Having the same issues as http://www.bleepingcomputer.com/forums/t/494627/decrypt-protect/
I'm to new to reply to those comments but we are researching the same issue. Found most files (jpg, bmp, doc, docx, xls, xlsx, and so forth) now have .html added to them and they redirect them to that http:mblpcblock.in/index.php. I tried to go to the website from 2 different computers, and it loops me back to the home page on each computer.
May be related to an arcomdir backdoor trojan the anti-malware/anti-virus picked up. Tried running a variety of spy ware with no success.
I decided to copy a couple of files over to another computer. When I tried to remove the html extension and open up the file, the program says that it is corrupted. When I launch the file as the html, I get that stupid mblpcblock page. So it is encrypted in the files.
Any help is appreciated.
Edited by Ceej13, 15 May 2013 - 03:48 PM.