My ISP, Telus, has notified me that one of my computers in our house may be infected with a virus. The email I received from them is legit, it's not a phishing scam. I hope someone can offer advice on what my next step should be to see if there is infection on either of my two computers.
Both computers are running Windows 10 Pro, v1709. I have Webroot SecureAnywhere installed on both computers. My modem/router has a firewall enabled on it.
I have not done any scans with extra software on this computer yet.
The email from Telus is as follows:
We are writing to inform you that TELUS has received reports alleging that your TELUS Internet Services account has been used to scan or attempt to gain unauthorized access to another computer. If you are unaware of this type of activity coming from your account, your computer may be infected with a virus or may have some other security problems which could account for this activity.
Please note such activities violate the TELUS Internet Services Acceptable Use Policy (at http://www.telus.com/aup) and the TELUS Internet Services Account Agreement (at http://telus.com/content/internet/high-speed/service-terms.jsp), under which TELUS provides service to its customers, and such violation may lead to a suspension or termination of the TELUS Internet Services Account. As the Services account holder, you are solely responsible and liable for any and all activities that occur under your account including, without limitation, all activities of any sub-account holders.
To check your system for compromises and learn how to help protect yourself from computer viruses the following information may prove helpful:
***Step One: Scan & Clean Your Computer
Please scan all computers using the internet connection with one of the following tools. If nothing is detected or removed, please scan again using another tool.
Malwarebytes: https://www.malwarebytes.org/antimalware/ * (Microsoft Windows XP, Vista, 7, 8, 8.1. and 10)
Trend Micro HouseCall: http://housecall.trendmicro.com/ * (Windows XP, Vista, Windows, Windows 8, 8.1. and 10) )
HitmanPro: https://www.hitmanpro.com/en-us/hmp.aspx * (Windows XP, Vista, 2003, 2008, Windows 7, Windows 8, 8.1. and 10) )
F-Secure Online scanner: http://www.f-secure.com/en/web/home_global/online-scanner * (Windows Vista, 7 and 8, 8.1. and 10) )
Sophos: http://www.sophos.com/VirusRemoval * (Windows XP (SP2) and above)
NOTE: Run the above scans on the full scan settings rather than the quick settings
**Step Two: Secure Your Wireless Internet Connection
If you are using a router with wireless capabilities, ensure it is configured securely. An unsecured router can allow anyone within its range to use your connection without your knowledge. If you have a router supplied by TELUS, please contact our helpdesk at 310 TECH (8324). They can assist in securing your wireless connection.
*Step Three: Secure Your Windows and Applications
IMPORTANT: Malware infections gain access into systems through security vulnerabilities found in out of date applications. Scanning with the recommended removal tools can correct initial infection problem, but if the underlying vulnerability is not addressed, the system can become re-infected.
Java: http://java.com/ *
Adobe Reader: http://get.adobe.com/reader/ *
Adobe Flash: http://get.adobe.com/flashplayer/ *
Critical Windows Updates: www.windowsupdate.com http://www.windowsupdate.com *
An excellent program called Secunia PSI offers a free software inspector that detects vulnerable and out of date programs and assists in patching and downloading the most recent versions. It can be found at this link: http://secunia.com/vulnerability_scanning/personal/ *
Should you require any assistance with virus detection and removal, we are offering our Tech Support Plus service to help you resolve these issues. Our Tech Support Plus team is a fee based support department that specializes in virus and spyware removal. You can view their list of services and contact details on http://www.telus.com/techsupportplus
Internet Abuse Team
Please include the original email in any replies
* These links are provided for your convenience and general reference only and TELUS does not endorse, control, or make any representations, warranties or guarantees concerning the content of such web sites.
The following ip address was assigned to your connection. Suspicious communications were detected on the line.
timestamp: 15/MAR/18 05:22:01 PM GMT
IAT reference number: 15837417