PP2Mc+vqo9aZGEzSXT
BrVO9+9dERF7JcjpvdgphBDlRTS/s01qWDtQawEOgiRcKAu98ukSyk5HIS8eWAY1RUgQxWPd4CEa
y3v+sEu9HT74wrm+lOCsJhvHRY7l2Kf3oiH4ljSyUpiHgRsmmeIOLoou9ErEXiRqbHAESOA8PL1r
gOp4x0OuOPPYDq1xR599RplMJDdZ/6axGwVohmTl/w9piPpk2CmcTqi7dLtawte/e8a5AHGtQOHc
/c+IIdDRqL6Y3cHJsEDNgqTLNpRTCD37ErMFSwj4Eu6qw9cCxDm3rpts1Awa3BQC6r4f3tgWa0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_15ac16619585aa27282df5e4c6acd0916524a313_cab_07d86048\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
cD2Jv8484MOP9pqzp8CZfyuNv68kF7U25J19HV+EdWQItiq0m1V7nusTRKxScTCokFxGOfWu7LnYm
9mCnUUOlGlHUn69pmzebpLsVrRfzjxgJvb9l7Bkry3n0SpMW4hvmHXn5kH8KtjHxR+1rNNh0fpga
Cv+EtlRxc/8kep00h/NNeBpJ0xaCG9VXlR1R40SwEd+hHlfN+xdsUXNBZCuVcZoisez3IAKYM9kH
AE5DCDMcCuREEKeIp1g2aaI/si2ObBAUejbD6YzHVVuDAZRJm5eNHqapqQL6ev5D257Su7F7kso0
WPSKT40zZkvHP+LIYr672QgeNb8tUXBDv7Dab882w7wUFrlggcI80lm1lewX0nwWQAcyvB3b5vFk
zecIB+ZfMa66Xgmbv+vBhO7erFpY2eO/mZhudrGwHUJhrQRvKyStUBaBogvKiVJibNm2b/qFEG7d
y9OIyn/zgl8p4hpWlYUirmkcKfR16ojR15lOl6RhmGGHO8l5ZLX5W7e7PSHvHCq/xKmpxWt9xb47
AjhXFBQyitaM8CeffIsIERl4x2jAIWzn5FspUKeQO1TohEy4mXmlAPw9eLuK6Se5vLb25OI3dqmS
L5U7cpoa2433K+xzCxvICY30zPB1c9kMM8WAIItQBA5gOwZiJ/ujSJXzwKIeqgYpOTcrPbnXr0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_3eb5ea8473594499407cacbd9887e2953d50fd80_cab_05849b45\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Lgska4unegoSOiPybepDQZBz5FCNLRLjTkPW/L53IUbO/lBsaR30nrsZ4lh/766GQ2jUj6CVqEJ51
eKbUuyaRSHe3oAgYbmXsajLgPgZggMwVJYO4ZHuHXp0hM4aDN9cSPrttp8a+y/jmUcSK7mrGlQWR
ZtaGW9ykk/tLMDgagKQbanLjzBjwWB5s8z11ENfDTXhfyE7YZ4mEWUrxudWZpbBxuTqIFzJwMnGo
4lkuYosu2HPsN4xh9e1W/opqAPn4Vnj3htCilazDnd+nviONW6jx5DJccBLwEs2F+m+KRTIWX5rg
FyJ10M7ryR++x+p91Hq7C9xGa4pGlYakCdeh76wPxQNiX/10bgVByJjiOksoDjfOZ0Ia9d0dWpKO
hokRPqbmz+8pT8c0WGR+E7VB96Xkeoep5jrZVL9OP1rLVmcXI3OzI1rG9wJyfauGt1G3wIuT7NoI
mwz8zmhSt9VFAydRl7UCjN/yMwkaEEjutKaXCmfjhHS9bF1ZnQelwF9193gd7OCMlvbkdBVim0yg
HdSDdLMUAKmsmTiPuzyB4HPnqNd3ACDYfrAocTF0L/9tpwKqRzUYhfA/AA9b2I8YcjsEtpBxK4GT
E+30HxSCAi4EyEkBl1QIB5js3Fe8YDdP8LEFucc/f8TJwd2eNyvqO1rmCu83GwN8oI394bx6RQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
QU1+h4XgADii27HB0bUncS95z7Q2EGuJz+9ajV6bXaWB9ZxW6A9dKyW9HKKVSJ0pSRF6HRHQ7YF2h
r/eNiD9K1YCEha3CV8gzlvSXh2gAyo7BMQWGhGcQWY7t/+G3XDqUvNcS2xo7CL2nsmoTO0UQx6eR
uMxyg9D3DO5VXncQWuoQ6NSq9Flg+mMhqxq1F4FUWFK3mid9eTSGFNg1Y4cJJLlOvGkRplWNjftT
Ey2rV/ceVtoEygEVVfFDB7FJ8Pz1wAr2jFA7NSKfTYDIOkLcAvK1m6+nWzsZlhsduYco18gceNE3
vI4VYI9WBbS6R9rqb/r8LEQvocJNhC2+5gQlW6Yv/yllTf7+BsseNNQ+CEEtra+eb0m3kC3+rn95
GpeJM2rGtLIX8xTGPye37riwfq5OI1dWfApwYItwsiKdYa8orbo/YoxdnR7E8DioEn6qKCsSDCjG
JIovSi0xvQqx+Koss2fsJdCx7o8cAisgBGHQvCS5HwV71pWzAG3qVb6Ka1Hg5OuRUfXChoS4x1+k
I69BLr6y6D1KIqxp5if7HqTOh2NpDW2MPW9xYX5gnnT1Z+bDnKT1O7QXPPlHYJx6vQCSKV0ZC93U
bn/tw2MVEU1DOGHH887Qahibd6yTLkNNk+5+75EPgWJQVUPRAb1YVU0Q9RdGIpdNqpzlkTX5ME=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\WER\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WVKbN1Fyp+Dbyk0ZzrrpVy4x9ZeGQwE9pbEgrIqY/iX0S1uxtrVQ/U3eMbZEc8wqYlE4qS7yCsdea
kdlBWlwTfrFo1n+f1GrJcPyIGHXdZwFiXw8xkr9ZuGdpYd7zYPtLFPZ2DSV39am2Zl1fFz26SI0X
C1cOTn3oE3Z3qXCvDXeMO+0PF7FdgKHZZRnj5FOdrDSH2uIuJr9pmsn2Y4ncBTogqdWuZGILaXg7
5eUIfQWVRVkIOst0Zv5CIWI7+FbRyVXQbvwMBgEcLVR94YpSsjPbDkoQYm3/ImIW0JFR3In5G1xu
iemC1maRxvgaR7/JMk82t7HYL4b6vmT9MeOJU4BjLqrpOr/xdM2wFt7DBwNA04lXUDqIT7CA7NGw
cd69u/f8JCVV0iXMnJpYlYeCxFsrGLCBVNZSZjAJ8W4EOpn5WkNTTF1oJ8kGPiEkcyQJOqA6ZhdF
Wfq5IWEnRF5ViWNZuqGoA630DxpBopdYrovmsAdM3vZCSWv459QnptcGMSChQwwQRQLIIinaOYCK
aI2zGRlwyr5idAWy7CUdiT+JxHW9+we2dPC0Ozvjnz71p4ljWICRJpimoCKjkL080lI3qEWEHXeO
zMyT7xdNt/R13Xd/iRzDx+cKZ9JC/F+EFMx8agqXoUq0Ch99kHTlIi9+mAhjjkP16Jh50JogVg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\7-Zip\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
llIP4D5mx0x89oMF3bj9HCY1HElCGPHV8coUcp4Cjvcz5XvvGJfGU47I0VcvDZf9mK3CdKvNMUuXQ
3/V4nljIXo/aq2rSn44XolaofrWfC0k5yRp8acX+Rj6lH4zIJgjEzmtwRPs6tVZ5KadrZBroH7zs
0mwDo7HtwPByqJd0/CwA2t2FxtV9mMBy81u/kShKfvKzl0R12rz2YFAOjbkEAKQlB/IZcT9AwF9j
OQHjnA/SLjI/vM90oUksLMrrgyBZc6G/A9gweUAFFswcKZ3GDsMP8b7Dw0UDvW+vJ39GzSs6x2Ge
j4LFxIWb4fVTRCNgQLZ069VElVssH21p7B0HYV9nwovLzAi0oJYGFktBNr3XeTOeUUUqnEAQU9j8
USyfLZhh3F31xT6aeQgzu6Ag71n6h3Tu/8Sfibv1iyBFDaM4yby4JcPbl5ruKt1/N7uIW+vSkdm0
/fiCqYXEMytq1uZoYq0NOuXRdUwFbVSjlc1Igom1kqV70XWD7aYYjDJd8t0BsyM+NSUPNTxDdhrY
KKHKyCXsFklY+TgdEHS975/f5jjcA16EZZsrPxreT1PLHOBghxoqscdu8k+b+RIluhXCCSzPw5uY
q2Ja8vQFINx2+3x8Vhbk2iXlW5Dy3uV/xDFQ8vcq82LUyA9A8vBlo8qF5flBWF2vs2cfIPjohQ=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Maintenance\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZEMrGnwen60PirN9d7jYYoTXzogyV/yx11dqXYXGGgk2MBjotxyhVC7SShKCbvv5FU9asobIN+7bt
Oz479MnGuAPkqu+/ux6dJRENTkfLh4x2rbC2MVLYdZ79i7qDDab1sE5yI7aSKmiqsLqLQTgZyEuC
r20PQopvz4paK2k/EEOmuvlgnpOlPJlpSjN5CEshiOBsiyYjo1CBBCcYtFPHPci7ZhqwYd39zQf3
5MuQbAVG/qqj0z9LFMd0GOKEbFRWgXebsznIEcRB9gBZgxQkKF7/KtTuPVy2EnLviCge3LEVAplM
si/Y0GfyMQqXYv+sH5GAXQOT8hbti2ou6e8xVtraat68azKiiv3iCKzkLhIL8jAKahcE+qO5tZ8A
jMiFKLa6bqlSlW2jljqjwXaWxEjvMgAXZGQgUycJgUcM3XMDZb+ezkaqUo2D1+vuhQDgTV6Eb762
QV230BMxadYaVco9EO7G4j+3HERCpBekykt4p+OoufOY3sGNyYcahgrKm5y0iEt6Ybn5vwKE6qB2
4P1fnfygM9odM11U40NvDDhR21CWLKKKIeP0EeZYG2W5pyXXsTKQ/4gMUPIu+SDynb0Jo5bJFIR1
781RxNCDK+KEqdbUCmOYj67JK4wwedxlQwi/NhqcWL40c7PJ8LAdYDtOq726oPkcliJ6nK2ImU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\SharePoint\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MQnIWZQ3etCKS8H4BbX39YfdZBIVfF/sQG+dlIg4qeXXcwSAVDDXCuW9WQJVD6NuFQC2hUjKZVfna
KvXFmem1CxuZSs90O7aOZ6DabpAxhlDKFlyBwLB+PxzNl9/b+Sqvnt20GhSQH1vM8PjpOgM7bO04
QQaSoXhX9FSq1Fv14ewHQhHLhvEzgmeI26feycN9ip5diEX9j8SEYfCsl0jtFPeLlGdTUHo6mAM/
QuypfB3o+Yc85cyW2M/hhvO//gdAdRENDlp65z1q0ZZ9yqc18Dd4jgAkcAtL6kvc+fglJRu/rRMB
hzdudPanNkapW9vbtF8QyrEDMDNuaAvql9qvijmROD1ZDZasF82yFFfSzVWbtraGHbgupB2VGp/8
1mOvvb6kk69cuKVeQR6Trc+ZCWN2cZeE9w9G/pEqu0Kdnw4gF6bZAAq2oxyYuia7jb5waEvf8vD9
24OxHzwA2bnC/Zw3shgeGXzBTF04trn4Iskl/hpAKVdaUclRTeMVYGF/bNa3Mot5GbTCXwmz3aRF
XUvOXfrrqk0ep6wNOOsI+52HAPhh+ar/KRa2TQ6SqWmybvBOU3p0m+mrPNzm7NFbUe5rAxVrY89D
nW0F9AWBgiQiSlySxgcTAq+1MnAFCp7DAPDTWADpFfe0UKIm2I4yU0XOncIPuVTM7LdJIgfsFE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Xmkwn+I1UMteNjpBFGhy3DqNvZLENaaj0S35yAJC08w2oHtlGlpWFQ9pig0jPfK2wx+mtSju4M5aw
dzFaaMcFKVjr1c6gKuREZS/c6qQxjKqLV968T5fhSmT71WhYqSkLvbGYofKlgUbSrp/Wj/kBqy1z
jLv/GkXAeGeh6LCZT3sjHH6u4c4Z8ViavKkaGffXreGIiArcD/QUar2ZV6MZFphOiX1MoB8OSmrV
raYN3qiSjsurvmJey6f2ndzfnZ/OWPes7UMFDbNkMtMyq9FpTcghcBDRAXsJTZ/UfS1Qtlo3IK6C
/elkeHntfUkeLMri86wF7/YS0Vi2fTmpCvoaS8ca5jFRcXjH/FqCVtw+gAbej3vlNi/+JCDquxb3
rMEybN6BI/+lNOwmQ3oVI+0Sw1zZI0WavlqY9zA9sChQEOxnTjIWl45iKnPjR95Zk3LTtUld7ZUo
1s+Hz7D0vhQ2SLpWqy71Awf2pW0EhiccWNfqtZxLvfnQJxXZCfA5vNdZF5b2qWk9NkqgCBIzoYb0
4sxHITxDic03vwhaKwFqFSaSCF61mp3H+U3YrUxzXJhBT2u+9/v7+jEch27FYx42VmM/+ywsFxlF
VHfqYYZNvYvwNjwPQFptwl5QA8jwbTrZYE4NqWhDsIgljCAkyJx7nHyoaemABDn9uDwUfgOg1E=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FTJTxQC9NzzHAlS8XH0knOOIpavwwAHVlk93myG0SgcuuuvR7YWrW5ucWfGXOULAAAHx9ZekZd7ZK
gThFAZPu+LI7HPhnJv54IJbfijD2lNRwC+yp7QLveuHf95oErZipN1o7v+Ia8dXr5FQM07rP8lP9
hGvf84L8dznhT0wrnRsQ5njIWuu1METOn66VQpuirf7SjgLOheCIDSh/PwJTYK4fTjItf54ucPUa
urg7cBdeboAGgpvmyTCTqfpssJwqr2PiYrmNgQYzc4ain/0q0Rg3+t51PZS7u/TDb0BELdD8ArEP
EutLOiDxRRA4ky5GbPsNNrow/+AFrxyPfiYMKlPIA7GhDYINq4fSt63zsqHf94qh1NL0JbM6bf0+
otu8uRuGj4iIEq5LU3hfU1JIydxQ5bBQ1ELsQgFK9C+HgB713fnKJpA3jaMEIIE0HaMoWqrP0Hmd
AeBX19pbklGjhDQKMVcQzj4xD9KTlBlKbBcRfJ903yh47b08TXGG7/Vb0ANXaRC36NxK1jlU/eva
eFlE/GQ44hvKykvfG78rb/3vAUKp022aB3QRXHmumA5c3eilknlalmE7k9954aYpupN0aeqsDbtu
jguO8rya95XeGnVVyk8WYpCsDsPOth3dHc8r+8wdMYaz3rMajit55QbJYiwpwCY/4q7U0R0hU8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
EzIXC4+ghYULy7NJlzzOY2PKsxr4iuQrLXBZUEXxy4qI8v+U2MgqrxMJeeT0+cGEpJSvdg6GAvBVl
bLBlKVNSaEy7k8XpCcIE+UPx60SalQMKalJODQRzNK2yVbiPbRlT4eEjoDgK2xaPFcb6F8rn1tVV
E+Xn8s2ZDJYwS4QO+plIEoEdld6A0SNr3QMfIDVXImzEWWRvHTr/i+Z9tVELx5KwZ0JCZiiUjfeu
bZukWxXEZMi7YCpPQTvytsQBk5E1xMTu/uyfd3gKzme08xtk3PUQeOySwTRmevwgyQ52aWZ/45EZ
R3zieYIoniojcg884rSLIzXkWHombx6gsyKDoghgNYA9Pez2DANwIPzK/VGr4jC6HpKSksrnJrdw
CThcutomD9A4f052rYromLPyUQnXL8P3wgKzM+g2NTqq1/6o6NtIOUOV9+Fr/nWX9OhZlbG7InBm
zLIVkUplku6RxZrWsagVKhA6CJ17K0KsMCim2MRfc7x9l5oeCZjM0QwKwZDi5xdv6KmSGP3DluVA
KOWOmCgzdr5yPqUcbGSYwg/B1ckONQbh16wQ/5W1XlACFvEcDKHfiZMVAXaiaYtOQ5Y5CA6TCrqB
Vbux9xNQ9BXXUnZ871D4CASimk+DDOuL7ilkgmGv/BfSqJIjgIO+PmxV1FkxKtk3nFMJHk4rMo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Microsoft Office\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PHnNnPZjSGz7305xR1YCfDocwmONMk36YGYFcdy/87zM7nN524AVAzy1xT8p1HCVeQ2Byr7hJSeZN
