1. Screen capture of results window shown below.
I [almost] never run WunXP; haven't run it recently, don't go online using it, nor fetch emails using it.
2. Some of the text of an email received from my ISP [Virgin] warning of infection:
I phoned them and confirmed that the email is geuine.
We have been alerted that your computer may have become infected with a virus, commonly known as "malware" (malicious software). This e-mail gives you details of what we know and how you can deal with it.
What has happened?
We work with a number of not-for-profit organisations across the banking industry and security sectors that collate information on devices across the Internet that appear to be infected with a virus. They alert us and other UK Internet Service Providers when any of these devices appear on their network. Through this tracking they have notified us that a device on your home Internet connection (or one connected to your home network) may be infected with the Citadel virus.
An infected device may result in it being used to send out more viruses to other Internet users. Any personal data that you hold on your devices could be compromised, corrupted or lost. Malware can also cause your Internet connection to slow down.
The Citadel virus was detected on a device using your Internet connection or home network on 28 September 2014. If you are already aware of the issue, and have taken steps to fix it since this date you can ignore this communication. Otherwise it is very important that you take steps now to remedy this situation and make your device and network safe and secure.
3. Did I find and eliminate the "Citadel" virus?
Which device is infected? [PC, tablet, smartphone?]
How did the device become infected?
Might it have been in a .pub or .doc invoice file sent me on 28th Sept by a shop, and opened by me using LibreOffice run within Puppy?
Avast on-demand scanner found infection on WinXP partition
Avast on-demand scanner found infection on WinXP partition
- Attachments
-
- 00.jpg
- (28.3 KiB) Downloaded 287 times
Just did a rapid search using IXQuick. One of the websites, http://botcrawl.com/how-to-remove-citad ... ansomware/ states that "The class file uses a java vulnerability to install the virus". So could this be via running java in Puppy; while Linux itself isn't infected, the Winblows vulnerability is detected by the online network?
1. "I doubt very much that a new virus would infect Outlook Express set up since it will only ever be used once - if at all"
I'm sure I have NEVER used it; and I NEVER use OE.
So the infection I found isn't the CITADEL virus, right?
2. "So could this be via running java in Puppy; while Linux itself isn't infected, the Winblows vulnerability is detected by the online network?"
Apparently the bank noticed the virus telling its home-base server that it was installed and functioning...
And it was doing that from my [router?] home network IP address.
So how do I discover which of the devices is infected?
I'm sure I have NEVER used it; and I NEVER use OE.
So the infection I found isn't the CITADEL virus, right?
2. "So could this be via running java in Puppy; while Linux itself isn't infected, the Winblows vulnerability is detected by the online network?"
Apparently the bank noticed the virus telling its home-base server that it was installed and functioning...
And it was doing that from my [router?] home network IP address.
So how do I discover which of the devices is infected?