I was on the internet at the weekend and my browser (IE) diverted to the PCeU (Police Central e-crime Unit) page. Naturally I was suspicious and opened a separate IE window to carry out a search regarding this. The results came up that this was ransomware and so immediately clicked the close button in the top right hand corner of IE, which brought up a separate window asking me to confirm that I wanted to close this window. Automatically without thinking I clicked yes, but this had no effect. I therefore opened the task manager and closed IE through this.
Following this I closed the other IE window I had opened and carried out a full scan using McAfee Live Safe, which found no infections. I then checked my documents folders and everything appeared to be accessible, with nothing seeming to have been encrypted. I then chose the shut down option which logger me off but hung on the shutting down screen, so after about 5-10 minutes I manually powered off. On turning my computer back on again it started up as normal, which from what I have since read this virus will not allow if it infects your machine. I then ran a full system scan again (which found nothing) following which I downloaded Malwarebytes Anti-Malware and ran (which also found nothing), and the ransomware window has not since reappeared. I have also checked by IBM Trustee Raptor weekly report which has not picked up anything.
From what I have read the following should be done if this ransomware has infected my system:
- restart computer in safe mode with networking
- restore system to a time prior to infection
- run a full system scan
- run a separate anti-malware scan (i.e. Malwarebytes Anti-Malware)
- restart computer as normal
- run full system scan again
- run separate anti-malware scan
Would it be best to carry out the above to make doubly sure that my system is not infected, or is there something else that I should do (like running McAfee GetSusp as well).
Any advice would be greatly appreciated as everything I have found in the internet relates to removing this after it has infected your system and locked it up completely.
OS - Windows 8.1
Browser - Internet Explorer
Anti-virus software - McAfee LiveSafe