|
SmartIphone
Legendary
Offline
Activity: 1204
Merit: 1000
|
|
January 17, 2016, 06:06:07 PM |
|
As digit asked, can you tell us if you installed any extension (browser add-on) recently, it can be because of that, a few months ago an extension opened automatically a website.
|
|
|
|
txbtc (OP)
|
|
January 17, 2016, 06:15:11 PM |
|
As digit asked, can you tell us if you installed any extension (browser add-on) recently, it can be because of that, a few months ago an extension opened automatically a website.
none installed bro only have these ones : http://prntscr.com/9rbd0z
|
|
|
|
SmartIphone
Legendary
Offline
Activity: 1204
Merit: 1000
|
|
January 17, 2016, 06:20:20 PM |
|
As digit asked, can you tell us if you installed any extension (browser add-on) recently, it can be because of that, a few months ago an extension opened automatically a website.
none installed bro only have these ones : http://prntscr.com/9rbd0zI think that's the time to install an anti clipboard logger software, take a look here how it works: https://www.spyshelter.com/clipboard-protection/ ,if you still have the issue please install this app and try if it fixes the issue.
|
|
|
|
AliceWonderMiscreations
|
|
January 17, 2016, 06:24:13 PM |
|
This is why I recommend getting something like an Intel NUC dedicated to bitcoin.
Put Linux on it, and do not run any browser plugins or extensions, and do not use Chrome for Linux (it is closed source) on it.
Such a PC should only be used for your bitcoin activity, not general browsing. Not even browsing this forum. Just use it for bitcoin.
You can run a wallet on your normal PC just like you can keep some fiat cash in your leather wallet, but keep the value low.
btw flash (even in Chrome) is dangerous because flash allows programs loaded from web pages to manipulate the clipboard. Get rid of flash even on computers that you don't use with bitcoin.
|
I hereby reserve the right to sometimes be wrong
|
|
|
ShrykeZ
|
|
January 17, 2016, 06:33:04 PM |
|
This is why I recommend getting something like an Intel NUC dedicated to bitcoin.
Put Linux on it, and do not run any browser plugins or extensions, and do not use Chrome for Linux (it is closed source) on it.
Such a PC should only be used for your bitcoin activity, not general browsing. Not even browsing this forum. Just use it for bitcoin.
You can run a wallet on your normal PC just like you can keep some fiat cash in your leather wallet, but keep the value low.
btw flash (even in Chrome) is dangerous because flash allows programs loaded from web pages to manipulate the clipboard. Get rid of flash even on computers that you don't use with bitcoin.
Good idea, if OP is knowledgeable he could even do something similar on a less pricey option such as a Raspberry Pi.
|
|
|
|
BellaBitBit
|
|
January 17, 2016, 06:33:47 PM |
|
This is why I recommend getting something like an Intel NUC dedicated to bitcoin.
Put Linux on it, and do not run any browser plugins or extensions, and do not use Chrome for Linux (it is closed source) on it.
Such a PC should only be used for your bitcoin activity, not general browsing. Not even browsing this forum. Just use it for bitcoin.
You can run a wallet on your normal PC just like you can keep some fiat cash in your leather wallet, but keep the value low.
btw flash (even in Chrome) is dangerous because flash allows programs loaded from web pages to manipulate the clipboard. Get rid of flash even on computers that you don't use with bitcoin.
Good information here. I have been trying to do all bitcoin activity on only ONE computer in the house, with no internet browsing.
|
I love Bitcoin
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
January 17, 2016, 06:37:46 PM |
|
Sorry for your troubles. Time to consider using a hardware wallet with a screen like Trezor.
|
|
|
|
escrow.ms
Legendary
Offline
Activity: 1274
Merit: 1004
|
|
January 17, 2016, 06:45:10 PM |
|
Check browser extensions/unknown startup entries and remove them. You can use CCleaner for it.
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
January 17, 2016, 07:12:50 PM |
|
This is why I recommend getting something like an Intel NUC dedicated to bitcoin.
Put Linux on it, and do not run any browser plugins or extensions, and do not use Chrome for Linux (it is closed source) on it.
Such a PC should only be used for your bitcoin activity, not general browsing. Not even browsing this forum. Just use it for bitcoin.