NA+VEtUHkR18LWC4BvhKUkPr61uWlJIgrtNI4A8uFFvan9KjReKOkEodf+NRPSrp0cJwuF2KCnU5
rGnh3RkKfhFfjoOMWc3O+2hpSMgzxOnslVT0R7r/hC++qyrk590st9/pxbRMdfA6bP5KXbuMo87b
cSEHi5bM1SuZWkfsuRJgfckV2sKL3DnN7ZEznhb9VoyDydvL7SUX4DSLfXZ/Bf5WHS0f7rzm3OJN
XCNF0/P0Z4UuF9xuv7pEz/Q/XHCPFaoFBQZDQUJNspB3qdCJ7W6tj1pEhSjB2N1h2mwcpjKXpb/M
O9w6J8rYrFifGoNvBIGTPdWXnQpmcMIK9GUmD0TP4TRZl6dqWz8XmFhZNswhLT8vDrBdEHu2XQFW
UzKO1IKOFvryd/I0r6gucqC/9+wDxheSonWtB4Trz8xbil1QThFk2Z33z4AYWG4eziSK4gVRrK/O
knRsbi5ChUJnXRV47Gp39mMl8FUHylEyjPyvHMFT329N9bwHhKYuaRiiy7WkXdoIYbk1e1kzv2KT
spibMCIErQmbrCF59GiylpSyPgyQ2pCuqNAaYgXpAdT2pEytwSqqHY/zGdJ0O8mbv0PAJBYjTI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VideoLAN\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FEu7YjJy82rjUfxzTp4Uzv52sB2j+uHM2WUUGndmkVRHXUsCS3jUgbTYmAA6ajAnMVgJMMSHM36uX
HR8IvkoK7J1SaFgOIl5d6okMKAv78oHyjwRUqr77J80wg4EltXCqWTi2ZDxpO5tNV0c9r9OJ7FWi
2LUmTWBXZYL4YHJqgumUsrITF/nO4Il4ATuHa0oOeiRCPMQWc13dRlo31Md+QslAcseKeQxHyiqC
peN58p1lCg17/w8YzYlB3jIGIFYSzPEEVcfRQLOqutbGwcPiyAObwWiZdXS4vhUd034GKS2iwOAK
o3xChLm6C9txAmj60DGjtEUA2wLxqtj4cYcDPLefjPINJA6k4QQSZj4TrBQYjFr27h1se2q643+S
ZhsYUrznzVvmVgBGNN5hRlB980+sMHzv50mMACpQVYLRn/9BlbhVE4r+8Kv+I5Tz0cqfppTzjIkt
G6RmR8xgZc4nAm64nk4BA7anPVZxus/GE6CDrdd4Qjua1uVUWwsxBo4AUWKUF4bucIg3B+5U7xef
/uzUtnLpLkU/js0dNpQlrDbDXQULtHhL/fwiHikUxFVHUX5R7NExJrrJFNvbEJ3EzjBvX+7IQzaZ
xsVPtfEZiojauU9jiXwKTj29imvpcnIsdmtCoZnLaFXHRWgs52VvP4l+p+2+dn+EnngH2sgxjY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
h9iXBrWPxwmAfFLAywnQqVGnLXFFWFcaYUwSk5tyH3n3PRIUSACLeiFazc7BoVAd7w6a6Vl49v3jJ
WnnxfmZ/qsjS08li0AKwYmAtxtnN7C7rlIAk8wYRZHF1V3f/SwGx3t6G7l6O4xNuVx0hac7Tujsq
R6IaGtRijdrCJqNSS4rDRtZhtEBiD7ya0lwojJvVNOycB6mB3MPr7VIDZXqggtekNBXPld3GaUY5
16Zb+dQyz8/K6JjJMIEtI6KwklMKjILmJNuS7DOBRqh711cWbeuBd/t+16qPcdnBmEBY5Gp45oun
Xj/EDL2p4uCkHVgTHlRLlYfkEk/kR6pmjoVOHexrYt4u/Hc8H8W5/YylWl+wgnclzqUp5zFv9hQ4
PdVoKhSjgnWNDiNZecBeuW4Ud4TMMPUJoBdJp1BEec7X4RZL4BWU0iyk0mPHP6UQrJrxsyoXQkE+
ju63kuChtprrvBeDV7p9JnwxnTLNVUZzUbG98O+UYqybAbM6Y4pc4qPnQP+xBlFK2WoMPtF1tpd3
AvU9/b2E5cKO3W04g82zQO3p29aeyUX644p3/Hr97JZrsgM0v0+za/M9jTLX6sO6TgmYLjsvoaTG
RCbyJ12MMGwS2z4dlaMRvKWEkXAr/MUPWWkZvAgeQaPoYlqULvjiq4L6XcNgpvkUpL/8HiHBSs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Java Development Kit\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
bub8bWbbmUzxDSbuEgtHZuJoa3xczOsOVqPI5yuQyNXLK+CBPnYN8cmQ550lYQ2L1ycQ9fITmewNv
1GN2VV9bxjkkV/QUdA1LjhF4PEjgN9iRDpCkoRItxr3K6L77bXpTg/XhaRgWMTq7iM+T2U3zDALo
Lv3VsClfQsqNk1Llqeyv5j0R418nGhimX5WRQLOlKyQW4EGMyPRWxFyhtsxMwe+926/66VB6314e
7qYxbCG1IGJox1VsRpV36ZqLhGZkTYNhVLI0I4iCx7gbDfwEghmwvATDqidUNxiykH4lXK5IsSJh
asVNMpPTl0OALrOcKD8KqxiHy4IWxJf9kpv8U2AhK6eNkNbhwjbTB1nNyaeByTzp9D6kPpB8hDdQ
JXIqTkhw8MOdogsY2jHznWisXBjBDmVQAKJvi73+yU4aW6tlMWZjKx9vEg+XYMZm0gcZrJmwUQv5
x4e/pOZAe6/6Hzf05ZWg7cgsasLdYkzQZ0THvHChSGbUnupkR8wJbDOJe6E9ya39xtMlx/sAsy8O
FRkR3JRF6kb1ICFECymxVGjggjZym7y2lK9hc06ghDCGaHd/vHHgY/4XUZhAgj7GNpDtMA8RJ9qV
MKu+ZtGlYqi3bnxYbWUPKF2eNP5wJfGV6EbHgo/PHljVAwzlKYsdQJK9E1MdJfXotmAx3SwutE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
GHXd2jPDda6UsLpsG3/9xZIjrtg4rHRe4rFGxj8A/Nx9SXrCFCCSEyT1/tqquDM71BoXNTJTAA6WG
dJBcQ1n2li+WlI903nBSVv9qG2a2Lv6kDODUG5D+5avsCxIJOaoZjRwn8YItjC6sEU7mnjSwaTgp
UlMmi6hSQ2C5sU14JFS3d9Q7mpKlQJAuGNf5Kk8alWGpY1GLV7h9J4bkT7tqWLfbGhJzrUrSzV1J
QefZ4Vj+snMdwHRc24RYyEA6PGdxalbHJ4y6mrMCt3heico8SjKyXzkNLRggJsCJeeLMdJdTPnau
hxcTTkO2WuiKx/mXG2BjO6eynLVdmsak4rXNQAtSFXKvhANnpaVIfpZsAc8zB9SAnUsjKGGj321t
W/20zpOEO0NXB94at9Mjv2jVtrrgLXTVCTrRKbCo7FotkyDplMaSXvZDR+uD8copE3Fnd2LFA6dk
NjH/Rlon/9MfJkVLPREEAj+nFvhGsUh8cTjhYx2sn6bkORnLC0PhfvHlVcL1QHmCYVTEZ0j43YDl
PKEt0WpFBNx400r3EQLWWBK0ASs0+4CdP5+fS/UdTmc0pCLfwakoY+TECXFHG0+pbhXaePr3qDUb
xFc7mDIGxOepowMOAw+APeytAzvxoXZ/d5oJaeyA9Smimqw0kK7qVHMhPsAtel1A9NXCIE67HI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MdkqrhbeglVAIPlruO4Y/ZcSKeyeKOzgnDPuXH7lNElRK1m95iJ9kDFTskXPc75HTc+iK53nNuevA
r1FOvooH1/uj3/gIP2K4F0JHMfAwuiHBbcICpuq/d0IuAtXySYbwUmi1pOnQkxKdXevkXhSepRD3
vnSH5dyXWjpCT4aPdZCuBBl7OGfP8a5lJ+mZ77Y6EvBn/l3OUWgqdesxZ+iaw3gnuasKiKaS8OEi
l37nUZnlnAdzSi0bP2dRte/e+frWk4Q6JJ4hV/g195fld5xTyBI1uTVXZFM1h6pnAETGgJgeHxLY
mpOd5coZ4eb2b+2bW+8x1ZeHhNTyMggfSwWmOw+dx5mNsLNsHxuSlsYh9mhHzarLpFATvyMJHc45
MJQp76cQL0vqxvF9t22QDeu7tRJbO9pdoHmEV0xpJwHl2qvgE71KSAL1E5qgmAlFFOpZjD+G8Vq9
84YW6IvJBmZoTopoEioQKAeRUn4rXpGDUP7P0uNiFVwXjfGeiAXi8XRDkOwDpEaYVBC6iCfOOny/
V71idTZFvIHErPQ3436z0SMV4RriABOxGd2y+V2l0lVZ+6pH+FQmPK11Z98DQfOHilGygblgMZnF
HwSCi52PN4b9RpHJGFpWxSWXTcWWJP+OnrBL6URPGwxx3ItXqrn/gmFgJKKBCdZgO8XOXpXTd0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Games\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Jcoe3nMLks5ux4ohCM8ug0beGIQT4N2SWJCCHq/Oo54xQuoIU5kylZARjN/MjbQafUKMT51HiRVez
IE8nVW1NGthoJLBcyLTjii/JYat5/qaLWW6RCibecVs+RVblNx5r0cCY6+X6CJdf/8jbMC9Uwk8z
Cd6fJ/dubfFqRfEviDJCGy8Z4WrVZGuW3ONNwytPR81F5RNR5jnaSPVz7r39iqq85e94gYWwkfgQ
NJLjngWuL1qfm/5zPnPW2+ugU9n09lEXe79suUAGOntUwF43el8xy1F5E+U0UvTZ9skm6ln2NpaC
u8kFBX+fzwQL3savuZ8BSMvSuxd1nvwcUj3SeiR0lrtaZVZ0LFlk8KC5y0Igo7X3J27dgvwRvenR
3KaaRPJIgGO6qGKq/QI6CTAASti1uiBH9uC+317Nc0h9YTXo9ckpSpOXuKaaT6Z7AQMVLsFqaKq2
wNBTl4BKRvJbEw9MTdR8r4Ux7P868nsPh7N6j39Dzb4XtTClR8LjZbK6Ob0UYDhnE4pbWY0UmF+x
XDgKx7kPik1BItwSCH6HuCD8hPm65oslC3SNo0anX7LX3u6SOfdIu1o6Eihbe9DxvHNgyh9+M/jR
PH1pEtFL7AYPhP84odi7w/cgtOsxuHLdAmOTmGPJt99dJSYwaWGJzYFGpL3Y0utm7ohv4GGU7U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PJkDMn3rkJqeFfIC7KDxNOuan6hkL9haseZZDuWG4A2oAhFvT0ylBtG296NAuzzwR/3jzPUSxCkNY
drCagCxw8KdjvE5mt61xGssO/P+JJMISxDHuYYV1Iri1BUmTHPZGj4/hxBKHN6oI6mrpI1CB2mOC
ZUK/4AbtjeGD75cZvu/Co/VgAuvgc8/FKS7QHt+dg1DVZSgIx7m8bUfxqzOJM+kzoqoy2rYfROx0
C64Ca1CW0TkWHspkM59a/wvAUdmvnfcaUdUHhZmhCGGrq5Fmpf7v9LzMA9zbcKRrxn/oCnooVbLN
Gc+KPN/bmOh7ObhGc+DMdQXQzkuIiZ5LBiqYB3evCnSeYaEZWwN2vAD/rRigcnWZT+ENK3Jj3yFN
Fq7j8KfWKxCNNjlVNShFvp7tS77kKGiWdfO6qzNnP7wkzIOhv5d1CS1yMdgRn0l/uD0Lex9InQHv
Fl32OsyMOwoQpKcwvxzwiwAMlyIuf6jDkehPvxOgZn1kggswk20hw0fmp3DFRAHgRddip2ROuE+u
zs2BKYjSUgM7Xk/aPo4MLSt6CMoLo3jk1BuKQuJPSGQuJYIUiOAtbJZAhM2gAzxu0RgwgbSzGREu
9WLJr0krru8RL5GZlDWroKXTT64WHlRoRDeHQd/4QWRH48TYoQb16ywMeurpTw7LuvkAl9gelk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
beoOW91U/q/vfiZalPro74LIHEfn3ZbuV1zv2KdSpReIN+UbsS864recKG4xKOBrKLJaI2YHt9BKw
Xu32D5tpXUFNc+uwWEBfmA+eXwcJGF59N0fsXltOP8H9ucDfXJ4P9fBWBzQO7DC6stGMxhoZwNPB
lkR/n3cjyeqWvESlMIcKLTqRLP9JiHqQ8tihSokKBUEe89/wVUiqpH4j8DCuR/nHVLXEDc41QFFT
DxtVx+GYEmEq025qOMB8AqGfJw7DJcueLLnOSOmaWHr991BCnEvk4/Xk4ykXHi9ZPzW5IVXTRmP7
DO46MXEDFjHJI1NkQpzwx7lNDEGknMDuSUuf3NexG36H+ogi8tiYMhMnmL4S9G0CWtaD8fNrssdw
YUoldWMimg/7hbkl/x2vihXqTbe66DyhEfQaAHXEMRJLH55o/li4xhDFpijFslS5cwhXY3rZ5/Mp
mlUQ9QG5fxNI+7UclqnptTq+iVdS3y4v54H7z1+fDZUpDkoU0SuCU5o67/SVMRUXymn2vlbWWK+3
/NRvmxFQXlCP95WEJLNPSPxq8HWmHe4PJD5Bu9/DndVVF+OhDT+AUdpKCdpf5ewRwADob/xdwca5
oIM2XwMZvub0aegblj34FNb7HIhBQANzlomnNnDgQwC81RqTH77DAiad4JUCNtlYxH7nKQmdZ0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
SCcBVT+F3+AjGQSvEnLJ3ydAVRsGWLTpHtq3X09siF6TAG9XdrBJ1aqSypa4Mb/h/um03h6qo7JUx
PGVwJZCKuqtZVERfuVCwpoM90A+eAW/XF2xclgY/dhj8SrgjxXb3M7M7dAjGVa4J4oPUyE3QTomV
/YvBV3GWdYjGrkwzZb/5sXF0IirVtBRJHRjTnLoD9Ied7azFyts/ZtJvFnsWTBHPyx1n2DIcGnwH
rNE/60mNB3YTLQYnfR8tv4VWwhuNreBQyoJTZZ/3/NhJ1BDOcrS7kvcjfCcN9hLTq/ND1oaEu7Lo
jZWuR2+gbY3z+yZCHDgjhkO03sqCUZcU4TUcPSDaA3KgUgXtpPcllzDWouXqEVyu4vfO5zxVZTAe
dRufB9qJzaoUMFQLwZNbMHDB25BpdP7FkYp9VZIK41hfapDto8snhy2DPq7LGkshpAyitpGg5ARy
bMOJ8ZtdKhgVNfnPb98sCfjFTbW0xT1oydYzG1Ym01/gisP1DvztFZl5ytz3mUQM8AZVtzb0mBrh
2Rvt1tVeLaN0uh8oxpEdIxxbOQHZ8DcjOBcMOJQgcylHPB7xehIvBxBI+EOJ8G9/5ABIWmGHTL9m
qxBE97YJ8cQ5Ee0jEZypsGiCzWvgtPvnCFzC/PdzOxWD8G9/eI7aA6yj1s479B7BbgHIuruxxg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Accessories\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
NJzRLR9yxvcAn0JUB6E09lewRh2FQxlp4dpWumY2/4PY0QEp95NPqZeGq7Iqsj4AfIKnmvhKAqmAw
Gud6LEDqtaOOhKOCLpirUzrQc8O7Kyyc6ht5b4/dDFPA940wtq/W5fijxPWLgH5NEEbxUMydDbsU
CXpO0vqGW8Nm7QMnEZki8ggLqOTQyuydbBqki0ZgwKLbmLTuNsc+2gafVNf6it/oQCvJZiIfeFcf
WlzFcjHTBYL0rk8CCiwIML/DYE2jhhP0GzYhDOUDXva4xr0z7E9PxOipJvl5WSJUtAoKLxUMRvOG
tw9F5FqTu0C0hX7P+D/DdFqC9egEHiLd2UXCXEI7c0hrsbIpWtxoTt7F3YB3pAmyy81jbNnQCvBq
fw4RlBpFIqT8qLM5ekYtc+S3jbFAs+B3LsaRxHPRKkQkokrLhLe7A/kJDnyER93A4IE7vJ2cWZ4/
71eiZuVUkQLKkVWDqdoypXDCxcZDM6jUDFY0Izr+mlMsx3ysH9MV9hn/d8cIsvfjaGmb62N89PNl
KbY/rcIGnj4XHsr1yfEwszckLWBTfz3IWP5i0/Qzq/mdwFCfHLEVKwSEB8jWM113Y0+F4HLbgdHe
avbW3ZvdOx8fMxylsqK7WpbisQSfeUC74yYvMlYxd1vaDoUg3BELr3RLQZJN3zWCm+KJ1F2pqE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gVIL+JpztWZ7+sQXOseKrjebjpb4axRa50c3v7gI9aFeCWFUZNAx4IADRvXjPl847fnC9AI+WUi2h
3pwi/nS5amkdhCk0BSpXzDFc1UFPn+CQUfe+aqgAfkmuBsP6/y5t39goDLxV1pRaqLZBnN3pTfGa
