2016-02-05: It's now possible to allow free file decryptions.
2016-02-06: I'm now using another decryptor hidden service address. There're URLs for multiple Tor2Web sites in the readme now.
2016-02-09: I've added a chat to the victims page as a low-threshold payment support.
2016-02-10: I've changed the default victims template. The (recent) website changes will not apply to users of a custom template.
2016-02-11: Evaded Dr. Web.
2016-02-11: Only execute the countdown script before the timeout.
2016-02-11: File signing does work again. (Never change a running system)
2016-02-12: .ps1 has been added to the extensions list, added entries to the FAQ, the comments form has been fixed (no comments were lost) and the published extension list has been fixed. (Never change a running system)
2016-02-12: Evaded Dr. Web and the Bitdefender Engine.
2016-02-12: Added informations about a hidden feature to the FAQ, which AV companies weren't able to find even when my ransomware were unobfuscated some time ago.
2016-02-12: It's now possible to decrypt files which got a mark by my hidden feature.
2016-02-13: It's now possible to choose a custom filename for the encryptor at every download.
2016-02-13: Evaded Ikarus. (GMP library, again)
2016-02-13: It's now possible to turn off automatic signing.
2016-02-18: Evaded MSE.
2016-02-18: Fixed the generator interface. (Never change a running system)
2016-02-18: It's now possible to disable the UAC prompt.
2016-02-19: Fixed the victim interface.
2016-02-20: Evaded Dr. Web.
2016-02-20: Disabled debug mode.
2016-02-21: Added additional extensions.
2016-02-22: Added some additional statistics.
2016-02-22: Fixed statistics for some windows versions.
2016-02-22: Fixed the generator interface.
2016-02-23: Evaded Dr. Web.
2016-02-25: Evaded Dr. Web and the Bitdefender engine. I've also made the decryption process much faster.
2016-02-25: I've made the encryptor and decryptor somehow faster.
2016-02-25: The decryptor isn't signed by default anymore, but it'll keep asking for admin privileges.
2016-02-26: Evaded the Bitdefender engine.
2016-02-27: Evaded Avast and I'm using an old SHA-1 certificate now. It's kind from AVG and Kaspersky to not blacklist this old SHA-1 certificate and the "new" SHA-256 certificate.
2016-02-29: Simplified the new decryptor changes.
2016-02-29: I'm now showing global payments on the main site. The incomplete payments counter has to be manually updated yet.
2016-03-01: Evaded ESET, actually simplified the new decryptor changes now (damn "-pedantic-errors" flag) and workarounded a rare libgmp bug (encryptor) at the server.
2016-03-02: Tiny optimizations at the server and the decryptor. No version increment because the encryptor hasn't been modified.
2016-03-04: Evaded the Bitdefender engine, Avast, AVG and ESET.
2016-03-04: Evaded ESET.
2016-03-05: Evaded ESET.
2016-03-06: Evaded ESET and the Bitdefender engine.
2016-03-09: Evaded Avast and ESET. Code signing is disabled until further notice.
2016-03-10: Evaded AVG, Dr. Web, ESET, the Bitdefender engine and MSE.
2016-03-11: Evaded Avast and ESET. Just screw you, ESET. Can you imagine, how much you're annoying the hell out of me?
2016-03-13: Evaded Avast, Dr. Web and ESET.
2016-03-17: Evaded AVG, ESET and the Bitdefender engine.
2016-03-22: Evaded Avast, Avira, the Bitdefender engine and Panda.
2016-03-22: Reworked the encryptor interface. It's now possible to have different files for different settings. Old files will continue to work. (backward compatible)
2016-03-30: Evaded AVG, Dr. Web, MSE and the Bitdefender engine. Fixed an encryptor bug which could lead to undefined behaviour on some compiler configurations. I can confirm that this bug corrupted the filepaddings of one paying victim. I'll try to restore his files. For that I need "D" for N=="0x30d9689fc328c2d220d7daf00efad13196904a8b7f214504db6e25fcd710a4454758415c2163fa5fa310099fb0ae8a754dd91e862a8a34eb9f5a0dcef81a28bd6dc92f02319c5c2907d2e4320d5206ab3845780b9df8d00e31bcfe74f5d0349196656f286408ee56047053aac163c730cb84f237733993917793c4229d766f9d3c6d956dd8b73db8f35458286fc6229d04b8b82527561b800da1f8634990357ece7f408c2c2e8fb7142e3e7ddda14b528f3c3e6916a7a66c8879adc60be3a1e7fdef02a522b3a8f87534c51b09fd0d295b7ad01bb5c3c1ea1e4a61d1780ac8e3655d96fdf7365e7ed742180fd1aa0b6675ee29bade16b6a9bb683e84af7ab6f69b1514b42c8b9eda968917"; E=="0x10001". It's most likely that this faulty "N" can be cracked very easily.
2016-04-04: Evaded AVG, Dr. Web, the Bitdefender engine and Kaspersky (I evaded Kaspersky just by accident. :-) ). It's now possible to enter a variable fee. I've changed the global counting method to count every machine only once even when it got infected by different customers.
2016-04-04: Evaded Twister. (It didn't took them long to modify a threshold.)
2016-04-05: Still need to factor P574==2113761571079653377365105516965851786957105367675016427303672530533520487749958542769927072910814781981134970141798681631861072244265796253929659773126987143238062377717746223537677603322464730970554460923627252720044378053430735343869901581850301271967370797716246378869794593608168414350257804404175273105780871996776445885379453774885666896514785931333389015720572001321302697511567406019457114116463461971390876026140199237009760174624650920779450331706800991870108258638515419332501116914541443062456586316607262628536623671365307752194598426531487896223206004736642283. I could need help! Kaspersky, Symantec, Ikarus, anyone?
2016-04-08: Evaded Dr. Web, Kaspersky and Twister. (And the Bitdefender engine of course, I saw that the old version is detected by Bitdefender about 5 minutes before I rolled out the new one, haha.)
2016-04-10: Shortened the initial delay, this should fix some issues happening at some people machines. Added new extensions. Deleting :Zone.Identifier (ADS). Evaded ESET, Twister and the Bitdefender engine. (Maybe also Avast, with NoDistribute you can never be sure about Avast)