Regarding the virus, how would one double check that I was not victim to this attack. **nervous**
Generate the new addresses on your cold system first, and then verify that the addresses you generate on the hot watch-only system match the addresses in the cold system.
If a computer is infected, it is completely hopeless
Let say you generated an address with the cold system, which is "1User". You send a withdrawal request to the exchange, asking them to send bitcoin to 1User. A sophisticated malware could secretly replace the address with "1Hacker" before sending the request the exchange.