GS3LdO8ptEm8WwF15HdAPNP4YZ98vQ3OTZ7yCTt8BSgPvYfCoQhfPxrFMjTHocd6DLpVB8Ira3Cr
0LhjPfxwIQiotVJO5uFwjV13SyW9RpXUqTF52elZ2Fp58jk4j2rGagArbHJCpMle+fRAILuBlCPZ
6ByVhNcRVNSi9H5Y6zXPraVkbUnLtp6FMgzrAAwp0smtngmExijzX1hyGjlJs+ENX0XXm4jJr2+a
Gj6IZRUC3mCKLVbqkiUW8gIHtbkeEyNP6jHXxVPd2RRpI3wshchi5qZFDzm/lRSvbsKks0ShyDa6
/6BfHP9alha3A7OnQ8mJj4Q7IxIbDPSp242QqPkhsszOmeIGlzfzEXRNLze2J5VxeKuyqkhz4oSR
lXuIFFcnW/mAttSWkZaqT0k1kGGa//BiMXZfuk8xghZs8LfHEayZtDqNqOWq37kxGjfe6wxf3mFX
nDAB7/uL4TLLJieriQMEQ4BkdqC5BRSc3RAANFBWhQc1tjk9vzh/ZnQ1yzd4QdpX+L3zlEKTjo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Start Menu\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gzP79n6FRw4GxxASVz/heGzhzL9nFpDLat07oRkmEbq/VDc6u/baJOF0sjBpXAO/Tl6ccUIJPp0em
pdWd7iP2KP3U55zf46JErAhi8agS6Hz5i+uvx7tHlPJE5n3o2DSF2Xb2cpYU4yUCZkYVI6Cy30zU
C/JGQ0Xtm+1HDv4canJZHgc470F4KM1flFsnY9fz4NHyl6RmIAJYfNWhP0WGwpi8eo4+4mjFgpZ4
rtHX6AJC+f9U2F5cX6l99Rq1LKUWRqzVOg4uj5NsfjnflHP+y6t12wx/t1kItvM5ha1y8ic3Vt5u
4BWlB2O0q2aJAv5J44NBaa7x2KmyoYK5Vnz6OaYf+4clpAThbB4bQdFmmbxTwrLpFQtG1UO6EOWH
uyNfVsTZd98T5c+piWTJz4W+AjC+mXBghwRlYdxqD04oTCLAq7lUcYJsnzuDOnkqovoMvpkjgw3b
ZEENuvbvMN3jJO2XBiF1k9QRpv3CToaYgJmlBn7YeEH4c+OLATk/mjkEqF5oqyFDmox5nuhvd8w/
QYX1FnOQVdw1t8dNS2egkRenCgObtou6hGJHSKMBJgYUeJSX4QbGDm7SwVQAczueWoop1b+cuDE9
djqYsFPNyEaXHvwqOZjUXGvBTwbDTazzYlL8KxmnLPfDw6rLLX/z9tFZFS+AGGkguS4AmEHeNY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\Templates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mv7hrYZxTi64i3oThkBAPus/c87bejnkMkcrrDOrP121oSmhoXjluZrDLN1oa1jFEQOXbC9r0j0d5
AgNuNrOBB0HIdbWWi6YyqCokGzcMiICsnwpoJdCz8734tUwm7z9LNzJQGKh1TuaSAspkJwrnUBgZ
OjRHONJ35pdahWyZA/U6Z6v7VBVQIm/tLr8HMYBgZEDYdcbTmLwNPHibI490FKIjCOSDN1DzQL1b
0I4q0bPsfbSNvew3DmizgxVdgPEsQS0sTwuYezes19ocIw1w+Rb9aqzZEKQ0WnpRbjCj+395+JPn
irFn9+6WHDyoYqRKq+1wlUQwP33RfHjl/J1YDNOMgmltayW6I7Bg12Xz28bhHrdLaQH/dzUpuma9
1UNd1VUbppJVAzMXv/1SOWnirCSBUkK/cwmlivLvJaIdVEmDnZcByrFB5K/uEn/P+QjUdNCjaQQQ
uD3AmLAOpjVl5U7vOW2LrR+Cnd0wbV+t4jgpxKrvG1gE6sKX0JLcbufLu7p/KFkTh4uqwoFl0Fxc
G4zmtgfEZ5bXfj/aJ/hgOR58nX8hG5QrudowRYYOnOjQaun0FK2XwqXdaJkky/Ze02UrJEIhGQhF
EEz+TFpM7M8UXaJAtC3vA9f6zhOEJd/2KOmtuJMjzgfAod+uDMoUFo+bIl1fgO0ucBcToS1QGo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
U5uyqVCHVG0/EpErdVF2Se/hinz8iJoFBkPu+IfYUBgQRuqtwVXhW+0cgcTfSCm+rBAzI3nGfiR96
ZUu+KfHLXL20ExMbSfwUop3wanG1qjul0Y8qu2NlEK2EXGBC0eXE++qv4rvkIiIy2UyOLOjvLGQt
jJhv06RAS4IsLFml/n4KNldw/DRqLuDawEawR5FCXWDXgCaN7iG0rMkIe90bQF5pVFSV1NOkrDw5
OfbyHYGE+vYotbWgQvpXnJunkCAsu3aCQRRnay+sBCvkeApeGZrkffIxPq0Y64nbusQBg2DxwCdQ
jNmUxsZ92zWReEMXm2vndZQkkVH85iLLYrQnAhii3zX70ENHc5HrFLthD3krM8EsYcMZqgRkxSCq
eCpk+aaDS4mqmGKKPqJNT61IOmgyCrWc6Z+K7HfBVPVyII0kfRxf1jGGvJi1+YoEcoMq836o3Y0v
8Bb8RzM7FYHlsWiRvCo8gLQYw5AT2RddEdcuYXpT/hkwEAqDjai4LmB+enMGmUVrqja/AsmOc/hm
cpBiLThhJ76ASCqXrXEdFtUBbyYCnZy2oQsj03gy1l0JNaaGRQ/5+Al3cW5zfM2vce9ysicstddY
bnosevXu6mLRQ+tPZS/reOVv9AZTctpluVR4p4U+XukGU0WqAlkephqEGXezqsH+PFDz6Zwe1g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Backup\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
j+huZTXNoDAtC61/ZekvNtj/+7c8iFnp0q1HO1PUz0D4ad+24qFmHHTRigT1yjnXoQhrwFFKc3FO0
6ClIWkqnLyWuwjMc3QfNjenWf2IoxLETSoV7AF2Vlwwn3TwhTfEzZTacIFiI3ug7I0a+k2w0hYjY
1NXnKY9iLl8vlk0oxPUCbkhmtLMjwm/IW25VTKddEVrce4KyWkCPUVKRvjQSXusuz8zx5DOmQ/kw
sFNJC8NADZ/fwEMBVCgBxHE52R4XJZ6bnFpq3TB+dq707l3IE42Hf2TlJubswvcRVYm60eW1igpD
2UOGZugI/sQ0x8AZjLywhUZMEAGolwFmEs3evtYaXOXl1YWXIkzEp8qQmk5uK2u5u10pPna0Q3kj
e3wZV9Qhfje/DxfjHW6dmqkub8Dtfnw9N6wVYyezuZHqjHVYFgY13TkxbULvnZrLKZ5BC2K/+V4g
ynzymGhrLjwWrgZ8UHqegHOn4w8uVZ+qezPfayNmKfzlXHKm3keemVV9OjRliaoDNVpMcDpdiss6
J8DlEn+XBuaJJNyDXSsiQ2gpChm+yHjbmgzbsm/VY1HAnT39+M9C0ZFqNQKdJmcLfw0yb4RwjpWl
3Ko03GqdK55eZB3w3AIe6zcxXdWhmMlJrG9N1/exLA+sKiLouQ9AvY+IoQWf5HsY1y0iobQwoM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\Updates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
c6QyZ0Jp8q2jYIlAePicek1C78pgMqubZRi6h/QiwG/xSuHvvFwQR773a2c+ulZCaWqXy965IuoBK
fD9InVZQdvm8GRgBUMjO94RcB6tMPElsbvc1XtKT1BlLrh7uKaEnhxcr32CHp00Ie7fx7oPhvMyt
2wsUH0U85Mc8Ge/b9FCzABlzy8ly203+bGjPoNoqRujl2g1HyvbQyrxafwfTs7yYks3SW8Zgo4dB
0JPFhC82nnoqowiCVExA+rc/EM6DInauxN/zyeAENjQSFNpeO2K7gAIsJdicmRlKbH7N6dabrY/5
24sQeczOgCP8cpHEUOc+PNOfrxe7YIGfE5Xk3tUzE93PCMOWkAH3g1s7m5ePsj313R6wyuQONZNY
oylMq8PRSltogYbkc04HYXczldow2MJ+3lW9Rn825TDwY5sU0zakGT+3qMiJFM5GARpcwGMrTZ8F
zncXmfSP7yVVLY+C4vLZMeWIJ7wt83G70Zv5TIz0Vgrt7K8VDBQdXrDWVwHnmDtevS9V23CVpOYQ
1ZSd97o2Q6wQrfB9IzHmzXz5/190+wNhZ/erQ/OxrcbODS+dVdvb3wCS7ygpJNkwnGFfzJ94xXOe
zwTJ3WmGbHW7QwqukMkI7xICTOPSCaHFs70g5fF4T8h2kxjq74YVLXVcXM8PytOhdDM7mAWr+Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Quarantine\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FaazVUO2Gz+EKQb8VUerFXoxU93jzO1PYSaeMY2Q2SWrIIYF+RSEIRC8S/LBAu2Dz9tThHZHA1y21
F3tUqRdVwRdcCFpH5Q6pIOnN8Y1cbTTcYAtmGM3G8jW24csiEYMXpg0V5toCbI5CEDpCknBuMRPV
CV65D/4cTFRckZD9S19Fjq7NMXJ3SkB7iIPBntHl+utUcgfTeu+ugBKye+mEyRIKXyqEnK6DlFHV
qgqvgVKqLV0N2jtoH0AWAqZPWWrrFl+igH1jUHBuxXtWzvSoJ3k7HTtd66B8iJbVXOIfwRchakpF
B2TpajK5XooS1/G28WzGWmcyAZ97DUEOteCr7DOuQZ5pm294ka2l6u+BjU6X5oFkytmyCa/GRZub
frsx3azSNXM2y3G1MTPaWW21dD44PbQO16WjPfh5LFPQsK5ogtawsvyXDebrFS8GoSwjcIUwC4Gj
W2AJxoZ2xtd5M8ZQU27wykXkU40+NPqmhIBrg6OTn+oVYNaxgqtxjPgfu/lhk5HUlaOXLq64Zt35
kNK5BezDrx0NqNFLxKFTY6rswcpxEgNYrHevWt1hjHAV5c/uewDNri6n7S3sfnGK2x/tmhjx5spK
AMRXhhFoIeMq8Q08iwHphsU0REaqkwcm0P2090yicc4vKhEYVYQRSkb4YYNh58e9LGmN5lwSSk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\CacheManager\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
m9kkDzFvNbYyv0SEHWWWumIsDPo+AlZNYWp2GbR83UaP6PQB0qKARem6ewXQaelUOCWC2lyoA7Aty
Ck9LRO+KNYK/t3xYyXRTETMvcECkMcTXNeXOTJ6wUgxP35ynsGHRZDHIOZJskCy7a1qJYqSnSqGq
SqzTDoQ21rhyuShwR5PfUXV6HIXqX+5SECle1ISWbghmern3JY/X9TCm8IHIcVnci3SHbj6CMeeP
dQcVzZ4IpogziPJaHLOYiXKey65L3fAy9E7VTOahRU2xo2rBAcRg/ilpM+Lw9kCuzJchjd/7dO7o
q2nNrtJG18MmdgZqD8KWR2dqq7OHqOLQuIY6w3Bto4SlpFVE1hAy5ixPEGu39fm9t6IPtoW/kwOt
axaU1jVrER6CRRLrBChUiv/mGh7gjp3AVarVpm+vR4hDHNEZ793/eLa8NEbqsqKIDoQmiHopdb7t
MvXVWw5sIWHOxOw7BOVUf6Mnba6UCTYiRPSimjTQhPmZ/lu5hBL/CCIVgUMebT5YaLJH/oxTWEeJ
3uh/OY0PMWUlqS2R1RGRj0srDEP1TP62826EO8aYDkb8s4TbRVJeo9vDYnVBlivCV6bP8Z1QZwgM
921/HqKj2ZIAWOxAFrf1a13BCq6plTrwo+THbmX76fP4xeYRB2B+5zA1RS6x19r401Al8C973w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Results\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WCHJrE5sF3F93hvkR948BWT6aCoiQXn67n2TVlkpNH536dTaZY3dWiwc5ZqoUeEhtrzfSM/aQN/eC
EfrgazDnNU3bFwDEWM+92PcS6jARnwfXZv00AFaaDA1FeeY2sRRWZ1TIdj41mnIFxufGJDNT5xAo
kRvYjz0No8BwPS+h0gOfqQqFrSyByJb3jtSIznNQUsNFi1hzZADthQ8N64hUqOWjO7DmOkpszDLQ
lnmVRxiXU5PUppsQENx0ed/gsjhOktlDsdwOo28vLHcngjHMY/LvJPZNR5NFjef+PbmU1x6Y5Tho
sCu24raTa108xrUNphHkNRC7wvNdo8Kr0EYsqp7f1fYR8zjk4OVa55jNbFauFVXsE8IoaMHDezQ7
2twKnR5TTDfJGZrQ1PiWsxtUdlscGjz+SohcXyUZo6rTwXgR5RBd3cmD7L7rApWc3mr8F8XHZb1h
r30B5wcAQwHoWYqq2XLRz99RcqOR2Jl+C87Fefjf3rf1el5dhZWqvh2Knte99RTbradXs5OtOsbW
YYBiA6D6tjlEEk0RY+A/Y5z6jiHiF5KTuG1uZi6BYo7ryr3+yXpiBATAQBMmK3NIhTrZNiHpAx8u
JT0AvAonSDKBoMyjg1BS6tZsZuk/AWs8Xe892eAralDXFatkPMyB30fACC8uzgl2L9GMS6e38s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Service\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
lpqyp72op3Hbr2h9w/F1FkIugzG5InOvDHD/RQVm4KcVddZo390y9AHldq33gfQkcPpMnjMuKYd2S
saMH4ZGhwVnSQmI0SyzP3oek7b0LReGtU/CuMa3Nmp36NlnBpoasr4sd//T1bT0J9ta4twjMaCAj
XC1aJ72oC/qpI2rZ/z12rNuChvmc+qt9XOFeZ4R0iN+fBjmnjHQb8nmjC65s8nEJ8YpHpAfN0nrW
wQ9ptYLJh02HQTqvXga/1Lv/T0P0+/bPoFhBZoMJLO8v4zErOFbz4+HEOQKAPJSN3hjG5e7KS6eN
l5KDd2v7Oc7+OSE6Va/p4xYN9DkXxotmfCuXDvqLbtsvlwnZmsZsQanSo8N9A6nvGl979NgXYh/e
iOufS3POze9tdsw5hiZh1PlSyNLkl33piihfuYR5f1mR/C5nOIjWDqao9j1jSGfw8sTMyOghUHSC
pttZL3Hhj0TagjHuBz2pcrTALePfq98r6SQxLPcy0HM/Q41M2FBG5SD3Ydim5b6AvoJm7d4u4qzd
aUZPGwg8KU2F3Hzyl2p6px4LhKbhEe62Hce62m9IYx9JxtIlIrEqwq5TioGE8w0z6cAKR98MEdxV
Aoo8vSMmoKxuZgVzRCFCpwsflG4qNigWeP3Tj6AsK7fMjhoiujMe9ApLwGTKjnqKNMDSOknUzk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\LocalCopy\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
WpL9j0E7Ywp7cyDRt3lKvFybpecm4SxKq9+ijJKLwFlWEQloesXfpWV91cw0w43CfirtagptMDTUS
KDdditKr//WlCq8q6K6IbC1MmSEP2jy8890OMg4ytskb2uWvqnY+tFfyH5A2P+hBqhX819fEPFv+
ebpN+wFqRxvdQTDST062pSunUrJtce5kUQGBuGrciCV9GXwTWSRtULVtbvls4xVRc6W/b3xXgr5w
xLXMxON/ZXrb8Sal8yKO4fy3NtoaKEo8ZpiMm5EXFnIhyQyZQ+WCLAqSqmNDcVowzL4xVLWYVJR6
SUKLHbrFFDxT+XxVy6xVPjLKMmHvoySzFJKpw/hwTA5kURylhgi3sXbOmW5twJVfqk5szGtOGqPL
SEloX2BWgGU/sWxxb0dkrLa961pS++nQeO6t9ILQ8RrhNDZ1ZSKlhh0Ib4IYrZnU9XxTwqkxs7OV
jQa/pYcdmbtenrevy2BM8AuXH5or2drKGHxsesh8byBuPUXbgzcGuYQTtYKtmbNlD4BRZc5+R+/i
WvpbbYKC0/5TBqKllCv3NEDBcVDkBMgy6fB7+x7FxsbEasL7gEsQngEWWyxgo5k6RXqP+UgzmXkV
