|
txbtc (OP)
|
 |
January 17, 2016, 12:20:55 PM |
|
I am really horrified now!
when I withdrew money from somewhere i see i copied and pasted addy ,but when i not got for a long time i searched whats the issue and i see funds sent to : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I have searched internet more and saw someone else had same issue
please help me !
|
|
|
|
|
Lauda
Legendary
 Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
January 17, 2016, 12:24:01 PM |
|
Backup wallet.dat and the blockchain (depending on what wallet you are using) and reinstall OS.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
lite
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
January 17, 2016, 12:43:18 PM |
|
Run a live linux OS from a usb drive and recover your wallet.dat/ withdraw your money then reinstall your OS. (i prefer using a linux OS instead of windows)
|
|
|
|
|
digit
Legendary
Offline
Activity: 1672
Merit: 1014
|
|
January 17, 2016, 12:46:33 PM |
|
I am really horrified now!
when I withdrew money from somewhere i see i copied and pasted addy ,but when i not got for a long time i searched whats the issue and i see funds sent to : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I have searched internet more and saw someone else had same issue
please help me !
what extensions you installed in browser? there have some nasty ones in the past that would change the btc address. eg one originally started as an innocent price ticker, then gets updated with malicious code a few months later when adoption has increased  try running a clean profile or a different browser and see if it happens again to isolate the cause |
|
|
|
darkstarzz69
Member
Offline
Activity: 112
Merit: 10
★YoBit.Net★ 350+ Coins Exchange & Dice
|
|
January 17, 2016, 02:21:04 PM |
|
Disconnect from the internet and run an antivirus off a linux live os. That's the first time I heard of such a virus. Do be careful.
|
|
|
|
|
DaMut
|
|
January 17, 2016, 02:56:12 PM |
|
I am really horrified now!
when I withdrew money from somewhere i see i copied and pasted addy ,but when i not got for a long time i searched whats the issue and i see funds sent to : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I have searched internet more and saw someone else had same issue
please help me !
everything you need is sent ALL OF YOUR COIN TO ANOTHER using DRAG(click on your address and press it to another web wallet) then REINSTALL YOUR OS . because i ever experience that |
|
|
|
|
franky1
Legendary
Offline
Activity: 4396
Merit: 4760
|
|
January 17, 2016, 02:58:46 PM |
|
OP name the browser extension..
that way people know what to stay away from
im guessing if its not abrowser extension that 'suppose to' aid copying addresses instead of manually writing them..
then the other option is probably the OP downloaded one of them crappy "bitcoin generator" programs(no positive function and just a trojan) after watching a get rich with bitcoin hacks video.. as that is another big scam that people have been crying about
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
Amph
Legendary
Offline
Activity: 3248
Merit: 1070
|
|
January 17, 2016, 03:29:27 PM |
|
virus does not enter into your computer of its own will, so you must have installed somethign suspicious and forget about it
try to run malwarebyte + hitmanpro, then you have combofix, or a secure erase if nathing will solve it
|
|
|
|
|
mtnsaa
Legendary
Offline
Activity: 1568
Merit: 1000
|
|
January 17, 2016, 03:36:48 PM |
|
So nobody asks about his technical specs? I'm no IT support but that's the first thing we should be doing I think. It's most likely like others have said that you've installed spyware/malware. This is usually downloaded from pirate download sites, porn sites, etc. Please keep us posted.
|
|
|
|
|
|
elyas772
|
|
January 17, 2016, 03:43:53 PM |
|
|
| | |
Fast, Secure, and Fully
Decentralized Trading | BACKED BY:
─────────────────────────
| BINANCE
─────── LAB | & | █████████████████████████████████ █ ███
█▀ ▀█ ███▀▀▀▀▀████████ ████▀▀███▀ █
█ █████ ▄▄▄▄▄ █ ▀ █ ███ █ ██
█▄ ▀█ ██ █ ▄███ ██████ ███
█████ █ ██ ███ █ ████ ████ ▄ ███
█▄ ▄█▄ ▄█▄ ▀ ████▄ ▄█ ██ ██
████████████████████████████████████████ |
|
|
| Whitepaper
Medium
Reddit
|
|
|
|
|
ShrykeZ
|
|
January 17, 2016, 03:46:01 PM |
|
So is this replacing your pasted data, aka if you were to actually recheck the address after pasting would it be the incorrect address?
