Please do what is shown here on your fathers PC when possible and attach logs.
http://forum.avast.com/index.php?topic=53253.0
When done malware removers will be notified.
The Files are really encrypted thats not a joke, that will be a problem…
As soon as the infection specific RSA key has been obtained, the malware will look for files to encrypt. It does so by searching through all connected drives, including mapped network shares, for files matching one of the following patterns:
*.odt, *.ods, *.odp, *.odm, *.odc, *.odb, *.doc, *.docx, *.docm,
*.wps, *.xls, *.xlsx, *.xlsm, *.xlsb, *.xlk, *.ppt, *.pptx,
*.pptm, *.mdb, *.accdb, *.pst, *.dwg, *.dxf, *.dxg, *.wpd,
*.rtf, *.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.eps, *.ai, *.indd,
.cdr, ???.jpg, ???.jpe, img_.jpg, *.dng, *.3fr,
*.arw, *.srf, *.sr2, *.bay, *.crw, *.cr2, *.dcr, *.kdc, *.erf,
*.mef, *.mrw, *.nef, *.nrw, *.orf, *.raf, *.raw, *.rwl, *.rw2,
*.r3d, *.ptx, *.pef, *.srw, *.x3f, *.der, *.cer, *.crt, *.pem,
*.pfx, *.p12, *.p7b, *.p7c
For each file matching one of these patterns, the malware will generate a new 256 bit AES key. This key will then be used to encrypt the content of the file using the AES algorithm. The AES key is then encrypted using the unique RSA public key obtained earlier. Both the RSA encrypted AES key, as well as the AES encrypted file content together with some additional header information are then written back to the file. Last but not least the malware will log the encryption of the file within the HKEY_CURRENT_USER\Software\CryptoLocker\Files registry key. This key is later used by the malware to present the list of encrypted files to the user and to speed up decryption.