ZIQhFWn+p7+THVh1sY3Rd48S6LoFO8yMSGxkEaTiU2lDyJJt6UDIsTn1F9cmqyPgN6o4COtDK4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\Store\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CBH4Pe4xW6fgKP+oj/Mjpbk+RWn2OH91Z/7RY0rEkNwAfD6q9QvaBnOLathBYkwjJYi+G7AW2+4Uq
LRugnh24KhMFRZz+CZGFSovciOzbpkVnXVURMb/oDhLTKfRbxEUyKUvxMhvNXwE47NVUGBH/OnCP
5G18amZSSjTvhwQ9HXYIwa5eC1WVrGr/GPtTRw2tBLaJnLv7laS3mpnmvi32xqB/0wcM5nRhxx0O
ABhKPQHjP7ZdfnLcozAw1oIzvW/oMRYzdRqDnjwUnBYzkzEhtEDB0ssuEGCVN7RskTtGfvQqFWog
zkER/1rQJigz2qcODpLCYm/OtfC3Z3tu/SbEZ49JN18k9nSAD6B6FEwJhIx3+I95LAvf8jMq/9Bg
hms8vDziQGtmu/92wysEooUYf/5Pvm8slryVRNZPVZpPEYhWUnidRHgjEI/fgU3095dQIXx9FAsp
6+24zFAq8RyXuBEoSiz3RXLr3WAELAQ1WjCDpASzfj4V6N39EjOKLFs0OKtbIgXWZOndJpwPBBIP
8XM8Ygnvqx/3yQXWV7mD/U/I14a8rzFUXwV132LMCKBgOEhdpcwMQ5mWHhBIUTOaWqhm5Hii5y6H
Dwa5rSfBIOhRtGYrIjMKXz2lwU1IcooIMe0YTKZtsqshjoDYEzzh0Pk7/Y/USS3tVaant/GG7Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jzKExpZQ/RVjRUuXj7VKYa2CuAsIvEIwfxKTpXBiWfp3iYC8KJG+fSvjGEitP4hbaEMlBKjWYrel8
k367342aHUZ4AMx78o1Z9JFVDeqAAu/Re27fq3d7NIfBi6i0OxIR8Jiq0rg7jEf3DJZjUzsO1CBa
0iJM4vvpIK5PkCrzwtH/IslLNY1zYIy1vm6OJ/L6cmZf5OUcYxh2rYgGLL5LgHaIkcJ0yDF22MmE
MjJn6+SbjeibhkXUsqY+TQ4XrHSCOpKspfBCb64CCKVoMbbubKWpVtjV5MeegNZpHkvh3WpQx2JA
pBIfOT7oOJnDFq4e9yeShAgExfrkC8qG4jGz4EtgR+iCqZYmNr7WA14OviczC4YmMXZpUE68EOjL
Xh7z30tBrbW7Dx0FR/KaoaJagjugUf1hAQtFNusXmdVQQDXGC2f8S/u4RNGIk0S25Lz6Z6FHw/Br
mnl1gO5o5DqHcBa69upZdvhnR+46e5xnCRvrPj/E5tgb5qdusfmbk8wc5eCgYL93VOlAupIoLHtW
mD+mz1BCFBOp2QqbQc+8IJq8L0gbuRi9AFR5NsEXvOjMIZCIJPCfL9OPTo/9XhG8EK/L2ID06Eou
b2iBap0CzgQwLQfy2YESW6hyHbv7T0dXSLMbB8M2h7uCH8+uc3+9FxcF+GpzZ0US339mHnvA5g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Scans\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
e/IA5YMyZrlngYbcs5P/yXsXvRWpY/B5lInACUCW2mtzdutyUBE4k59tuTvaOY9cd7amIS+qVrMWh
WqQi9biyepXwIr7fOLhDWQoWglgVpiTAuzOpbbSYnhH3Nno3AjEDPE3ClN7YZVzfRB/D1Pwhp/le
fWkXXQKdqXKpT9eiJQUSH2TgvqMoSvjlNMq6x5XpMlpU009P5sewqaOy3B3mOwIgS+3vY9c2mmln
oEV/GxBbsMDZD+c1xyE8uPX/H+IZWHSy4baWT+CC2JvVhp3ZOq2hM0wcen0z3gsfbo0ytPuWPax0
EggjWy2VwkCxaX/jn0ZhPlWUYDEumVrWqF2vq50xr/J2v3ohggmix3WPxN10y5BSMA+eORcF3/9A
N+hUibVOmV+n/THBIpi9YT2CP3+BO2a1QklbJDaE1Zr3axgam1dbPtHuNo2lpMFGh8yqESKa5lpX
KPwDfph8SoXMl30tXPpvRhWY89aYOgWhHiqKeSyAICl2yGnyxMjT8UvKI+0vdlOTiJ0EyWKlA78Z
DcRS5GZO8uaXsvjs8VEQOh92ifZaD5O4UiFpxUZ6ZOMgINDekBJwrslRw86vR4NjC0I6mhREanry
Gsk0Piv2PjT357yfRjmWiEz4FM+47ER06+CQezQViNCkiMaVqdqet37GvI3RgEdm2Aj6XR/VNo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Support\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UJad8YyJlZ/piJTmGlNfkrDdAPaYU8cp6KEBpZHwOcxFS75L6EKPTIQbB8r6t6cp65CFol9DPdiBm
UjrLqm8ZvXJvfLlbCAvmjXxFJgBUyXtNa+9PN/BL+xQ1y1xfrgqFGoRm1R0FKU8jl5IQooIKZ+HE
SgOhWpS4VQeLs7TkphB/X8Gwr3ErXcaf/qMS59fftLGoDLEfMPKy9w41uw0/1dMOka5k38xwAIud
8iQRZg5HzrhwgUW9X53GWKL97rw/FD1wVwZoAx/ocow3Bu9YwJHDqMJ+9NFXUpbc6lTtJLrPldFc
rTX4iYnGXrssATA1kIT2LE6M7e1TdH3k8TTG6pMhXB3HHZfOK+b9R4LmC/YArTO+dtOQFdLvmMda
GnSKxnq+wv3P1Fi35rlMLDFVj98W9Zr0hjtFlZRmGE9j+4Fs+dBB00lVnEXmrOmszw2vHu3WK3uC
l1n8S8Do6oYucOS/2smPtJCGMHmZZat4lzV2JSI9WVq08NQ0OJsOT1Fvc3Q2xsGsYppufcAf2uHc
ALCcb1lzh+QOa7OOOrR6IMw0w/o/CtX5eCu2gdxUCemZ3KZ4IeB0Ypi2sgc5TRB1XwMk5ccGfk5q
hzP06unWHDOZl08mWe7HHulZpDmldQ5ZNEU94dYQDesh0fTn7ecW0Zr0Ol6GaKuUh/snZy5+Go=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
J5n+UFZAF9ISZvFpyaR46ccxdZ4QLIF1IJmvgijKefZSGNTNaMBRcjPizIYYPuSJAa06dVLHID9y4
VVHn1kVDkdc9HrhfGD4+z/CEIJyWOHRlHHAwoM0xDkIv+S9FQG6gKggpAvkDPFa51cB/ITS36TUx
9CbA0yNCm6fbBJjOxJKzsf0vRNA0lJM+LgPgDwZ8cLMAU9OV9NY3LHmuTAqYzC/dRTLgZVX9TTgj
hCpRNvO5psLqS74jBj6PUybx90puoeDONKsmVluo70ODyH3rg5hf9tS2az8YcJcRTqxVOtljXc6b
XwkUW8AOlUjBHD9ckjH+2xYe6BKMeEDm/nMEzWqt4YGFKzBwe0vvMMtghzkQKszL/2tM09/cqP6I
z97tllSxy+w8L8A3ZE98J0P3o/7UiAaz/BPODeVpLZp0GDNAZzv0+o99fScJk9hu/x+YQOGW7FZF
5KXccCQYQfJ/++1+mZQcOVeXGZcgEJQRLDcygxeby9TTvmOegtldMW97JY8Qs0ME+fF97rkeZmAu
/upWxaD0fb0IOzz/nlez3pAvWPoj0f6uo16fRSjkL1hZ7SitVwEfB8dItM1OpN0A9tUXbKbI/GRp
sbmMfNh986bQgi9dl34c5WohWBgjnv7wOlvFUykLlGCpz4bBhsqniPZNsDr3/RiRNBtMo07bds=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mCxU/I0sXO/yeYYlRg2JgJ5YHd3t91AObA/3fxwT1kCUwhmoGEXnZ39zOkviLKoKyEcAaaqFbwb8y
a52XrnKTpQYkN3wNnIp5N2WW/FkI9l2g8k+pIDdR6HZrvZNlAM3nFi4/f5QKkTcpBifEZxW9gas4
ATgKelBogiY3pRBD4Z8tLn1scPg4LVSzf237cxQoHns2a0VWxXFYpoq7lPeu3qJclo/zhZJRPL1M
D6vS8s/3U3ry9swBhsi8Wr0f4b0RtoKpebq6tecqXf0iN5BCUIgYAWaTIWNWDBCoJnM2Bvi9U8RJ
V2EYf5Mdscerzj07YcagQzdTWRaNvoNCJCasNhLYetABQOWK4JDaGouUT//yH/GEB66CS72SwSiP
/Zk852XiczdU26U5mh9XpGMONnHbcehYS2++603JvNPtm27s3zMTudhj7jvRupWGRQQ4CVrk4DyD
Joyy1eFNt0o9DfNEforU+RULRzj1Vqcg6Cd18OSLw2EVyKA10nvIlMBnDETUDOSNGstCT24S+9or
V6QXVBbOB3rC3o2M2GoPMCcpOriVGwXZ/0mPF/kHwDNg42cCOTlVC2AVxDB86yu9tmLzwRRkedEO
pFKoL6U95fbz4VWglaPclLvjZLNcVdywu6u5oH0BW8c4Q+8XPzseDF0DK2ysP75qY45ZvrsrhA=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows Defender\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
JSYuNK3gbygcpnPEYhMVm48ti19hdQaDOK+H8iuMJduem6F7CNEV07s1pqqIPxqsgAL69EbNZmNFk
tcLXY1MzutS1/cAFgUH5l5jaTil7jxz4i/IQqohXiGTkQ3bKJLzgM5C6qcKl3QfF2YoyEu6TnDkk
Q5hb42Tcf/ZHz2Uf6HGp8B5n3dSPvCuLLa93wVXrZMbnIa1ZRqtQx5CZaNdMbpPZ9TJmpcrIAIk3
66QRZQBP3x+TEMHgB6zTCvX5pFCkhyo5YDxpqfLjtO3wx0VtejsJ6I22AA4CoGAj/m/qcoS1E0I+
EzsLswyy5nifS5t2r94AjuKwmPXQKI4Y2l4aHVQn2AfSEkHv52JpUWgdNgooVhyUWasbK6eQZ7hF
MA2Yc+BRhrX9jnN4DHRXOxgQRxYQsfsU/gDOFCcaKDr1vS4i9jWXuGxRlygPXkxsiC/nyI1R/RFb
Bv9gfBL0tW1vAqfmHw7XIowm0rXERvZo4Ds1WxeSFMp6t7SrmyWGtTHr82b9ZE5QFEHx1Ib8q2Tc
w7Ik2MD4gAfPgfkPMBLP+Nf1awn0o4tkVSx+W8rCYgDyCeEoNM/xYV/1aMo7DXyVkqgbyHmbqF6m
1NX3MmVnVQC02qTdgUgJRkkkZvB+7RpWXqmEoIiyptNbek0R8ngkxi43aTx23+r4cyNf5CVlk4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\ActivityLog\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
kIciVNViHGeYEMc64nzpi226VF4sWCbNKh1XU+EBkTBguS1al23BTdPwK4G97QEnNWVBY17Ha6Wk/
GOmqDDc3uDcZb2aZzcUioJDvF95+b1xUBsT5FR3MPH7bzHoI5szvsDAuoqzjoMDZf/p0RFkHw3yq
uJiJuqyuinz/fX2/Vbb8bNAK7Sko4KlJ7Df2Ncng5+MRW99FgJsFz2kBZXkGxsK/ueDbd9q/RfZA
JGQX3U1EhJA/Cvg66kNpfLFXElBOXpff9q4UqY0rqp+j/SBcDJS8vY6PCUmglhwE3mL6Z0V89sQS
oVoY3iXnMeQI0szK1E2cN3MTkCZjRzlNcFwp5Tabj1Mhi1oK76I7KeKQpwPI5gExeV4vB1B8H1AB
ns9jnHSNL7F2fwSsQwkK6Li9n740BaEMKp3kt0uEeT9l7KFurnKuJR56/FECraIL4PyaF0seGKrI
h6KrWibIXWej0ZtdHIMr/tZL6hAb3Zg041uRw3sruUCCAbn+FyP1YLTC56Ejwjc7JZTTmsdRrL1U
hRTsZHsKhBTwPjDpr8VB1wNJfaA4qMeaYnkPnGk5wZyZziiQWlb6SG9AJPrSSEyrW6s0PugAB+sw
/ZlJQ6DNfuM/a05Q3Vl18eTS2VKMDijUtEdBRPxNSUrbvQo7CxlDTuQiRvAtIwojYcxTA9cBgg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
eONO3sLk09mLZxdwC+GFDagVFSLsrB8MsAklZ0+OJYaVf789Qh7nLnKvcRzzJ9l6HE9Oln3yUkDEO
xROHOAHDuFK2s8zgjdUiQJO5VFUGKLdUkZpYpxc0n6ZSDFmeya8w7VwasRb4Mve+L4MIox97qYuT
6rPF5XN1/CQItFHwU8KTMzhurHWw7cX8ShvmP1m4J+WxfqrEu8tKekGhmKOA4kCMzy08YwI74/ev
llqliP5gs8PlopoGOpl3FTqdHRhL/h7XDLqOiM6XFLA29urg6zzomt1NI4P5oBzDnTTy/eBgMZlL
GWvJze8hW19W7gWEUx+IM3Dvhosj/xWDUg7X7H9VNirvWV38o5qf+qGCQPZpcEt5wMy11S/swXMC
TxYufpH2XUoVi+no9l19BhBD8N+Paq89OOjpzOc4Bi5M41thL7QPR3F3mJBmo56SZ3/dBnebinU/
vGzmWSQxEoLu2YnJT6XTTCLC/4KanHdADBGR/v+W/JdlnNzouUyUmlLSjFGA0tF/ezeW6P0CoY2r
fp6L7d4vNrwKTsy+qGysfKuAL4X50MglO+R66ZhYccNnuJQcHyuZF+BKqrVjbvq/fzfRnDSqCoff
2QqwfCt2Jyf9F/b8asTbO/fuZ/gG/A38UTBcJY1Y9k+kXJsl9aiSn+amkNNAgK+1ec7GwaftVs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\Common Coverpages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
IvagiNQCl+Tcjpo7Kh9sP8ydLcqVf20wg+Dkw7dp2bGQ/34cSTJg+jR9G5+dSVidqBvLRN8B81zKb
SJmd6uZPrQc+zAu9xuhhD7MWEvNkbn7/gJdzLbDt7wwYReNvNVd8C7oZblcSUiPQSr8Z1Y/OptLo
r3cqq+aJ+K6y2h/4AXOxgIuc/jkfenDQ2vlbQtP+htBE/mhPlEioZdXrGuQTJwtXPj2F0lTkDU+f
YKIl/RBbGOlOF0IcqXCKwLyej27cgg+EicSfRVIqf0DYquw4uCG+lTjwQ5nVl2I5sP0ksHcjiu04
TuXl6iA/UjDV0ZiPA5oEbG/vynPDjSmxDBN+Id7l5k6OG+u+16syvsRlUgb/+WsZmbc6TCkmhtA0
vw5+gPDJnIcDf0T5V83cXyUdl4Zfbjfwdjsyb+kgT0XxkfUyvwlZnLN5dZ0wUM7eTb/MVTUT33xZ
bA3kQjvMuM/NeMrSAcE/fN+s4e7nTiuw3C6W4Y2QW66EWM1MC/m6/rOPEvZ2l5rtsD5EOxJN8+3t
7LOZej9hu2ERpPVtBdf3PaucZ/b1U5f00nzdTnA6KRTXpevS89Y5dWcKG2ipl7gi/eT7h6nW922q
xmV3146IJHfyFqxv9OTSDGr2MSzD3eJmFV6IVFNe6DgMYHRc3ZNlClJ6BTg+hLUiB+mOGmT3xY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\Inbox\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AHyh+wNTMyTNrlbBpICI5cGvXeBoEX7xxNQ+bgM+fV03X+15Tb0InXVvTidtgRND1LtgHXbutt+Ik
fdpBGgQxsD/BRed58C31NGpQ0ekgng/0Zf1LDQ9P0VqDUIw4l39XRWbYBPgSNvVWmkMpZI5+7LfR
Mwmc39yACoJ0AE/3hXLZbeAj9aCf7f2S6pBCMg8uI4s+KCdtIgNYQs+F17BToLNfOXfmdF0wLRj5
p8BMqWud3iMSao4+iTboCJC2bC87lNfSiSpt2v20o/l16jB3XoF1ETj/TP59cZCkCEhsttjKTfZR
ltbvp43tkGXHQy49Nsibih5PM5Rt9tBEnK8tf7Z6GwCOwBXI3c9Uau5RtF02tAdIDvuiRjviVjVl
Bd7y17gpeJwedaeoIBW37KXcLImN+veYVvaR33groOdJRa6gKEpQ0t9lWZnQ2L8QSM7cHzchheqC