You can run a wallet on your normal PC just like you can keep some fiat cash in your leather wallet, but keep the value low.
btw flash (even in Chrome) is dangerous because flash allows programs loaded from web pages to manipulate the clipboard. Get rid of flash even on computers that you don't use with bitcoin.
That seems to be a bit overkill. Basic security is enough for average quantities of Bitcoin. Even if you don't have any Bitcoin on your computer at all, the issue that the OP is talking about could happen too. The cheapest Intel NUC seems to be at 99$, as per their website. For that price I'd think in buying a Trezor (which still doesn't avoid the issue OP talked about, but can keep your Bitcoins secure while being able to spend them on an online computer) You don't necessarily need a new computer for offline cold storage, you can use an old one, your usual computer with a different disk or in live mode. There's also ledger and Raspberry's/Banana Pi/ODROID, etc.
|
|
|
|
btcxyzzz
Legendary
Offline
Activity: 888
Merit: 1000
Monero - secure, private and untraceable currency.
|
|
January 17, 2016, 07:34:42 PM |
|
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I just waited the moment this type of malware will occur. It's Windows, right?
|
|
|
|
Yakamoto
Legendary
Offline
Activity: 1218
Merit: 1007
|
|
January 17, 2016, 07:40:36 PM |
|
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I just waited the moment this type of malware will occur. It's Windows, right? I can't say for sure if it windows, but the type of malware is ingenious to be honest. Most people would not look at the address twice to make sure its the right thing, so it is inconspicuous enough that it would not be noticed (As in OP's situation) unless someone was actively looking for it. I am interested in seeing where this goes.
|
|
|
|
AliceWonderMiscreations
|
|
January 17, 2016, 08:18:46 PM |
|
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I just waited the moment this type of malware will occur. It's Windows, right? I can't say for sure if it windows, but the type of malware is ingenious to be honest. Most people would not look at the address twice to make sure its the right thing, so it is inconspicuous enough that it would not be noticed (As in OP's situation) unless someone was actively looking for it. I am interested in seeing where this goes. That's one of the reasons I do not like QR codes.
|
I hereby reserve the right to sometimes be wrong
|
|
|
AliceWonderMiscreations
|
|
January 17, 2016, 08:27:06 PM |
|
This is why I recommend getting something like an Intel NUC dedicated to bitcoin.
Put Linux on it, and do not run any browser plugins or extensions, and do not use Chrome for Linux (it is closed source) on it.
Such a PC should only be used for your bitcoin activity, not general browsing. Not even browsing this forum. Just use it for bitcoin.
You can run a wallet on your normal PC just like you can keep some fiat cash in your leather wallet, but keep the value low.
btw flash (even in Chrome) is dangerous because flash allows programs loaded from web pages to manipulate the clipboard. Get rid of flash even on computers that you don't use with bitcoin.
That seems to be a bit overkill. It may seem overkill but the bottom line is that bitcoin has no FDIC insurance and no way to reverse a transaction. Overkill thus is much safer than finding out you did not do enough.
|
I hereby reserve the right to sometimes be wrong
|
|
|
pjsonowal
|
|
January 18, 2016, 05:01:53 AM |
|
Prevention: This is because generally we do not read carefully and keep on installing softwares by hitting" NEXT" button. Nowadays additional softwares are coming up with the software.Also some scammers are patching up addtional malware instead of software. Also keygens and cracks also comes up with virus. I am saying this is because i lost my previous email address because of it. And also some infos of my other sites were stealed. It later came to notice when i got an email from google about my id been logged from different ip address
So it is highly recommended to use only trusted and secure download link. And please read carefully while installing software.
