CryptoDefense is a ransomware program that was released around the end of February 2014 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. When a computer is infected, the ransomware will scan your computer and encrypt data files such as text files, image files, video files, and office documents. The infection will also create a screenshot of your active Windows screen and upload it their Command & Control server. This screen shot will be inserted in your payment page on their Decrypt Service site, which is explained further in this FAQ. When it encrypts a file, it will also create a How_Decrypt.txt and How_Decrypt.html file in every folder that a file was encrypted. The HTML and TXT files will contain instructions on how to access a payment site that can be used to send in the ransom. A list of all the files that have been encrypted by CryptoDefense are stored under the HKCU\Software\\PROTECTED.

Click here to view the article.