i+HWOCWzBa48BDakSEw7LZsx/l2o37D0hZs4O0hi+mDfIxPSTO83eRK0DoTDf3DmVquG8bx0xYFP
5+WQ3BTXqiJBr4dZJBhTzYuo+fjAkHZSaA0b18yaKe1TneB6s9wkO4TTch6/1hjN+Xzbr7L+3FJ+
xAJ/GNxSHuTyQa8mNkzXM910oJF3dD5Sq2naSDWQPrrg/SmB5KLFpqwCrpT8q3rdsB9sLQF2bM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\Queue\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
aJiD3Vwujjxzjwh3VMF6prD6oQ8sA0zwZ7ja5eFnuC+KV2gUM7EDnoCjoYMTyjgQZ9z1qhnYIj8/P
Olj0Yj+8hdAfaU5U8uy9RopMj2JACWwbuSot18tKUgP+jLGFFPPRE5OM8b0cwRTTfVJ7GdsmTmvB
sIDWOPN3zIVrZSjda5YjbdMVoH7h1rT+pUcoQvYlE12IViFVPtYgkHeNysGHIikQI91QNUc1J5SH
FNErOBWbshTj+w2TlP0xQgysQ3prN+7MzTJAkRxCDTQF+QjK10v+z7It7g4dXa9aerU7fDcgBVwC
JZBUB9F10zX/cm+FQcTWR5Cz4t6yDm4jnpyji/a0Hbr7KukZmpJzthadIvitMym2zxzqRCw8v0uL
04YRaU3BClgldq8ak7ockjiIGq+7T615nuh3rwEOM1jAZQXhEA0A4nBr/iMsteI9duvwr3rp+iMs
ZLEv8b8BwQylBVWCM80uEulbxO/v/CxydfMVNMMxlYMq7mME08pfG7rHsTBd0Z2ryYH6FMJmQG3W
CF/E8pmlOrEuQIdlzG8ZbH6QZFbfBEjffYtZ3b8FOkioxD4MDz/Bmem4LwEVzSvKWStKeDZZLb/H
ivwNeYjg7y9iSTcFyoHDVckXqQ4zqbnUKb4bXnt0IRI7UlMZpuy/aAjwdmxroQvjv015F1pGj8=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\SentItems\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MY8Lrqf1eiumbJcvSbsMLvZ4m91wsbrZr60Mz5DpNTPGqyS1t4NcZSpknuRfDsV1N00lkE6eUPLLF
OK7+neL7Ll08eJOVpo7dPSfwDsYhZVDMLOtem4oeuKw4ESO5G6p3s5ll2wntfCGD+Xr1mHieAwx5
DjuN917D1VA260cTfGan08Z5sV1ZzXxg4jdFkKjw/k5gNed7/f3rMiDCUJZRCr9lgSpMoO42GjVn
KAijoSn1IR7Dxbh2h06TNdcbWu+pbbx8J9GL+Op31NhSo29GQ3P+DazvhMz00pxAF8CsgMJY88Ku
gQSZpBehfyyyH4z9K33XKbD+yQCxrpmwbq2RJ6DP6CIOw+x5J5BJTwy2kkThz8oC+EDpJz0H2dmH
tZEBKhhIps7Rq+cDf9tTg4sEV/kZO9ilEzDWZjk4lc6Ex+tgGt2LsxqmR5IfIw6GCzIVsX835YTY
+Lbqec5h62EGk1zxXNuo5TRi0ksoo6LXfhlBqtEzxcTF0JgptGZTqi7EgQ2zrTa2iWI0pUmD+kjz
BraSsV3gF2VpgK4l4YeTtDPk4+FFGd0NuXF5YbdBrvLmU9E3dtBNdjsSrm1CRiTd1J/WkBdC9yxg
u+2xcayzR+3ut7DbWSesOOLaVmi+bKs12jCRwrgdob2oVJdTVuYISpx1jx2kOBBrd78TqQNRng=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\en-US\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HkSOAhd47nEnPSv2Wojq9YDWFRO+mpS8M6AXtPZWbULTsEdqQ6xQiXoLIexHpk1aQADCSusVIia+u
YVTqhmH5Jy/52B9720VSVow+sThhG8eR0lp2Wv52OXYasP/BlCAnOXgMPbX1+CPTfu7uz+F5Z8oa
Sl1TNMHDZyvsdb44XtA8u+W5C+ec9g1+BBFigMqkggOOWThfdpEw1sK7hyDk2RUzdIOOqjP82huh
XxDbZB0lho70hfbvhUCViFirNivm2SFWmiTv5VctniB8B5HjHvcNgrVhw8IGeiLepJwLmROD6s2A
BUl7Z5fnwCvUecPfcWBaGDHInfSlFG8gpZIouCm7iP/hawtkdTTSeV/CfdIt4ZkOiA9vADOg/Cvu
k3BnFE/YEmyA2XEEho2GekGwKSif/shMAHS0yXrAdAM9PAF2+FNM93e/ay4KmFfI2xbqCUSwGe+N
noFmuoBkQwrm+DH1QhCUjIPMjLQTAoH2wwuyOV5uGHVoGvRMCJuD7cGSZ7a4LSO+csmt7Hn9bNUe
y7ah9uN2M88G0k9nVJiI4aoh/s34wAcVUe6XV+GkSc7vhFkPJ3bNv2xYBxxTzT9BULAxx7pzRzSC
KjExS3ZdwO6WMpIXtBttn+eiuzsJDasnVAQchaORcmk1t05ct4sOqXzEEzOHrlpJNvBhqNHSE0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\VirtualInbox\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
HG2uOpMqEakIEtNLnp+w4P3ic6X3EmLAzKVuEuvEzSuRP3UU4CJUlvBVla8RrJB35yE+/XUlG1kdb
F7cw79kHE/HjeJGRmJMeIyoldfFwFv0WAKEavz+gWx1ENDwYMBeTBEpacVGgroPLn4f7WHeVMg8Y
rfQQBYF4GQbugo3bSDju1gqJkzdn0MY6DYDfmPXZ+uL4jSyecKXjBIGWNCYWdOi2VJfKtolRwwc7
ARI8itktvskUPTCo/AYx9+YqAxnHhOyn0jyZEIODQJ4NP9tfJpHmu90+/SAeRNmIxQfBtDNEjteK
8ymjPVu6tT2hYgQM7/un2Yh1PtUMfIrF5xKA9gF6sSFH2LRbHUFDmp6nEX1O0BHOSZJyK1XFZew+
EADuZrnj2g7Z8FUgeX7mbb/w7sQaEiiPW7jcEU/Lo+UKO2VzTrIPvf1vT/r3jUX/v7G8WAxKCp8F
+w8jRBDZn81zSjJElvCrcWs6RYb7W37987hs+aJ9uy24htSnz0tSBHRTOjVW+GQDn6x+4w/kzBVy
NXtQGyYbJjbah64NWGCGdirxsxttTLNZOfSS6OpyAcorIASq0mfgERLIQoNEBr0CvROQPY1jOQbF
YtiRriPsxNCgjidCTVSfUvP0yCht78YDHFyq9Mfut+UvqW+vmcbYKvvuoXBKrwsG7hsD7iR8pg=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSFax\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CopLoKB3p+UuIAHPz7Erky/FUmU8eodudQUtULc8qGwueRtnDLb7YQfahEsaxKjN/Q+Idg9dSBCLV
/WqySrR+4nOnE5ksnemV10sf7UFZ15zJDRqieN2hf1YfMo0x/e9P7t2gWyzq+rpxamBB+NkmvaWH
uD6WPB06vrY58VCvh3Z6SYW8Mx6+G6nH/OnDUXHMo0CYFgV1YdH2/lTQ0R7ecgIiEPn0MslHeG/K
MCZsks8D73xqUHfuy00xmdUSwmY6iIVDVgLhjT3eYkRiMajrqG6TOhk7wEOfhlvXVp0iCyX1PS2w
LpavPVfR0G80wxQkQOgovGLbrqAi2Ks8W7/qt3Gy5l5XIpnM+wuhyRquCpIMbUgj3Z8OHzzoJLRL
uH/uH2r/4mtxqpQCxRUxkuHTV6CyTZUpdnvJynkEcO11JlJ+h4jHlmohVIAaAdgkTCXs/ZwfPevI
nzmzDTgwevK2B1j4xSKp8m6eEGJ/2XYh3ysS1Pc4JUBqEEaQaW9WYYmCuHjwY8722Gxuz7gky35e
Z4nZoQ9Duxh2CKmXMeAJduPDU5IiymKEt5puwEoSBoTHnZWcAyWxQArGDYVLdJI0MaeEJemvkCZ9
5ZzCxCE6L94u2soBbZUTIRHWJVQij8RGy4EaS8hkoVuVxJQetrtggfzKJQeGETxyXi3e+NFlTY=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\MSScan\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
KGlpRMGf7GYJPaLY5BBH7vSlZM2552KjSGV55nQnJOObuHoZo1RD6xSzm33Tb66BHnnR88B2r9xiw
XVwl/VswDjICuzgl738xgLWcP0CQPohpSxJsN9Qo5/dlEEDXkqOWw3TlY9w/qZP8ErNAyZ2u5EUp
gEV4rHfpIHYAQtW80ILn/JvES41crfbxMNU+4UDB5cU3hb/Z4XnBwwmBYM3rjdwGTHt1b1Msj+zx
06/A6wzNwFR+ZQYtPvYlLnH75hG4fhhEysU0z4eh492ckOk6Sf4HMrR3aZPLgQ1/hzIoFFcbyGmw
JAlCN/pp5c1T9B/EvISayTCSAAu0/ptbancLYkJ8RRQ2l9cchIS4qyoXdg4HmlOwEiDbHDqHT+Fl
1NgCW4KwuRJ7iWZ5iiuzz/dQJVAAzL7yCIZ1fXNkLLnaRCLu4L0hh5RUt1cwFzatFL3hi9uSY7vs
vcKRguQdHXSnh52f7Vrby6GakAk72pKeDkITzv39DgBaMaSQULYAqfr1F5oyJoGf+374PXrWhU4D
kpxEI7doFnq1qALhQ6KBJtyFbSEuLBVLmYMX1Yq4q17l8cJu+mo2axKgzV6rkW9z7gLGxYtqMvGp
Sui9pYLYX/vacls3tRX8ggHvwAoniJ3hKTTzysrEo7MQydWZH9pkc7w0JQiq26kZJhM7z4E5fc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\Windows NT\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
RaZT+fQDQUFvpTjhtbl7/o48mQjY3QiFqnzIH1+VeTMvtsRxYsoM8J8tXE2lIFjGUV2y2Gx2yg+aI
/31MnZIxIHCmeDLJ5usvfbuGcwyvzVbxwJcKoCyvgWji8BRCBq0Po/yd81UQlxNIzYc1A5lPq9/x
ibg0xaVXVOrXmjpU57LLufgzEH0+Duj+guGC5YNRB/ZOUg+tjt9AE9W112Nnzj+27SLQFz20S2Eu
gwzRe3g3dLb90+FG1HUVPigAJFwwMHjzYckIJQ9KCmyUGgtQqMvNNJ/jQbFoPhLxRIxwr8fqzVv6
C5OZaPE6IR6STZ8mcMdKJZVi4NFyB1YVTPfS3BNdgX6o0Nr7fVRiyJdDesuM9vUzI7EKjU3zOFNr
jRAjrGpQWsj2NnVwuUYJGsn5Zir1RlUmzQZDirWgS02GZszfUf/93gw3iC24NCGvxoULTevUnSlU
tiW2U5G3APW/Vcg5j2dtHApnYH/CZ/RO666/8Fbu7QruO7g/vcgyxnzYQJojq3NkUYBYvfQr4UDI
Ffj6HBLr79pwEhq0IaAYbMimUEA/Ewe+g5FsSWffwMtOtSdOheopy3zg4dWuigpFpuF2UByLH1S8
aMALHUGT7R0g+niQQ6thDWqKDgaZMm273mE+zZYoicRQENwimapmoNNSeXbdzCtuS9laqkXlfI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\WwanSvc\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Nz4CxO8tdmjlv/upQeuIT3WkNO7zAfpWOoAWK/bMAv/kY958q/KrACcp5chKjEBV3tj+U3PqsPzKd
74jrQvZu0pBehW3/cniay+kgUQqGu52uFPnESIoVfOR/Kw+MTnqO8TsaRPxpjg1yXeAfsgI24siH
2KG6ipgz62IVSJQJp1qWxX5IHSTKZJF2/7DYpCnL7Ni1fFn7ROFGv7qhOB5/EkaaAajWFYrpzTN7
YOgpsPoBPV0Aol+ZPe6oSBtDf5ThQX8x4cEAf+xAIy9qvGrOQSifQiaxlCAV8g0FUpIQHPzscWEP
wUHKt91hQp1XlrcSe/E4hmCCy9ZF4WJWaNj8MIjiOfCrdpP3VXpLRRxkUGmY7pLVN1tCIW//OYvr
6CMq5EgGgY1zXlsq+XnBngI3VlPoGmhqCcqexYUJQ5SEHn6XcLHmltveXPq3b1ngBTIPwjghhE5X
S2uly2HiwTcC5xNCiLYYrDjdnAAUnVxHFMs6Z8cjzfgjMJVH1dRBmIQ9FhSu7s8Qn2TvMXUzZncQ
VYQCYDsCOob3ri0KJ+rRCTtHWgD48Vn3JdSDdct8l7+EkLGypApTWCGmmKo/9CrcMoROst6bJRhs
33wxP0HJRoYlnkFHtykWXNBe3+YnbJE9uvC0jSxicH1+OVpeeS8gqqzlPxpQOBSaski7z/I+Z4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
K+m1nMWebTcq6fbMu5RTwQzs0RRhkYuGbQ71PDkCh+0Jko63PIuwLxWMruUylwFwAVYEZd7hKnV/L
zqqNpJEWQ9vB5ZHrDt3qrWmsptTL2dYxCweIcsgW/hCcq2FQ/eXws9fsfs2252GCv2xlMeRL692I
kHLjv0wNzvV/Qu6OwAsdL2CyiZk4r3whxFS9dm9PfIe2eHqpPMTKRMS83hT3qAtDkn3M1k/L/ilh
6PfIvpUHUXa6RfTVpqiVQfz497DJynve0kEFyo/ttANE2n0DjRoJrBOL4JSZmtIs0Id2PLp5BGmT
MfdYyH+/UAc6a49OAm3W38WADaRfWyabD0E8QWsUdsT3HMZIELT393qi8OnXoOuM1XRiRWWAGV0b
0kYoc/klC1V8Q4GsVpCUvubJbclZuxrLUp8tn1MIPKh3SX5mDTgYPn2NibtbxvFvGRFsBKHxwEHK
3Dlx1sNASdvRxodjQOKfYNGjKIzgA3Tpxi9IVI6XAvW+sBPHBcgYa7RxwNuVrx5XN8Sx2Py2sJAt
XGLBUCI4tPntoXlnw8qxqO9yfnXAqv+/Ymv9IcLjS5xnjCLu8rpKO356H+GhOaoI2tff8cVAiLQV
YoM1Ddu8xc9wtxM2thPywhArSeKINtJZfo4RMdbh2hs2jQGbKjU+mV6j1VJpV7XopEQtTF6vyc=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Microsoft Help\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
bsOHK76mATU2BoGLRJaD7ZzuRcHuyvhJAE8HbchOKPTJVoV87P7dOQU8zGdJzLMfnyKUqGaQFqNps
AWBuVr3pQPFUtDR3OW/t1P9a/iCV+YsWj5hmuvb1oqVfRnoSyUynUmAiKajVWYDM/QmLUHMtP7VF
8KlBHmbsq4WYtOLfkxQACKcP60yvPUpehFn/8tmHxwQTIE2M37MMURe1cD88+SvR1g8jp8FCyNdH
4apwoeJRzUGNYI3klUv76rZOiNIjaYD3CvR+Evpz9/6Nhg0kPh0CdkETjcFeAEjV/Efzrc3TJpco
u6Gl78Vo7ePWuInfssWeleXCjIJrET2n62pjoyxDew8nj753I/YgQh0Rcqk3D3MUaf/+Lrsl42ry
FA1rDV4dneo/vI/5gUj8bVnpj6B4UPSyuZwyYmMyzjEeeRCIj9Viw7fDGZ6zzG/bjUWdJ5bjh1kA
lgcT7sh1MbTqKCnrYuEmxub5BR05DyrQ+ncK4VQi4AJG9hOw0Cm3gQ9FUEUh2Thh9iM0uphECbbu
OE/LDhPG0/nzsz+Y+IxVZIPmhXTXyMjioBrdoCh5K+Ja9g0dJCzNVhZHTRZvyy99OQgD/8R1uET9
W8CvvNh0C1Hn0RdqRuNphwPvnHSW0wtgEI8FkJwZCo7b4zMo1io9C7ruSvMG4DIQRYrfYpIC8w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Mozilla\updates\308046B0AF4A39CB\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PLFiCxK6jizDZLhR2kSAdQPd06gnA9k0wurnrN4mUX/VDl3jUk7vi+89iVFUDzlir3JtvNhbO35Xe
