Two new versions of a virus first reported in May are staging renewed attacks against computers in Russia, encrypting files and then extorting money from victims to decode the files.

After an infection, the Russian-language instructions let victims know how many of their files have been encrypted. Translated, the warning says, "If you want to get these damn files in the decrypted format" then write to the e-mail address given. The message goes on to say, "P.S. And be thankful that they were not completely erased!"

The viruses, called JuNy.A and JuNy.B, search for more than 100 file types by extension, according to a warning issued by Websense Inc. The renewed attack was first reported on a weblog published by Kaspersky Lab Ltd.

It's suspected that the virus enters a computer after a user visits a certain Web site and then exploits a vulnerability. Another theory is the virus is activated after a user runs some type of executable code containing the virus. In the last couple of years, however, virus writers have moved away from writing malicious code simply to display their skills and are increasingly trying to make money. 

Trend offers some removal information. Troj_Juny.A Troj_Juny.B