Two days ago I opened a partition on my computer & tried to open any file within a folder in it with any extension but I found out that they were all encrypted (Word, Corel, JPG, TXT, etc...). I found files with the reg extension named as follows:
cc_20150624_155502.reg and cc_20150705_125553.reg
I found also two other files named:
HELP_DECRYPT.HTML and HELP_DECRYPT.PNG as well as a shortcut named HELP_DECRYPT
One of reg files contained at its end the following:
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
As well as the following text file:
Attention! All your files are encrypted!
You are currently browsing the content of a pornographic nature, so all your files are encrypted!!!
What happened to your files?
All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0.
More information about the encryption keys using RSA-2048 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem)
How did this happen?
Especially for you, on our server was generated the secret key pair RSA-2048 - public and private.
All your files were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.
You must send 500 USD/Euro voucher Ukash or Paysafecard.
For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:
If for some reasons the addresses are not available, follow these steps:
1.Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en
2.After a successful installation, run the browser and wait for initialization.
3.Type in the address bar: ayh2m57ruxjtwyd5.onion/1Q800d1
4.Follow the instructions on the site.