|
|
|
|
|
|
pjsonowal
|
|
January 17, 2016, 03:48:57 PM |
|
This is because of some file or a script that work in background .It must have come with something . I think it is with some software . I think you have installed a new software which runs the command in cmd to do it. Can you please give me a view of a task manager- process section & startup section , i think i can crack which file it is working in background. If you want to keep up the softwares and files and dont lose them up . You have to end that process which is working in background everytime you run up your PC or you can remove that up from program startup like this:- 1)Press Win-r . In the "Open:" field, type msconfig and press Enter . 2)Click the Startup tab. 3)Uncheck the items you do not want to launch on startup. Note: ... 4)When you have finished making your selections, click OK. 5)n the box that appears, click Restart to restart your computer. There is a solution : Reset your PC Reset is an option which allows you to reinstall OS with the option to KEEP THE FILES OR NOT. What things affects:- a) all the software you had installed are gone,but you can keep up with the files.  So does that mean bx2.club behind it ?  |
|
|
|
Blawpaw
Legendary
Offline
Activity: 1596
Merit: 1027
|
|
January 17, 2016, 03:51:37 PM |
|
This is very worrying. Do you know where did you could have gotten that virus? It would be great to know where is this menace coming from.
|
|
|
|
|
|
ShrykeZ
|
|
January 17, 2016, 03:52:11 PM |
|
Nice find, also further research led me to find someone who uses Bitcoin on facebook who has the name of that user account that may own that address, not sure if there's a naming and shaming policy at all here so will refrain from posting it although it's an easy find. |
|
|
|
|
redsn0w
Legendary
Offline
Activity: 1778
Merit: 1043
#Free market
|
|
January 17, 2016, 04:01:22 PM |
|
Backup wallet.dat and the blockchain (depending on what wallet you are using) and reinstall OS.
@txbtc, this is the best option that you can do... Next step, improve your security and change your habits. |
|
|
|
|
franky1
Legendary
Offline
Activity: 4396
Merit: 4760
|
|
January 17, 2016, 04:11:34 PM |
|
seems like its not a virus..
but people naively using blockchain.info to view transactions after its sent..
seems there is a bug on blockchain.info involving how they display transactions on the website
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
|
calkob
|
|
January 17, 2016, 04:27:30 PM |
|
seems like its not a virus..
but people naively using blockchain.info to view transactions after its sent..
seems there is a bug on blockchain.info involving how they display transactions on the website
Could you explain abit more about this franky, i use blockchain.info all the time  although most of my wallets are watch only. |
|
|
|
|
franky1
Legendary
Offline
Activity: 4396
Merit: 4760
|
|
January 17, 2016, 04:52:54 PM |
|
seems like its not a virus..
but people naively using blockchain.info to view transactions after its sent..
seems there is a bug on blockchain.info involving how they display transactions on the website
Could you explain abit more about this franky, i use blockchain.info all the time although most of my wallets are watch only. someone else in this thread posted https://bitcointalk.org/index.php?topic=1317718.msg13575511#msg13575511it showed people complaining that when they looked at blockchain.info they seen tx's going to that magical address.. later posts mentioned that the transactions appeared where they should have gone and that it was a bug in the blockchain.info service displaying wrong details.. i advise you to not rely on just blockchain.info.. instead use the API of atleast 3 different explorers and a couple lines of code to compare the results from the 3 explorers.. and if one is wrong, ignore it. that way you have more chance of relying on data spoonfed to you if it comes from different sources and compared against each other |
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
|
txbtc (OP)
|
|
January 17, 2016, 05:55:01 PM |
|
This is because of some file or a script that work in background .It must have come with something . I think it is with some software . I think you have installed a new software which runs the command in cmd to do it. Can you please give me a view of a task manager- process section & startup section , i think i can crack which file it is working in background. If you want to keep up the softwares and files and dont lose them up . You have to end that process which is working in background everytime you run up your PC or you can remove that up from program startup like this:- 1)Press Win-r . In the "Open:" field, type msconfig and press Enter . 2)Click the Startup tab. 3)Uncheck the items you do not want to launch on startup. Note: ... 4)When you have finished making your selections, click OK. 5)n the box that appears, click Restart to restart your computer. There is a solution : Reset your PC Reset is an option which allows you to reinstall OS with the option to KEEP THE FILES OR NOT. What things affects:- a) all the software you had installed are gone,but you can keep up with the files. So does that mean bx2.club behind it ? Hey, thanks really you seem to help me. Please can u help me, give me ur skype i will tell u all process running on my pc |
|
|
|
|
|
Hugroll
|
|
January 17, 2016, 05:56:41 PM |
|
I am really horrified now!
I have searched internet more and saw someone else had same issue
please help me !
ive heard about it before, but im not really sure what kind of malware this is. i suggest you download malwarebytes to scan your computer. its free and its pretty good imo. |
|
|
|
|
|