mGRbxXZ9UssPUpb601U4S3qTVOk/AktOh6Hmf+40lmWmIkQdpVb6dZyQ+rB/Qt6raG3khhKaqOjd
+JG9Mf1RPHYHlrlxkNKSSQTF+YqqiNYupaO2N2s37MqQsSnX/AJN+11qdwixmBr/8Arv7hPPDywO
oXWEoDpdffimcV/hNhzT3DQeSc3z5A3f6kxO98A/BhdtLl36ODu5esm+5DPDIZEyoKfEeVHtFqzO
GgMalk5mnQ1eB0ImaICbDPfrlW39SJV3Rl6XnLfDiCSE+ofKtixw3kkZXL8onBTDCMjYpp7Gu+/4
V8MPRweVRFHpVfJILVzUxyXYCWcHXUVAAH+Qml93gjeKD5u/Q/I3w5XODtsN+bJxOKjL8y8EmQth
fYivbrs2aV6btoxmpR8c56mWSzZhz1s2+bWCtzRSqRkoPFYI+bTxNAftqQqQ2tb2mBL2LfnlrY4I
N15UTS+TAthda/ohqgMe84zPB1ld8ovyqNwr82TFAysxPgd7wwnTJnquP09uEl2Q3OGKeKXyCOu4
ud2q/wTrzr6gQO8prHoA1MymlqghiXCAtXFw3/LybgCwmCkJ3O+WiFcpki43blyPf4duTV3BHk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Mozilla\updates\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
S3yB8d0U4cNn9cI3Lbd9rF+6lhd9tyk3IJG6/w3aJmggYsxyQzrMnpti275fK5tJR/t7miWzyIgTF
RDWUuwB41141y60Avb76bPVP0iWX1p6DDqTfvhSlwLd2sNUMGfKWDAzu8ZjhLi99YEYlcrKmOalr
4ETJQgOmZbPCQTGFhQJ/PiQamEcRfi+IXkku40AqSRIWMU63logVuIsrS6TipcfSka25ZTKY+T31
lgXD2Rtv9mWWBQKapfnG23UrqYgydVDy3wKAQu/6Q15WmvNFeVsRzjc58yVnIY3k2E9gnuJ3/xbj
Iikf74dk4xXM3plH82lzXg03/+SwMHVSfx/hXAEyHSfkFLkCpypyfGp6aC65Q2H3nLOyTBrajXQG
7Oy/PIJEkgixyVpiluEvSyDmFqMrlXXuE2CZTRBBpka05mk6TUGi93EH/ZjDsXcIPcGLkny8pe76
3BG3LBiwnfbR37HVY3PRsoqpqxb1BTN2XyAyYGs4+Yo8clzwFcylM7QRgg9Cq2LfuooGNPTqon5G
hOb5fI5mbMQCodlJ31CdkUAjTcxqz6eouzCZsB4SuUucvkYs/19TNGVVceZ1mtv5SGN4mPfURTEW
gcNIlUY7kzFFuoPhkO55IkVJQ8wUYR30YAsb0PODu2bM9JUVpRfvE4sgFakllgcPe5k44VYdGk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Mozilla\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mWrajNCUo79tjG9JCipywvolJGUstmsfzSxGgT6ab5JT6a4MYXu4FJQVVtplToA06VXbB3PYCJdMk
CXSUVTZxcilSfJTycuzV7I8zIKUjjybaHWe/dbs18kXbEb2C1+i8+DzXeb/IeXFmiFDbBVIZXJJl
ofSMAXErDlRwKCPOOzIvkPUTzKxEWoJ7ZLW23PckdKWgLpP3N9MROEUlGDM7Wpxk7Q/JFCXDtRvr
4OMfNQLvRYRRRY0O/ziBAWaHDRJ/xW39eTCIdNPg3cHbNX6ibdImxOzqX8BAUlk26uE3ejvCOpc+
JCHLbx1HZqS56mx9sKtWIQrUBJqWylMpl5Lod6yJELcE2ghcaLiS3+PK37IPuEbvLIK8Hb5YleA1
CGp/gvsoEFIgtmNjk0dlk9oJja4Xf+97EVNqCkVmYEfil8KatrL98/j7CWP2PqKtdMNaBinwmO8h
J1cPvm98Pcd3N8kyWbJKlChsD5/hTg7hpcGLrvciWztSxuhNYcyCIJ2MKExaXWcTYePm6Irkqf6e
hVoiVRnvfUFb19XGWBiaL7k8DHwt6YUuqTeiUhGEb2RE0+eUFUNhhBO2kbKWmvExbIaNyA/quHSd
WErR/fD4xLCXxrMYsmw2JwprUo5VFtf5cZlvyTOJWt1Oorbr04j0AniquCX+2IDuM4737XWATM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\packages\vcRuntimeMinimum_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hzQvghsJUOMRcEL/eWodcHZFzRawf1Z4KaEWnxymdClzNq90C9nunLfbYB5ucXzbJeOQpz2JDkSqo
k/oHIfSAAJBCjVu/H4dZrRAy9T5m2yDFCvvwaivNeFGpr8n0ZwQEC9XnvlEV061xKgNOhA6/O37U
FVVaru/47DRqEuIOM1DYN2V4C9sHV9iOA5Zdh2Y3TK/mbo4SHLTgVKhqfxLW/g0GBSLXCnNcm7Jo
xv8RGBgeLCAb1UULn6T/FdjYojTGjwgJDQuLmqdVaSgCp2sU6rxFqhSbyMZ3aFT6AZNlyOfyy9tC
3Bo01XzOHdpapWf3PpEnrMTNvIK7Hhk0jSdjiaiHxqClcxudo8GpqyOOGcPefgGHeuMPUXwSRLZG
OhD98rw7yMXnxtDSht//U980q9HWEkojUw67Ki8Zg14o9ZUpCEeki6+H+TY2lrRacsfccfD6Hd+Y
qObhOk83CJKb+yi+RxbAm2tQLtxKWwnPv8Pe9fifAWs5d9c5EIdSHSxQGdEwVcYGbbqwlEydqrEo
8JII4KbNstZXzkkOXI9MERQSY4rvKfEQ73VUcxmcGqdM6Ix6J1dN9P4cBCDpjFTYRoccgbkff1/u
uP4V0QACVvdZiHzGaqMFBz0BTXQPa7tj+a1tqAEIsXD5hjaw60+DfHRBIbn816uTYDUHvRkv2o=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PH+NtUugDzC35M1+F4lrY6SzL+HEPRDESyTTGfuR/AzhJDVWtL5iSvjxRoU+KoZX1WZEwDAOu0Q3y
4ZsFv2sNx7gAM7pxRFDuSnPSAXKWBBzAMFZ+XAs81wC1EFV6CTbTFXnpkzreF0OURHl1AK+Ta9cR
xucj90acTGVan1rM4nH5ARttVz0c07F8AddCo8pgSL0fS8suUhp899dOYaBnhzxL7MqeDkYqRQVw
AN5s7qUhrVahiN9Z62gNFcLOc/jjSl1Gjcblegw5wTD/3Yi1ELL6tYAjh1/7x3kuTON2z7bflc80
6GUd+lvI6oTNIF9EW2xmehiyPVrXWWl6n0WrTzhkEcFow2PY57lOUxhOvCa4zv5hhwZCs9oEdBhr
dSJeuSyXgQuyH4lFm76r74CHSWt/u/hnA1dDyP42Dn1YSbXeE+uRbb227/ezjMx3TQPmVrZ1gOCm
3KE6y3KQxlb+N9nLDWFSuToBo7npp2un2HcOyf8nozTDBsCl12nKiqvLXQSAly2sCk8onsECKnvY
0jJIu7bRcNV8ihWjMpqXc/bVD1myTcNRSx8+mguAfxlCFrBUv9iw8e/YtTRyGMEEc3/OMpoFHUkx
t81eHHG6jowDvFZZQZImg1+hx3v8LjlJIF0jfn/WYJhEE0lqE6hlTRyv+ehLNPQ9PNfBLDfJ2g=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CB0836EC-B072-368D-82B2-D3470BF95707}v12.0.40660\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gVlx9QSXYrg5l5iTyxbcpqaiX6LYecZBmzx3DJ1DTa3sBa203kYDuQgnu4yAroTwaDM9En/J7wjFG
2iox4NaVtYAr0fEs27EBo22aqj57c7VzELW9E1Op92HNuqvgNv+8EThFSDHvyN0H6NSeOWj9pANF
BqSRdREkpzis7Q8XcV0arpfCuw4hC5tXuwQfLmwE1yDe39VlvEJFnUoQLQuoTIkNxdXvBcM8T/sl
n7QXUXD3961KD5hhBau74aFYWaXSMJe0Xcn2PrpX1U3XEaFQp7TLWvFiSDrvLU3nA/WtzWSmUCl8
PhnZ9UQxClIADu46I35Pe4PtlW/koPgEhJQdjYn2W8q1v6d7UXOvFrk78aiF8TgcYMy9DfAdmQoZ
yuR0NTtndBYfKP6xuMTS+xn9pENK8ZdENHDlRgbvi5WmbMz3Sgpr2FW7WCNKr3XafKWKhoSS85q2
SEDlLLYDINoGmIZkxPB0yoPvm30A3/SF5ECnETrDlR84bVTBJq0QbImWjCIj1dPiYUoFl3G9LgKE
341GaCpHejLq+aa6LHu10VeH2FYd1AlQLU6+szyvjlwC83bHT1XFSWSJH+yeMqeNwyGwkNa71KJj
HnOeyWqKuqNYVsiQ1vxsfOFAZyMIsUqVepYgpGDoX8D/RXo+rQOhVVDXlvtWQDhd8nYy+eqmnU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\x64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
OgHG1UQoDPf0CDGb+mqJJ+Jo51nOHzqpmA/WtYlAA07Ute/eEgsAvYIhN7GSCW/p+tZXrC9zKJdo/
9ezfrUBpiIphSRuT7vIHtSu245G0R2OsaEYcgA6d0vDuoGwE4YKIlesHru5pYcuBYwzi9jXyeCby
f/7/hEK9jPGlMmdqYdqDuJqPjsNXCUYoHNMJMrdCJ7bPOCPea24ZLQGtgqRrS2GUvZ4UkY5ljgQ3
T6h6WxajP3oXCoTtSbJHgK1F5lPcYzta4WdUBYcdKmZ+cOueliOyaqPTX2wJtNIbQdaCid9obfJz
lqGJcJF4d8Ri76Y4rYfmmqT3ytfGCwryU045G+yyd1pl4SLomqm///eKKN13insgeGzQl7s9EiJO
HQdxZbMz6WZWNfaI1cfGrw3Zi2/0N9hX1DPOZhet/sYLAVA3urrQCTUGE6mwNzSlyQw5SWm5XlwD
/3EHa56j3QQKt69iOJeJMGzSSe3UQbzJdDUGdHV8ppMfkyPgAPVPnYvSZUO9jEYD/BEX20la1KNN
NsxHks4LufEdYr/46+jM1hXf963q3v5HyYd2z+gpc8Othg8VabVj2vCUTkPgugVgiqaf//XascwF
CIjf8xA/9RzVpk1aFKzhBb1SjQzY5RR16qmGHb6iiL4xvOCIi1CIPznG28alCDX7W4KDNe0uDk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
FJonepbooyEa7smWs3i1AcqICjDuPqb2xSYIxejZRxBwE72luNyuMdrt/NPa4TG0nsmQwrfnfCth9
576yFakmNCgdOZvQOHcgR4+ySTeBvX2og4dOoiedobKQWXhzgsN9fRpO/ULCZlCQry2EI2tU4Wdq
hBDkCWDs5rlrFk1dI0eIG8JUsnoQ+drmHKJdv/PpO11iLI2XeWKaMoooRL+vEBFJi2MmhTc7anzA
/q9mldn+zdboJ4uZi/nGXgWCASOps2EqeT2HtMoIe7JVZs97zfItA1sjOFptp+QORfnfB4juuMqL
z/jFPBvGSmwEtTB+BWg5wOvf7L2NIt8mH8meDG1Wt5fSkmQXTTmH8GkrZBWRkQK6PGRZ8qRTPKyh
jE2ZpDzMTzl4Mj5MdvJKzXXhgyv9RDc3/4PIj5RO9Jsx3aQ6jkb55MYUeI46f7aztfwnR0SlISrP
nfVqvnhjUiAvaV9dNz+Vba+GtEC/NKKMi3HWfZRu3d9k4nafreL2Pd71N/OwLZW99mSxSHrI0UMw
4hWomSUu1i5Rad2sh+ypaJcVwG0p1XJxzkwhEYhOKW2LJ6eVPyuRu7M0xO9OoCO//Lqpk7yuJn5J
mtP/2ojyH6NFz9tINAZdIIYaye9BP6wgj85vWr8C37cfdzFqIMNkNufbslPDwF1d6C7+an7q3A=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
X5CuwFi+G8USsRIVCaFz4Q/RHiIkL0SbwxuN8vkb1/Zlf5lM0NAo7WSkE/VT7F1tf0M2WJD9KaO9C
MIxB/xakT8DhopT/0tLGjYI+KYgafVUBTesg8Lju85tVbBhQnZRxTOhHCAu90ydA6xtYs9ngG3PA
hFjroT+zkKG+dN0//itC7R+AR4MqWg6HTcTcFbBzVH0uSno6lnkRmlxwSAQ3BzK0i5QeJUadbL/X
CWgeoGLxbZeF61wiq8tM7qI9tAd289GUAtOUg03T2lYWcrTYcwF7+7Ro7HyUatuPpTwPXZAUmHxU
NKPiIgzJp8zYUm0Q+vV0MR+Hqx4CATTzylE/HP64iOlj7p2xioP36bsMO7TcLm7RKrtCHhRBGtde
iaOuSlZ077lFbACnZkHy83VHLWHvIZBZE/tMEYZqbzKfkuOEnkLJJrgUZYS40RjEBffDBYSCzQha
EUl60YY2Q48cM8XAXizRQysPWbbDEYhgaP0bs6GLYWPQ9r88HWKwOFMcXnMgORA2RM2gv/o1zzH8
xWOFCHIWKtVVaoLZo2UfdoQM5qpU7yYxQkCMY62W71SNVigo2ckrRJ0N2w96leYszVLwemDksyx0
rxLw9tdlpCKBYqAuRPhblekoALVgYmNcj93jVWBkNw3Mae1AxV/igDS5bPcV3DYXawd7AxEzTo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
MC2HEFzMHetpDH4y4ie3WcP1XE6HdGaXRQxuB3giduWDwQbzEubeT0xye7pT09Uk+8uoedQ4tWzLW
Vgm347fD5GeIx+CSv3bqB6X/tuw11xf6L2E1WJlFJePiTupYDQ5U8xSayzk5dA0tbn7LlWL+M6x9
KVeuKoWVz0QBJGN3F14VxVuEvPrxzY/XOXMbbnTaclzlOw/VvzfyNdwKHKFpjyOuJ9cI8EGkZz/4
cm+8gTtTL1GaumgnUEhbvlxEFNFYb8YvkoLv2nGWQgdt4DsfhbRLwqdtopsfeithAmQ+87wJ6sh1
xcaI8ggA/eBtcvf5c6OOzbD+gTcDdnGqGwKxmctL3oYblpfZHc/n6ARGRKXQn92WbAKm9SMvg2jX
sOl2uxKRlJpxsxV5kxuu3hkOl8n9WViWjwmYNlXHFLVjkkH/SBtqDvMV4XcKMR9aTsizVbF2+TOn
ps3qKuabT+YzMZcEvnXq88K+du0kSkjqHwrJCWTRA3CQYG6awgnaWpZ9g2qBq2krqHeOPc+d1DVb
QyLBz7GWnepnjY1EIKQa5QBT2q9+WTi9LjJ5P09j8SelJ1V36uTe7NuW6bPUZ/3HjPanfZrpXl6a
RCyMKjGijm6EEmv7hu2RdrbcmmLoXlJ+ycp5YFNObVwNnR4kUiYJVbUVQLUbF7Jke5t8liVwus=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZFgTY/Sl0yWjoHqkO1nrDSL2iG6CEib8Rmg4l6gOw7pbWm9EzHZTG6lU+AcmO7ougj3GkBJ1/9ZJ8
Q21BNCEbv2Po9+Ib3U4OdoChhyCSkz6+fEqHP3wRM4q1/5LYEdE+7LgVUVgNV6xtCjyyNf4xuuPb
+GTaADbwzJCEVdwXJTotPAadItc+mGGs2a7rlRSLQUiz9JGXwI/WTJVwjTcGoFfUA9TDw18OTdjm
zdAMMlpSd0wV7QjV7tIAqAvTyjptKbmJtNP5g5HT8aueoTp4r47j/qkCzeje9i/0xY/zEZZDTS6e
Ebcdj34U1ij3y3xic6V2m60FcZTgzqBvUF9pR1XB2+g3J4hq9D3Ei/6GIcEHtpygWhmZnFzV7rzT
mruVT0K8uGOJ8tJjaJKfDYveRtBK79duMwKLdwkFGEgGfGqJvjRShP+epP5PXMLxl01W/LUPimJs
+o8CYUV/999Z4LlwUY+SknmRhAKx2/8Q1fPq4TsqW6CEhVMxufjW0nSe3k+XGfMrr7SiVpx8g4Lr
Ydf10+Gq5r9KgVkuR/i9Yxq6iAFzuLWKMv/L2k/Z71tZrf/4TnirV3G3Na7lvGYcb8FxqOf7RbnD
