Topic: [Help]Bitcoin Wallet Security on Windows (Read 148 times)

I decided to reprogram my computer today after too many sleepless night for over thinking about the safety my assets when being stored on my computer after reading all the inputs here. This is the hard way but this the only that I can guarantee the safety of my assets until the future.

I will lock now the thread as I already have a conclusion to this dilemma of mine. Thanks to all.

Windows' own anti-virus is practically as good as any commercial one. Malware often gets into your system because you click that "allow" button while installing a pirated game or other software. Or when the malware is brand new and no antivirus can detect it yet.

So first things first you should use cold storage to reduce the chance of malware stealing your wallet to zero, if you do everything correctly. And second, always avoid any interaction that can result in infection. Don't watch pirated content from streaming, download it from torrents from trusted accounts instead. Don't pirate software, use free and open source alternatives, and always download free software from the official source with a correct digital signature of the authors.

There is no antivirus software that will protect you from all malware in windows os, and it's more likely you will get a bunch of false warnings all the time.
My suggestion is to backup your important data,  totally format your hard drive, and than install some Linux OS like Fedora or Debian for example, or at least make a dual boot with Linux.
This way you won't have to worry about any malware, and you will have much safer operating system, since most malware is made for windows.

I wouldn't rely on antivirus for this, honestly if you think you're compromised then wiping the hardware is probably the best idea. If you've got a Solid state drive (SSD) you could potentially use Secure Erase ATA. Booting into a live usb of a distro of your choice, and using HDPARM to perform it. It should, theoretically wipe everything from the mapping to pretty all the data. It sends a voltage spike to each of the chips on the SSD, and that should erase everything, and you can then reinstall your operating system.

Backing up files when you're already compromised is a tricky affair. If you can't realistically do this, then I wouldn't risk putting your Bitcoin on that device. Maybe, consider a offline device as an alternative. Most people have old computers lying around that they could repurpose for a offline Bitcoin wallet. Then, create a watch address on your existing potentially compromised computer. If you want to send Bitcoin, things start getting a little more tricky. However, you could use a hardware wallet to mitigate some of the issues.

What version of Windows are you using?
You should use the latest Windows version, Windows 10 or 11, which is currently recommended. in windows 10 and 11 there is already a defender as the default windows AV which will protect your desktop computer quite well, or you can add several AVs such as the Malwarebytes AV that you are currently using.
If your Malwarebytes detects .PUP items then you should clean it because it will be very annoying, it is a kind of Adware that will interfere and collect information and observing your online activity and then selling it to advertisers. Additionally .PUPs will work to hijack search features and other functionalities, so apps like this will be very annoying. you should delete it immediately.

Types of PUPs


https://www.safesearchkids.com/how-to-detect-and-remove-pup-potentially-unwanted-programs/
https://www.techtarget.com/searchsecurity/definition/PUP

First of all, I don't like the idea of using a crypto wallet on my PC, the chances of doing something wrong is very high compare to when running a crypto wallet on your smartphone.

My advice is to always update your windows 10 or 11 to the latest, windows defender works better when they are updated frequently, ads blocker will do what it can but believe me, there are other ways you can lose it all using a PC unless you don't browse the internet at all.

Get a hardware wallet.

I agree with mocacinno and others. Reinstalling the operating system has become much less of a chore than it used to be. Sure, it's a hassle to restore all apps and settings to the way they were, but it'll do a better job of getting rid of malware than any other option. Better to be safe than sorry, right?

You may also want to consider using a bootable Linux live CD or USB drive to scan your system for malware, which will be left behind by most other methods. This is especially useful if you're not sure what else to do with the infected PC. Personally, I also use a combination of antivirus and malwarebytes. But because my computer doesn't do much besides surf the web for geeky stuff, there isn't much chance that it'll encounter dangerous files anyway! Of course, I still wouldn't feel comfortable keeping large sums of money in this machine. It's better to use a more secure PC for that purpose, or better yet - a hardware wallet.

It's something to create a bootable DVD from it. And if you boot from it you'll run an antivirus.
It's not meant to "factory reset" your system. But Windows10 has options for "factory reset" too (I don't know though how good they are).
I will add that if you have a properly licensed Win10 I think that even if you do a clean re-install (and you don't set a key), Microsoft will know and make your new Win10 licensed again. (At least I've done that not long ago and on my surprise this has happened).


Good call.


Linux is also a good advice, but the starting part of only removing the browser may not help much if his system is indeed in trouble (and if one hides the problem it doesn't mean the problem is gone). Plus, although I tried to keep Firefox as main browser, it turned out that some websites (and apps) just don't work properly on Firefox (some development houses decided that testing only on Chromium is fine/enough).

If OP decides to stay on windows then indeed, an antivirus that offers real time (and URL) protection is a must. And in any case, uBlock Origin must not be missing.

OP, delete your browser. Since you get pop-ups in it. Use Firefox, today it is more secure when compared to other browsers, add extensions uBlock Origin. Try installing the CCleaner program. I don’t know if there are free versions of this program now, but it has the ability to view all processes that have access to startup. Delete everything that you do not know, and preferably everything in general. Check the task manager if there are processes in it that you did not start. Next, try installing an antivirus, but it should be paid for. Today, all free antivirus software detects viruses but does not completely remove them.
Don't skimp on your safety. And as a friendly tip, start learning Linux systems. You can see how they work by installing VirtualBox and Linux.

