It's legit... I heard about it going around and there's a time limit on paying the money or your shit is just encrypted forever and you're SOL. You can remove the trojan, but if you ever want to have those files back and they aren't backed up on a drive or location that IS NOT connected to the network your computer was on then you've gotta pay up. Read the link below.
http://en.wikipedia.org/wiki/CryptoLocker