SnGXq0k2VFiMgQokN/GZ2Wnd+2XYJKWol18/8bJUZbnv4mA8ufeL0WQarmUgleXCj+TP5u96pM=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AzpQKPkocj76axbUhAGLe+H/M2Lu1QyPXCgbB/89a+TXs6pi4Q6BYra0/IDVYC/DpJNyAzZqoUDVd
gRO+uExvWfIWck/f8V5F5Pvam50VGksqsiVkdW3pZueyXq7NHTqOY3UExjJdXpNb6NEBgDSfENsu
wxY0efLBl0DEbbZe3+IB0Q8V4Gu6Udm/+Fxqald1YrqeOi7QXKVR/gpdcTMLrkN1e3wWljLmAOsr
Rn+rJdZTEa3He7QnplIEYRm4F1GUO1LaM3eDDHnci6FeExw6C323WkWuQnJo97MIKxNGVmGpYHFW
tEpixohr1UX2g9Yd57TgllBILUmKWxPwYPm1MWNpTtUWNo6pb+9U2hgSB13d0OAYOEH3qZSYMVDo
y30/hkGpUgiPcw3XCBNEKwyQdaY28056nL+BVabvUTZHb1ke2NG7seho6iXcpQfJQsCg6H6+3Rof
5FWuzTJg5TFLGNBs9V+3q3fV1YVsJj5z9hfpTjDZnRM4HHjUBgSgYKuU1C/9Xlw5aZs7gV/brIMv
7c9gj74pgoBkITNRfCZuwUY+2e5y7DJZQZ9wun7rRvtXBYZxWE1tngY/xcPjP6lYssInnof9Kvps
V3kUyopk1G5Wu/rc29+7/ptHGl9mGYyPcJC5esZ4WGhnMNu6a4D+6erWcv662Ga/lSoArmcHnU=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Ga9LBpKDVRUsGN80GhHhaT0BKIyHJbDxhL6byWwn6Lu1T2ED3xBYhchxRSi8qpXxI9lenpvcnvCI7
PT27SkUWYvB6bclC3Bz8GcsuZMN0BzjepzOcV35VFvUTlH/m6Fl4nRIjF2sPucaPLU6Wk+YMInao
66il8C9NDQL4FY0XECEVDVjxBh7DBzUZPWoeUDBrJZsPcazlTRlV9rAucq/16eW3zVDGoSghD71V
NsKc+7Ru8Wi+UnG27YzL4c1TgoLsVOFmoB5Jd9DLPMTmJ8jiqt3eTTfkRFXaQiXI8pb4ydeiFSXr
yc27osI6a3Rn4WPwN+nnobR2Hv3MbgcV0kzdn/5xvzaIkCtugOjGat4TcCPgdoqMT+rR9/fJ1HK0
3EHZvznTa6SKCkyXEe8eGvcS+DaeIfiESXH2f6ECMrLAQdWFeqJRicTHeQoG/d1+JUVzgTiJ8Z00
td4rSQ5agmGgEVzhcZ1ZwtrJSB66H3GeoE9mCZHxxOPAqF5GWLH2CVcBWP5whzILUYQGQUrGC5A7
SI0xTAIHerhRC01eM9dt06POo7Uw8qfNMy1sxUSk1ok8/JDsuGSy8C0TDnqkhYbT3XoP5tp7hFb2
p28cdwm4RQhH8ZLTCg+CaB4tEEhBBQ3QrxnO+cyv1MH52aG2S3WO7fO8TcZk1e/qpSaffCT8ms=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
TXBDo0CUv47Ey7xjoOESGIRqnaxHGGMJ+SR6aOtAa0RORCMh5JT7zxCp62LHVKAL5/gztbVx6OWxi
GTeTzFAq8M16wRfhiv6uPMKZIhApWREBaYGWGQIiFI1r6m5f20E39mA4GxKxqw4+GVEqYJexz51l
r+fXMeRXeAb2vsrJ1TpmiV1lYWkYZSS07W6wX7Faf3KobqKPaHOcvu7stfnM5BC17scoKdh6GVKi
l73ZBYwNhfxpEOULIlk77/wUCJEfdF9OblLB2q1+aleF0xJdasCG4nfcZZq3IXbqnlvB/5VI8fFH
mVTWAsRExq7UcCX5ihfqMj0iJYPjqVUHAVO8fnxmY7O7DRy1Iuj65WoFkaEZeV/4zGpSfmkHEL+T
rC1WOaaNLccAMqQ5vFKscyFSdCiyMxkc/u0UuNgTIirb38j9BjlW8v9bTffKfMOHp6EnULrcZ2Ru
kLhyXZHKIYJZ37ijm0IWATdTP1MT9r1UW492lVhX0B6jDyyj2iSi3hp5IXJ/x/ppWrYhAS2jrIl6
FyUTNa048wnA3JAbsIiGZsh5zq4aZ9t5Ssxh4xBmh/ZlsqSl0Ba29mbeWxGH/Aqss8bH0SrfSuxz
TQyKG94t5edVOKg7e2CDprH95M6xM8ELEHlHqN3/CVDLzB45nzWy6qXPnQKFG/3h3ZC4izU63Y=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jS9EbiGX9vU97K/L+YY4MEEXvrQ3nDDCnPfzoepXDKL4pKEXbAuqVMf7nwj25UI4K5TxX7h+1Ql45
8vUdTo0TIGpSP+cMKZkgG7ognlLCK21ywFIIHK7HZYC+7kqWc23Gr4bPnqz5/SjGQqVFXm1jWbqV
3zgbidjJDIoEFRFfbz7k95uXdiQrtl1+epu/vg3ly4CGkGieouSK46bkedXAhbVbjfTKUNwqGA1O
HbRoi0wOO/u1J3/yJ/PuxIRyof8uKKJLHHgjKBbWEmK0Dtt28QkHknTZKMQtKSdV1lKOQmmBN6G+
6L3r3gk5QDfukER86BZYrWYc1HkQqNKW9xuys0Aka/e4dBLayGLH2ZKtua2y00FZm/M5aEi0T2qj
XvN8lqjj/osKhcs9DogOHHwIzGNT3xSF+E/l9gsQt8wMm9RUYs097xIKapw3+i8eBWkZ2Cv/T+FI
PG1zCQTmP5wmTSdJmwbyuyXj1Rq1vl1UlXZF9FTC+Po5lAKK6QI+aisdxDZc5BSIrAYrBOWscGzf
irCJ+jloF4YN56W8X41nNSxwMwFiKk3VK0rg1fj6WxFN5JicTU09qNDkb4ED0FDv0Y/bknaN+wrz
wqJiBpdpMcIG9+BZUaKr8CoId1O3WU6S+OVfVdxDGKcPUuU6uhT1tHYbVFKtzphwDERdYDB58Q=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}v14.21.27702\packages\vcRuntimeMinimum_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
T6VXY/AsmsmFhxKtyQg+xk9RHETXYMUYV6OJr0Er+7MHTBxI+YxxFZ8RXHl939adrXZ2TgB4tLRuh
fcGtfFQXLoi0D9q5oztmc0wFYxGFcDs/wW9Pr7JlwtGHyYEvI+FfUGPYz26M1dHCc7JYhy/aS6Xc
NWQ3/Olhhbn1s6vVHeP9GCdCFMm3Zx5XJoxOB837zPl3XKfl/b80fZgjFfsx3gDAibedINOtToee
PtM6fJ7eaefsld34MaNuNmEiFpaVumSy9OfDvOOF+rQwWGLKjIa65IeialA45R9i04U9mJltBmJn
2IuDNUnIwkLfUfWJpS22t8V4MSM0LSYFrfmU8H82llgP+bZa9gpNxSwjyoejgnFEVfGmNgMTLASq
yy8dIsdlA3XT2kLbOXSbLL1KbW4u+x/O89ZKeYUJuHA6aDNZWWvFm6Iqr0xcXBm/6IPO7NldJ8S8
krvkRJUoEB6/eWswhW/QWxAQbq5XVhYnuyTTnOgQFnPc93mRuKVOCuwuPw9n/QLu+UpHH2uDh330
8S5Ggq3XcnEgAPqXlHD9Gdn1wVJnewCOYH6r3w2p9HBKAUurj5SdWlVWV/QRyJgGYIJ6CamB7NDT
A2aWMVngZZvUFWhR/0JGv38h/qC7t6G/bFzdEwib4HVDMSUb5I/DxSp1jQzekGZqUNOLtNdKGo=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}v14.21.27702\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
jLB5/0UQG92bRk+ne355EIDV+w94K7RbpWLRMTZND43d+dM2bRcIwqvpjyBxYbwKQW+r708+ZjhI4
GmpLkBPthviBi3aj+aM9AyPjhswpr+RUYsWI3OYeNyGfATvZTHi535zT++BHR0/FY2LzEjmy9GAL
bTZ38UW2Ifl45D6UnbbbPM03XtG+wkNAgPeD/6+U3FOkoOs1dxUivF1/sN6bEjNl1wPMV6sZX+Ej
qunoPy2BEi/2t4yPV2x9jNUPN0XstsRiQq98FRr9jroXiFunuVjDinf0ehB4DO0Rg7f1t2RAEJbf
ENsRXyM9XBKj/dXdb+pnwMZEKn37gjk4WkELY1Aii1xQVxJtsH1wwH3ar5bgUTQ7p632A7+ZQIq0
p7/kxilTiJjGvea0buIzIySwF7IW12lfQlkqEkpFNPr48LMevYYxBgrSXUDtqgANdBksWnA0/26U
4+NzA+EC92mD/8xNelfRIaWITjaJLVmln01oZP/fI8Hq1cQ1q358xjNxUyfFR9CcvJyziMDm+yn0
35YJmR+3o03Wr1UTNl52VTWFGh4Bkcepszqdt2VWrF6rRbyUTLM83zzdvGFv288Dbdh8lf9hM/qT
xpG88oWx3P8gxs2sKrkH62lUPzr2Jp/0q+q6FBDysu2SFv7y+YxKzdwMYVDshmp9LRsoJchKG4=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}v14.21.27702\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
M4UWDuozPcuyHxcb9yuc7qL0kfnhAaglZPAGGl6ahw65Torr3BsRr4+b2kjgePxZgtk82IIN6/Ys6
nJcAXz3JjZxi0aPHWU8xN2FsQm1m6Emxfwl15KkUgG5fMLJ9gdBkT9t41QcANMsr5XaOavoOPg/i
8VTuEjUGKJsjZsT/EzxicUPxcXUtj3HFUHLo+PxrMta3wQQzKOjaCqxvIFc2DBjOnFT++uovOe7x
WVD9cQH0tVuUp0Nv46fGQ0fJLYs4rwiQriK2LSoVzEEyEV3UjXZUMFVDHl2MSp54nx4PJCtRmqsW
Kz3Y07E4SXW7boCaYms9xtUR6NDfQAEweoHtTpCZ8Amb7wje7/MTA1F7wzp3wvY3VANtsULLdXCI
YhyHgslzkezy73vmeL/k52pPlxlto2NyAVz/tCZ+4jzUnomhwERoXhELW0D7ArYmJ2X0een9buMp
fmaKCWzGYASgfJdVRy01zGVmS9lroTRgqxOzkUuRvupUGK2hhwxw1JU/nvbmhTMoG1v1xe2+D7nO
4EKcTNxTUePHL040M3nWA3FdgHoCJiKtjzdaAs8a/DBiafC8YDNvhKejrejLLxryVXUrySAtIITo
IsiXXPiKxABMXgjSUKDB404Z/wiixQjU5LILVlpMfnTPwLQmEsPdEjXaMsjWbHauA9uHqolr1c=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
mQmGw2L9hlhBCFqBWrhFy180+NUFr6hXrad0nEeLV9rpIm5r6Knx3VP3HAElI2qxCkV5TVfDvn856
scyYwWzw4IOIXrZSRAv4Mi4nFr99GLcMY4GE/mMhnHH0/kLzEiUH9NXtColfTJascS+/6XAwkrC5
HU22373b2/P5Fuqfm6438CZAFAkIRctIEKxXtEq7Cbi9QqRzOz4pNDj6YdFCZaBrI+9I0i63DcK5
ZLJRCE3rEnXf6q7Xzwcw0D5i1BQ3R/ok0a0l7E7OuJWJ1tGI7PVu+CCqYoo0P66dV9KMvtT/eAMD
tm8mi+RhvDfHqMqE39Bguyl6O1NcSPesEhlsEi5HZjkoft6z8ftzZXm1CAl9bHh2Ru9m4RI9qjfs
8yOY0cxDIQ+fyR7z/N+b8Cbhv0MuRQDj+LHEQmw5Hwe++8lCjCi7M/gkJxVMScX5Q72ODYat3+6D
W4QO6Qj9gN0IQnj+OdKqX6zUR2bxL8HANt44MedtoMnw9Xj+e8b4dFyZon7Pmainm1WxfdSwvClT
4gA0cM7+ImB2tsZYvtjz2rkTB1UyP3uD2r0S22+ixshXQ2TmZEVM56aIwlKE51VmFjTYP59mjOX/
ypM3vCAQEVTKwWBJIPNZgFZZ76wJEbSQDCNVRiWvtmF3TSZDX7pauwrXA9qFwxF6fCSmYm7ldI=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\vcRuntimeAdditional_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Reh6fIOlxlQX4pJsO/ayHFM+7Ny33as+wXjGPULAxoe2pPzY4GZnVwbDI7opYU10FWlsWi/E/cWhO
7h5drlGtCgxY6BVgePMFvgqEnkP5FKfb1wpgVdWJ+C3otw2Z10sNd/Vg79TjqVVjXz+I2I1LtOJZ
GsL7RE7OVAONaAjvL38otq+8tDVv0PGqSx4+MADgW7CxzWF+gAp7S36RdxpjgWMLXjMWUnE3v1q4
/rXYvKJbNgFTZmnSowm+XVasXUSgS3mKOXlezARcT/Zd/g5pOAUzppVQ4Ummc76GJq0i5byxGa4m
DvrUHs/xK4ft5+NYSDVuhvMFpazBURBhzD/ZggMdlI6El22QBei9ifPjz9U11Otk0WEcStYRJIyM
iQVXYIuJIreLlhHnJTNVq0SFW017JuUSip9S7LsWu+lGOGbSTuBgLGIWx9NMPagBwcZbz8gZ6E+9
DZP4Gj1tOyOcSWlVfocPbCdE/aZgF68UrJV18Ie5u0avkG/pDtA92/AQEWM/iwnmQhwjSaJMoJsG
UeuozGLvJct7r1j5X5iropvKk2QR60NTrLn5khhX1uhQ0zQxKUom01Kmmjl+sUhg9aD3ZnScg27T
BZsBhVSQuDRpGhrNUw8YE8zpt73YxMKQHUIkXjFwFnQMzss+fee5hrKZKrgDgf0alSZxkfedJs=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
ZBsXs24AzRMvZKPU/4uIm0JkQiUmtcLlU68vwMeUoMyeE6iXnQQNOO0iFSXzQlBoyAJp//KZ4ufOR
o4IDRQhXyddJ2Vb6Rqf7SSlfvvzMCGG61R9MZELpe4NlHhD/p/sTQxPG7f88TGJxeZJmsuGiY4ZE
/FxcA4H8ixBnYctPv/MHIVQiQxYNT/mzbqcJnIaDm/OerapuRu524MHFjhn15sdzOiz261VVy4G8
DXSlIdpFvQmUuTkGADTRuhH2sJ2LLMnXQILXT+maH1HjdE3QWPkDdKLIvl0RB3XSCHL958tR80SZ
l1KcKRcIW/B/+10Vv9SyK0VZ+1Aeefmx76BLE6MEDIp4EjNTtSp0uwiCl/Og8IgxdbbWum1cUq3w
k2KXr9LQKq7ehCa/KdTGu8Rn3skhlQ6hhEXGhEvR+VglxB26IB74StD/Cre7tHweojE9K/tTE7En
YxXJeV8KP7AwZmO5x9X/8dmu/uY2XnTrMhgEBbD5u4rJHxWSQd4AdInvDMiAfw76vkj/UJ3PKOyf
I55b86O1t4DMN85tGRxKP4vkLWIDgTKYfOSoXRysfLV5CaieJQhsOornMKCHvks0H1aTZ8J6JFZu
Gx4L/d60BTPoxNiphYYw1JEN9nPzku6JTJxZhsaHRlqM0HEUB3yjlRmegesj3+XCuF7I8UzSXk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{12578975-C765-4BDF-8DDC-3284BC0E855F}v14.21.27702\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
AqVWsEwPaYEnZUciRc/x2pPEbp3WPITMjDZCkGp+Dsjs1JhvapMi8KMsk9GAyo0ZNGOLX/ZxuTWN/
72656SgFqDUHenzTs0MLH9pwmlWVYway2YQwKdOzOFklO20rfyQAHsgtT2UVa5kX+8cav+h07yfu
vHIXXmnc4nbJ9TwDgbwojcrItKx0COqm0sp0GnDmDRs/6dOZAeR2+BVH2iOt2j27KwXws99ZmZqB
p6OypPXZn8gaVXCfHL8V3pbiOmn4K9Kc4+ZcWmHLXsfG0TR8iPC52GDmv/UANIC8vEySkrXYWjC7
5kJ9Erotm43in38m0aAiU9thCesT79UsZJ8ktfLGBHtyJaCKzFvmWHygVJTS3qv2miRby3xMNPZP
wzHQozYuYk3disvTw8itseP6mD+Jc8CdMA0u3Y+WDZqK5omQ6izFPpwyBYciQoQk6z2fDAH9IVST
FfAXo5JweiPi81EZvb1y2Nx5zql/Ph/PwA3bm5QqtQQ/TfRZVMk8X7ZT8/q8ETOYpVAYeENaSHNy
