Sounds like some variant of Ransomware
, a form of extortion in which the attacker encrypts a victim's personal information (data files) and then demands money (ransom) in exchange for a decryption key that can be used to retrieve the encrypted files. For more information, please read:
Sometimes using System Restore
as a method of recovery works but other times it may not since System Restore was not designed to be a virus or malware removal tool
. Whether it will be successful depends on what type of infection you are dealing with, what damage the malware has already caused, whether it disabled System Restore and if not, what is restored during the process.
This is what mvps.org has to say:Can I use System Restore to remove virus or malware infection?
Kaspersky Virus-fighting utilities
NO. System Restore was not designed to be a virus or spyware removal tool and should not be depended on.
have several fixes for some types of ransomeware such as:
- XoristDecryptor (Trojan-Ransom.Win32.Xorist)
- RectorDecryptor (Trojan-Ransom.Win32.Rector)
- RannohDecryptor (Trojan-Ransom.Win32.Rannoh)