Well, an improvement on an old virus and an old viral technique was going around early in June. The GPCODE.AK virus is tries to hold computers for ransom by encrypting their whole disks and leaving a note saying they must pay $100 for files to be decrypted. Then if they don't tally-up the price goes to $200. Not only is this an improvement in the encryption of a virus that has been successfully fought for several years. Even that technique from a few years ago isn't anything new. It was used back in the late 80's with the AIDS virus. The big difference between the two, besides the encryption used, is that the AIDS virus propogated because people didn't read the warning on the floppy they got and the company did perform some services so a license renewal could have been reasonable, and the author was easily caught. He was advertising the virus name on his luggage at International airports. In one blog that I read, the blog author speculated that it was "pimple faced russians" who wrote GPCODE. Another poster hoped their virus would infect computers held by the Russian mafia or someone else whom one may not want to anger. There are two ways to recover from an infection. First is the easiest if you prepare for it- restore a backup. But if you haven't been backing up your data then you might be able to recover most of the data with forensic tools that recover deleted files. However, most of the data will be lost if you shutdown or reboot your system. Of course we should all be making copies of any work that we can't afford to lose. But reality is that it isn't don't often enough, even many of the people who advocate it don't do it often enough. (Yes, that is a confession.) Kaspersky is trying to orchestrate a industry-wise campaign to break the 1024 bit encryption key used. Who knows what International innovation can do?