WgdzT4EfP8tzOlI0tonT8Se9OAW7nGiXkifYiLiDZ3/ggj23XSBTk0aLBIqR0StWk69nDOuVxHL1
Suc+sh/3BMuuUTt70uzdgbfRij3lk9qqB7pGwCLmHnLr+cCwl0+cMkunFSNegqZG5Viiph/w64=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
gZo62CHwRYRDyMlIvRZ1KVtFodBFShXQAxIwYN+Hx1I5L8q15L03sKH/1Kc/ed1NIT2v/llidtmuF
d3RsajWqJpmFNk48w1juaLwhbz0bqoQADq6lJa6AATCRk0ZZNIBgOJKexL1T9YjyOcB3bgnuc9dJ
1+mhu8XAgX5BTd5gp1LbahzhqvLDOKuJO8avzK4sQAqXonN+nszRMfx15OfSTVK/9ypcChHJyIIE
I09edcegTIQNok4LbU0aoEwoBKYylBIpRIpTX9bjfZyIeo94vBqeXqSdjCdcCEUngkyjCi2cNb+x
pPxaNbCYJqEcAKyuu9OuX+bCRzrUR0/NuEXjaDyfbKEJWbMMJDqKh0uhVOyzrL9MhSSh2IiXP51f
Fx/QP501rc6wqg9ReK61UCMx+OcK1GqjKnfMRyTgbxl3ternkAGHIsjMh4whEDQpSd7B27VAvEc2
qDK7sYXDaRFNtff4k/ET647obvU2QN1HYIQ/gGuLNCoiSQrtzeEoaGCfnZdollr/yF9/IowZeDQq
OJcgiF4Brk+rSOan938nLwzxwjCdeE8NHP5DIzjSl8HUH2xP0zDHCKeeyESY8GI0O2NcISavVLzB
hka0r1g3061W3sIXNHOQM3FqeThP5tOSI9Y+GxPboa9scmCachkGyUg+sfs8ao4pRUTqHJCMyw=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
PvYeXiW4dp1Ti1uFuu5o2dmjGXhTKuWW4K1J35Q5zSvdszYz48l3VXBNMumswCpui/MCjCq1PcYsw
ttW0Bf7e86Ugl9SRFMlYcmPQfK4cjcP8RCf/kYXpGWSHjm/0eYEx/hvA9D03ViRiyo+yApC4O1XL
1u5pT2HK8K7yGzsx8PTdBRGZMHoCaQk5va45cPHiqcipma4hM5n9bfIqhKz7FSnZHIO7XrJwYS8s
CvvcsaQw61Lgo/3K4TzfwchOGwivO/elBsJzhbFgNipBipgb+hteexa4kJWKvxnWLIDbJ07f2bH7
p9TGORVrHCH5JrDKDJbWLCZeADZQ60Dn1w93rIMXfH5SjLZqf3hnSEoMyfuXZjsTK1w7U0J497JV
6YVstUbrvUlDkOmO4pfdSDrwJqMUmNHMatmq5UcfKXaOqoKA3y0xx/aFu9TCBygAHCNSuTf7uJ7X
5GO+r9oljy3GqJ63Ar/hemp0e2OkW2nvzg3yjxXdQjEJZKBDvk5n1nR0/yZUcWmbSRenZO8QUerg
VEM6CHjC9uIPZVD6KGXzo+NV4k/SJ9o2/5uPwuR4HATgtZJqVqATawm0qVs9GxKJmWTinmhDFTCy
CMjorkaLct34dbq4Gnwx0WAQYXbJ8ohLK8kzupF1ogd0kvX9+8WdcBDUYa8OZuasXl+K6aH/Ks=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CuPUIloVZn3zT2sLf8Tny9pIy83T6dkYzXql/Ywa8LmB5chFC4FbsI3aDWXCGOAnoQEt82XoG8Ufi
QQldiAPcXBy8itkL3x2i9+0n+M/yF8jvEduHl6Pq1EKuG+qWlAEaR+F/szpOunI+viWnLbS434yw
GLqPaH+UC8XucSBI1iR0tHkOAJu3OSSLKmcEi65rYBV/b2E9Xtjd1pbI7BGrNX3DtNeaz7Q6nuhP
U7IjxTgEbg6zk9K52zUm5vUl6IEw1pY2+Upfg9CBZ+yC05RUfP4W3lYWUvgZTXYEb2iy8SSbWDIJ
fkBRuhTYJyOgKVKeQU3wuuqZOnEq3un+aguwaIjJoOJrJzVZe0w2L/detDtNmPbRNGKr6I/lAOxT
90cYDwBQEgdeeaLMA1g99U1Ta36/TRjoj/fTW1naKfWzWb6L5KI0GDRTg6WpiYPuM9KwJN0fJ1q8
Utv5//i8rzvOQLDNWNwOJpAPnYyqG1ZC/UE3KKciZ0LLpW5QtR9nntc5BhsVrTkh/Oc8vPxGyzTD
L0Pxfpkbzlqkm20bEK/iKXz4dOQFqXLehklBPUTxGs8P6BE+gpOeCGrLMf34m2axCnwsG/HSnogg
F/eYCjymcJp6EPd1y2RhmTHC8CelLJVaIid4Y7jNZ9KGrUB5l3yCS/Sde8rN+7O2muCRu3WmcE=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\vcRuntimeAdditional_amd64\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
Mi8Zz5j8cIom7ptDqGpVfmllPnEznhZ+yyZYgT5G9kPot6EEgv3IScC83kwZxaBljiRh3JNs1Ta+n
StaC29GE5Nz1Rt0kcMgbNEfz0iYqwJ3Tj4gfglL5waSyUqk/PjX7sVzI/FiUrmJWEiGCTI48zo/c
CXkV8q3acIuA5bIUcm3iavPRuG70z+lQziOpAp/p2SYWGoxaUlDI39rdesHH7AcdBPwbEBT0VfWY
lF2POZVvoWE1PyhbvKQrMT8JsHa0B1lnpLEPXjjD+vnPfiGGuupmBk/RIVW/Hycn3jcfuZK+ONMI
uKldaPWEBDlTwmyEwjNa4w83Q1dQzcbkfnUBGpkxXJm8WzvwWZPYqHcUpQ3evpGVLFbV9bYmIIGe
ZPtm3reGouwpMQvty+FsBMoBPtPMxiO2r7iXnapRoGbeFm2BYYfhlajMPjEoUHo+VlCxb12hzXdP
S4XSNalGAXmDEv2g07FDQZooy5e/pY8MB845ya1ATOnffppAK1MYIZHcj7Z9ijQwl3uaTBqtq4hE
QKnjnfsAetrbTjCVt46sOvSuKy0iP4xBLfqWXIuB6cd3AhXl8581BXHvqahxnPnhyQzgu6t+OE7z
XbraGM2XGA/6z/PFsVsIIYzVF7bU7zwhbs8s3dlmfbyOaprt1W2lMgk8WXTJkZf3CRJYGRYpGk=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\packages\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
hz5EAtEhl691REDiYo1nbndiO3x/Eeuuk0xiHs6Oii3K6LR/23A8PGIeQ/U5bnyDH7uEHZBiXuMzX
GZmUf/LHhF1lYCH8iGQNg1BCxlBsEPoI24dJgSVKy4a/Blr3/Tk/S5M7pk/jvFM4s7w54JEu3tkd
XUinTrzwRf3cP7JvEVhKKWHEdqXTbBLq9moXxfVP6KffecC7pG7eizB/O6RCpnwNQezuyDzWoxO5
Y/KnhSw27t2jbc7rri/rvInkWQajC58EkSuvBvdUmeH211ubcMAnGXV0uOSBJ7szmuF5R97+QL+V
pV7tuTxgxdbFKKFYHn5TPYuoj1rSfdra2drjFqvnbLHd5EjenBQVHXt+3pyry3D+vJId/vkROUoH
yQlza0IZgX7Q1JOU3v9FL12tXg52GpluQK8RU1JH6IkJjqCbstppe4MGMBg+NFtDGo+YPKcJYwng
3SapDjqJ9gFaQ7UqgOl219djQlFpmwnMKT1aAiv566giTJHJHLyk+eLfhP4cChikzPQQbvi9muZa
WFiRoes3cbc97vPHZD6/vBiKXoIq3pIyPSrUo//Rjxz+ti/1JZYAYBDLZR3SAjj84lVh+HPoPYTQ
iGju9kDFuVc/t9ppoeNI+JMMbVnMEnBH4n/ADIwLsWOCCV7hMzIK0OHJ9ZyqPoHCDQDF4vBo1s=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}v12.0.40660\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
UlmOGsupqZs3ru6C0/KT1gZcdMy/WizuxyURvUQzz6mW+R5XPMnHPV1yepsbAabHe7LAf+W9Fds5b
3GcFI9eEL4ATfo5xoFCVv9BEwt6yIguC2xvD96i3PpmiHt/TBkKId55kB+6r/YxJx9KiQgyEndGZ
Nj6xNN9X8NvLQ/3ZGf6aVN3wZRBe2Yz5vifwxRuU5Y/HtDEdU/rS89kvRKvYMSKzCTM2CKvcNUvx
6qjCvmSpSKlapbGOBLd9bcDCAGHSvAZjflPt04vGi1QCPbGWXlrIT5m1EFtMfPm6W2LrVrHf0lGO
6JuydmlGqDOMz61RHz6Nh9LExyRVrcndAOzG5YTfFnIvMS0DCGZJK6SureQYdYRf+TIXLDDZ8nCU
xfO1OxCF9l+hZnYX0MhL9Tktqa53FrFmKZqT+d4y5Sx57Q1Sf6+emJccdgeIl7mib6hiG8S1SxnC
DmTPXySTK4cAF4ipM2eeuw8q7fuxtZIwJ/N3VxPc+NmLb9TWt5Bq93qUKTL3C9TG4bRgrWBoljAO
jR/z5JTcbRRYMyXL+zuoUS33CZxcgjEzwydgJUc0Hx7BQCqQ3I2ziJmPYKU+Uh9vWaKL4DsGD5aX
EYRpjT5ZMnfdzFac3AzyCuEj+Lao1K4ubmc3aC4z/GczULgFcW7dvPQbOR2ryZFtZNo/7fler0=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\All Users\Package Cache\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
P7+c6Q78W0WOAqJrje0DHtTQ5nq9IR4io3zJE0v8a2wglBj72P6v5HTuwip5FErXbx3macZrfsZdT
+v1hzpmHhweWALwggFXBrgK8ZA4nbtgRuTK024KVHT7CkN1fxC5VuGFUa3JJmcNbzaraR/gOcLu9
dIDMOC4ZHCWqu46EzDUIDMOobPTCji0tAuqroUrZxGhcTQKNAuLoEEkUesx5mb2q7BxIIEy9oQJa
/JQ961+xmZ+IsJC1zq4pRfZJzztShZM28MnC/Lud7BxA9eGtnEddVNPYHYM+NUVZUK1ousuzfVEy
+eoI/7g5wHs80qKpwLtLYoGt6DtzLIwS/SGI6XzECsLrOjDm6F8hwpOZvFaQnRHFxs68L3kxiLE3
CnPg/SCgay0JnaQP7E4yR+so18T/a9dJqS/N2bsictOf44YfDAZVri5o3oktnLSl++elQizCgU93
FycW5kpv+kuoHmmrViCLbSFQ04JPsCN+mMMd86UBM0voRwQtz1KG+VWqFcH3XsutUJb9w8LOJRSg
47gU5udGXkGthXHh8Ac0s9BTXfhisErbu1a7NE75VXzX0nAEQKRvUnlJ7WXQhYEOjZK6vQ4LfUd1
07fm7sGrbF7AOFOKruOrOf2HMeB8NnGGhROgg+KLs5I3252Em6znDTfCAuljgU+i1uYJoH6H+U=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Extracted
Path
C:\Users\bft0pz99-readme.txt
Ransom Note
OH NO!
Your Files Have been Encrypted!!
All of your personal files have been encrypted with AES 256 and RSA 2048 ciphers
The only way to recover them is to send your Personal Installation ID to [email protected]
!ANY ATTEMPT AT DECRYPTION COULD CAUSE PERMANENT DAMAGE TO YOUR FILES!
Personal Installation ID
-----BEGIN INSTALLATION ID-----
CZ4ZaR3VIJPgR8qAhDovZeMYaDL0dGZh3JNvf+XpYcrnrMbAjtp6kZMxsiOG5OTsGOaZMZWSHFEUh
D4iZbEQumu2sUdr3f77HUhuxo3R9Ah4i7sKVUzIOg5k2CeXXtk6eT7vfP+7pG/J8d2DUHegWPkc4
K5RwQ/7QQ1rtL5UacmOEelVX1ybsBdqlVmGx1hpMaEJqxEa4Scz4vzW7eBetMHGN4IK93v2qhaem
d6r/cM4+DLcvDhF5J21gRNdz5cZPzxF2Cga2hvJzwAxPQYy4hTJngc3GyqdzFbFug1XZHL5oWjRX
m5ppNf/RhzyY5gTR6UGhE1yH1WIgrjcyNxYvzPGQV7ZUSCkugFQaeZuQtH95i8PrhTBcknX5FSlx
Z5WTuI8Wvy14lV1zWvykRBeYInjfZ8Qnj/TzjzUiIINIUXRSlLLZwq1CzpgrSo6ab5jDpc4v1Sb7
QEbM0vbZ7rSvAnLaWtkcYoRilQYxZPqmb3NK5t4XRPi+vLtlNKDI1H0sZpmnt0t/9QH4J87S4TWU
pvl7SL+WFvlf80qcrLGWPARQHvXYCq/eLBCzuSfh/rXx5itdY9Qw6veeVU8kENjFpiksj7xs4UiF
U1qX/NhpyaxTKoGo6o4RCyLlpxP82/ojRc7LNfvyR974m1E2twfajyxpNBc5OWMPNLUFwLQ50w=
-----END INSTALLATION ID-----
Extension: bft0pz99
Emails
Signatures
-
Modifies extensions of user files 3 IoCs
Ransomware generally changes the extension on encrypted files.
-
Drops startup file 2 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service 2 TTPs 5 IoCs
-
Drops file in Program Files directory 37 IoCs
-
Drops file in Windows directory 24 IoCs
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
-
Suspicious use of AdjustPrivilegeToken 486 IoCs
-
Suspicious use of WriteProcessMemory 9 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\59316fc8224622a24b95b621828b5704481d6ea5001e00a108f60716210d9881.bin.exe"C:\Users\Admin\AppData\Local\Temp\59316fc8224622a24b95b621828b5704481d6ea5001e00a108f60716210d9881.bin.exe"1⤵
- Modifies extensions of user files
- Drops startup file
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" -windowstyle hidden -nologo -enc RwBlAHQALQBDAGkAbQBJAG4AcwB0AGEAbgBjAGUAIABXAGkAbgAzADIAXwBTAGgAYQBkAG8AdwBDAG8AcAB5ACAAfAAgAFIAZQBtAG8AdgBlAC0AQwBpAG0ASQBuAHMAdABhAG4AYwBlAA==2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"powershell.exe" -windowstyle hidden -nologo -enc RwBlAHQALQBDAGkAbQBJAG4AcwB0AGEAbgBjAGUAIABXAGkAbgAzADIAXwBTAGgAYQBkAG8AdwBDAG8AcAB5ACAAfAAgAFIAZQBtAG8AdgBlAC0AQwBpAG0ASQBuAHMAdABhAG4AYwBlAA==2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Windows\System32\notepad.exe"C:\Windows\System32\notepad.exe" C:\Users\Admin\Desktop\bft0pz99-readme.txt2⤵
-
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Modifies service
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
9.9MB
-
Filesize
9.9MB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
488KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
9.9MB