For OP i would say to
1) Backup Wallet.dat 2). Reset os (check my previous post in 1 st page)
|
|
|
|
amirheavy666
Full Member
Offline
Activity: 228
Merit: 101
NEM (XEM) Top Coin
|
|
April 22, 2016, 10:47:18 AM |
|
yes this is virus. i transfer 0.08 bitoin to this m...f.... account. I found what's happen. this was a virus address !!! 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u
|
Nem.io
|
|
|
pereira4
Legendary
Offline
Activity: 1610
Merit: 1183
|
|
April 22, 2016, 12:05:33 PM |
|
This is because of some file or a script that work in background .It must have come with something . I think it is with some software . I think you have installed a new software which runs the command in cmd to do it. Can you please give me a view of a task manager- process section & startup section , i think i can crack which file it is working in background. If you want to keep up the softwares and files and dont lose them up . You have to end that process which is working in background everytime you run up your PC or you can remove that up from program startup like this:- 1)Press Win-r . In the "Open:" field, type msconfig and press Enter . 2)Click the Startup tab. 3)Uncheck the items you do not want to launch on startup. Note: ... 4)When you have finished making your selections, click OK. 5)n the box that appears, click Restart to restart your computer. There is a solution : Reset your PC Reset is an option which allows you to reinstall OS with the option to KEEP THE FILES OR NOT. What things affects:- a) all the software you had installed are gone,but you can keep up with the files. So does that mean bx2.club behind it ? Hey, thanks really you seem to help me. Please can u help me, give me ur skype i will tell u all process running on my pc As far as I know there is no risk in publicly telling all of your processes.. so make an screenshot of your processes and show them in here so everyone can help. Also don't use the default task manager from Windows, download Process Explorer because it gives more specific info about the processes. Also I recommend you run HijackThis and copy paste the log here.
|
|
|
|
yenxz
|
|
April 22, 2016, 01:56:48 PM |
|
I am really horrified now!
when I withdrew money from somewhere i see i copied and pasted addy ,but when i not got for a long time i searched whats the issue and i see funds sent to : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u
and now I see this is a virus address , its a virus where u copy anything but this : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2u will be pasted, no matter , what !
I have searched internet more and saw someone else had same issue
please help me !
ah i never know about virus like this,yeas its horrible,i'm start to afraid with my address. but is this happen to all wallet or exchange? i wish this case can found the solutions.
|
|
|
|
apoorvlathey
|
|
April 22, 2016, 02:27:38 PM |
|
As far as I know there is no risk in publicly telling all of your processes.. so make an screenshot of your processes and show them in here so everyone can help. Also don't use the default task manager from Windows, download Process Explorer because it gives more specific info about the processes. Also I recommend you run HijackThis and copy paste the log here. The processes running by OP are : http://prnt.sc/9rb6o0 (screenshot)
After searching a bit i found that This address belongs to devil11Proofs :https://bitcointalk.org/index.php?topic=1317199.msg13993198#msg13993198Applying for this campaign ! Name : devil11Post Count : 194 Rank : Full Member Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uProfile UID : 495476 Thank You. Thanks for your appreciating. Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uStarting Posts : 196 Forum Rank at Time of Entry : Full Member Applying for this campaign. Username : devil11Current Rank : Full Member Current Post Count : 203 Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uThanks in Advance.
|
|
|
|
Kprawn
Legendary
Offline
Activity: 1904
Merit: 1074
|
|
April 22, 2016, 04:21:25 PM |
|
As far as I know there is no risk in publicly telling all of your processes.. so make an screenshot of your processes and show them in here so everyone can help. Also don't use the default task manager from Windows, download Process Explorer because it gives more specific info about the processes. Also I recommend you run HijackThis and copy paste the log here. The processes running by OP are : http://prnt.sc/9rb6o0 (screenshot)
After searching a bit i found that This address belongs to devil11Proofs :https://bitcointalk.org/index.php?topic=1317199.msg13993198#msg13993198Applying for this campaign ! Name : devil11Post Count : 194 Rank : Full Member Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uProfile UID : 495476 Thank You. Thanks for your appreciating. Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uStarting Posts : 196 Forum Rank at Time of Entry : Full Member Applying for this campaign. Username : devil11Current Rank : Full Member Current Post Count : 203 Bitcoin Address : 19ZM2pjq6U4jVb283GZkCPNukjeyb2YZ2uThanks in Advance. What is the chance of that user being infected with the same virus and he posted that by mistake? It would be very stupid to post a addy that is being used by a virus on the forum. Send the user a PM and see if you can get a answer or a explanation. Good catch, if it turns out to be the same person. I have heard about this before and for that reason I double check all my addresses before I submit payment.
|
|
|
|
|