I guess that would be better because it is safer, but I think it is good for him to still be careful of malware, especially if operating the hardware wallet with the same computer which can make clipboard malware hack and coin theft possible.

The apps are still updated after new version are released, this makes me think that there is no difference. The app that is most important to me is 2FA app, it is on another device and I still have backup for recover. Also backup for wallets are all offline.

You can use it after you have reinstalled your device OS which is very important because your computer may have malware already. It blocks ads effectively.

This is not a question that can be given a unique answer, because everyone has their favorite when it comes to AV and everyone will give some reason why they think their AV is the best - with the addition of those who use Linux and think that it is the only one correct way that makes sense. If you want to experiment with AV, I suggest you try one of those that otherwise have the best test results, and most of them have trial versions, so it won't cost you anything.

However, if you want to sleep a little more peacefully, listen to the advice of others and buy HW or make cold storage on an old computer, which is an even safer option.

I see you're still a little bit on the fence about reinstalling your OS. I'll try to help you make up your mind:

Ask this question to yourself: "How much is the crypto you're currently storing on a desktop wallet worth (in FIAT terms)". Then ask yourself the question: "How many hours will it take to setup my system again".

Divide the hours you'll spend on reinstalling by the net worth of the crypto you're storing and decide if it's worth to invest your time.
Maybe you'll come to the conclusion you only hold (for example) $100 worth of crypto, and it'll take 25 hours to completely reinstall and reconfigure your pc so everything is back like you like it to be... So reinstalling could potentially "save" you from losing $4/hour and for you that might not be worth it.

On the other hand, you could come to the conclusion that a simple reinstallation might save you from losing hundreds or even thousands of dollars per hour of work invested, and the decission becomes really simple.

What you could also do is disconnect your pc from the internet untill you receive your christmas present (hardware wallet). This way, at least your key(s) cannot be stolen from this point in time (There's always a chance a hacker already has his hands on your private key(s) but hasn't yet robbed you, in this case disconnecting from the internet won't do you much good... But those odds are rather small and can only be circumvented by making a new wallet on a clean pc and moving your funds).

This is a decission everybody has to make for himself/herself tough... Personally, i'd wipe my system right away if i even had the suspicion i had malware on a device holding a software wallet of mine.

Will try to add this next time when I reprogram my desktop


Does this tool will not factory reset my computer? I have no experience on bootable device but I will try to do this as my last resort before I reprogram. Thank you

I’m already considering purchasing hardware wallet this Christmas as gift to myself. This computer fiasco I experienced motivates me to invest on hardware wallet this time.


I will try this. I’m not storing important files on my desktop since I have external HDD for all my files. Only the apps that I’m using for my work is installed to my PC.


Actually I’m already considering doing it. Then I remember there’s a lot of reputable member here that might help me to solve my case. I will reprogram if the persistent pup virus keeps appearing after doing all the suggestion above.

Tbh, If I suspected that my PC  (that I use for crypto related stuff) is affected by malware, no program would make me feel safe enough and I would rather just do a clean install. I know that its a pain in the ass to lose all the apps, but its the only way to be sure. Better safe than sorry. As a matter of fact, I was in a relatively similar situation few years years ago that resulted in me doing fresh install and getting hardware wallet asap.

As usual, it is easier to prevent than to cure. Be computer hygienic to stay safe, or better yet, get a separate PC and OS for your crypto wallet.

To check sites and files, you can use the following service, like this - https://virustotal.com/. I can't say anything about the collection of sensitive information such websites may be doing, but I don't think it's critical information if you check a link to an anime or sports streaming site.

Regarding the reluctance to format your disk. Something has to be sacrificed here. Either data that can be recovered or the security of your funds that can't be recovered if it is stolen by malware.

1. Get for free a tool like Kaspersky Rescue Disk (https://www.kaspersky.com/downloads/free-rescue-disk), make off it either a bootable USB, either (easier, if you have device) a CD/DVD, boot from it, update and then clean your system. Other major vendors also have rescue disks, if you don't think that Kaspersky is good enough.

2. Consider acquiring a hardware wallet and keep your coins (actually keys) on that; it'll help you sleep better.

Use ublock origin, https://ublockorigin.com/. it helps in blocking ads. It is not an antivirus, but a browser extension.

Edit:
Use the ad blocker after you have reinstalled your device OS.

What’s the best AV or software that can help me to determine if my desktop is already infected by Malware. I browse a couple of site that has a lot of popping ads mainly from the free streaming website of anime and sports. I have malwarebytes and windows defender as protection but I’m still not confident with security because I still keep detecting .pup items on my malwarebytes result even I already done it multiple times.

Currently I delete my electrum wallet on my desktop as safety precaution. I don’t want to reformat my computer because I have a lot of apps installed. Is there trusted AV that you can suggest that can clean completely my desktop from potential malware?