I say itt's clever because when it's scanned or attempted to be removed in a certain way, it has 2 "destruction" methods, 1 as a primary method and secondary as a "backup" method.
Method 1) Kill the MBR - this of course will only work on MBR systems (and not GPT systems).
Method 2) Failing to kill the MBR (i.e. no access to the MBR or on a GPT-based disk), then it will encrypt files in the user's home folder (presumably everything under C:\Users\<username>\ ). The good thing however, is that it's only using RC4 encryption (which is apparently fairly easily brute-forced) rather than what Cryptolocker uses (AES-2048). The bad thing is each file is encrypted with random key, so you'd have to brute force each file.
The safest way to get rid of it would be to use a Linux LiveCD...although you'd have to already know what you're infected with in order to properly remove it.
Fixing the MBR (Method 1 of the malware) is easy - just gotta boot off of a Windows disc and run fixboot / fixmbr.