I may suggest you read this
Clipboard virus (Free Instructions) - Removal Guide.
I suspected that still belongs to the Trojan virus, you should have a full scan of your computer have used if you suspected that there's unusual behavior in your PC, like also running slow your computer while browsing in your computer. In the above link that I have shared, there's a guide on how to clean your PC safe and you should take an action before the intruder will get your fund. As soon as possible, clean your PC now.
Make sure that your account on exchange has multiple layers of security, like enabling 2FA verification. Scammer won't execute withdrawal without your permission.
Let me explain one more time since I don't think you have read what I have wrote in the main post. I have already stated that I have formatted my PC right away. The virus is gone, I already took care of it. I am interested to find out if anyone else have encountered with the following virus? If someone have experienced such a behavior from a virus? If there's any information about this virus? Or it's something brand new?
Like I said I have already sorted the issue by formatting my PC but I am just asking if someone is familiar what this might be or explain a bit more?
Disregard my post above. So far you are making use of an exchange, and the deposited address is different and not yours, that should not be QR code or clipboard malware as it is deposit address that was affected (which means your exchange account is totally affect). It is strange to me but I think the hacker was able to logout your exchange account, login their own account which may be very similar to yours, and spying on your activities.
Didn't you enable 2fa and sim authentication?
So, the weird part is that the exchange account was not affected at all. I have 2FA all kind of security for every single exchange. I am thinking it might be something with javascript injection? Is this possible? Like after you login on the exchange and then you have already pre-set the deposit address and missing the QR code? Isn't something like this possible? Like try to completely and automatically modify and inspect element the website?
I had no breaches in any of my exchanges. And this have happened to a couple of exchanges until I spotted the issue (I haven't sent any money to it, I haven't lost anything) I am just curious about this. If someone can break down to me what are the possibilities of something like this? So let me break down in steps EXACTLY:
1. I login on the exchange, the deposit address looks like it's already pre-set and the QR code is missing.
2. If I hit refresh button on the exchange it still stays the same "pre-set deposit address and QR code still missing"
3. If I login from my phone the site has my normal deposit address and everything is fine.
None of the exchanges where I had account had logins or breaches, everything was in tact and fine. No withdrawals no losses, literally nothing wrong. Only upon login on the site the deposit address is already pre-set and the QR code is missing (I guess QR code is missing so you don't scan it with phone since it will give the right address).