The word I have heard is a good IT tech can fix it and if you send the ransom they will not repair it.
Nope. This new one (3.0) is a very bad actor. I've spoken with several data recovery specialists and they, in turn, talked with their peers.
They're telling me the only way to deal with this thing with certainty is to wipe your computer and start over. You can recover your data if it's backed up externally, but if it's not, once the infection is discovered, disconnect from the Internet immediately to halt the encryption process and save any data that hasn't already been encrypted.
They're telling me that this one is really starting to take off. They saw a spike during the holidays with people getting the infection from fake UPS or other delivery service emails. In my case, since I am signed up for UPS email notifications, I didn't spot the fake.
Bastids... there should be a special place in hell for the azzwipes who create these things.
