Topic: Keep your wallet secure, read this. (Read 1570 times)
Great Post!!
Really helpful, thanks
Thank you.
Hello.
Here's some tips on how to keep your account/wallet safe.
----------------------------------------------------------
First, The On Screen Keyboard method.
Everytime you login your account/wallet, Make sure to type the password with On Screen Keyboard, so if you're keylogged, the keylogger would get a blank key entry
Here's how to access On Screen Keyboard.
Start-->All Programs---->Accessories--->Accessibility---> On-Screen Keyboard.
Second, the RDP method, this is a little complicated method.
----------------------------------------------------------
RDP is a shortcut for "Remote Desktop Protocol"
This is where you connect to another PC using your own, after a successful connection, a window will open with the PC desktop, allowing you to fully-control it, that could be a way to access your wallet/account if you have been keylogged.
Please notice that RDP would only prevent GetAsynKeyState and other keyboard-hooking keyloggers
----------------------------------------------------------
What if you have been keylogged already?
Download Keyscrambler,
Keyscrambler is a software that encrypts your KeyStroke in Windows.
So even if you're keylogged and the logs gets sent to the logger, It'd be encrypted and he wouldn't be able to see them.
Second , update your Anti-Virus, if you cannot update your Anti-Virus or download a new one then simply do this.
Get on another PC, connect a USB flash drive, download a strong Anti-Virus, then put it on your keylogged PC.
Or the other option is to format your Hard Drive if the above options do not work.
Or
You can run your PC on Linux.
Linux are pretty preventable against Keyloggers.
----------------------------------------------------------
What if you've been keylogged and have no other PC and want to access your wallet/account?
Simple, Get a trusted friend of yours to download TeamViewer, TeamViewer is a screen-sharing program that allows you to control another PC.
After he and you download TeamViewer, you intial a connection between you and him, and you could use his PC to login your wallet,
He won't get your password, the keylogger won't get your password and you'll have access to your wallet.
----------------------------------------------------------
How to find out if you have been keylogged?
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
----------------------------------------------------------
How to protect yourself from being Keylogged.
Do not download any softwares you don't know about.
Do not download a software someone asked you to.
Do not share your PC with someone else.
Do Hardware scans from time to time.
----------------------------------------------------------
If you've got more questions, feel free to ask!
Here's some tips on how to keep your account/wallet safe.
----------------------------------------------------------
First, The On Screen Keyboard method.
Everytime you login your account/wallet, Make sure to type the password with On Screen Keyboard, so if you're keylogged, the keylogger would get a blank key entry
Here's how to access On Screen Keyboard.
Start-->All Programs---->Accessories--->Accessibility---> On-Screen Keyboard.
Second, the RDP method, this is a little complicated method.
----------------------------------------------------------
RDP is a shortcut for "Remote Desktop Protocol"
This is where you connect to another PC using your own, after a successful connection, a window will open with the PC desktop, allowing you to fully-control it, that could be a way to access your wallet/account if you have been keylogged.
Please notice that RDP would only prevent GetAsynKeyState and other keyboard-hooking keyloggers
----------------------------------------------------------
What if you have been keylogged already?
Download Keyscrambler,
Keyscrambler is a software that encrypts your KeyStroke in Windows.
So even if you're keylogged and the logs gets sent to the logger, It'd be encrypted and he wouldn't be able to see them.
Second , update your Anti-Virus, if you cannot update your Anti-Virus or download a new one then simply do this.
Get on another PC, connect a USB flash drive, download a strong Anti-Virus, then put it on your keylogged PC.
Or the other option is to format your Hard Drive if the above options do not work.
Or
You can run your PC on Linux.
Linux are pretty preventable against Keyloggers.
----------------------------------------------------------
What if you've been keylogged and have no other PC and want to access your wallet/account?
Simple, Get a trusted friend of yours to download TeamViewer, TeamViewer is a screen-sharing program that allows you to control another PC.
After he and you download TeamViewer, you intial a connection between you and him, and you could use his PC to login your wallet,
He won't get your password, the keylogger won't get your password and you'll have access to your wallet.
----------------------------------------------------------
How to find out if you have been keylogged?
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
----------------------------------------------------------
How to protect yourself from being Keylogged.
Do not download any softwares you don't know about.
Do not download a software someone asked you to.
Do not share your PC with someone else.
Do Hardware scans from time to time.
----------------------------------------------------------
If you've got more questions, feel free to ask!
Any clue on any security risks that native onscreen touchscreen keyboards pose? Is it the same risk as physical keystrokes? More? Less?
encrypt it, and don't click XXX web 
Really helpful, It‘is can't help worrying about wallets
Thanks for your tips.
I just looked at key scramblers site,do you need a touch screen to use it?
I just looked at key scramblers site,do you need a touch screen to use it?
Thanks for the info
Thank you, Zany.
Nice contribution.
Maybe if you're keylogged, and the keylogger allows data transfers.
If you are that paranoid about getting hacked then you could use a wallet that supports cold storage - your offline wallet is kept on a computer with NO NETWORK and transactions are done via USB sticks to your online wallet. Then your offline wallet can never get hacked, right?
I have replied to your questions on that thread. =)
If you've got more questions, at anytime, just ask here.
= )
= )
Frankly there is one issue that relates to 2 factor auth at Mt Gox that I need to resolve soon. I posted on it here https://bitcointalksearch.org/topic/newbie-questions-on-2-factor-auth-on-mtgox-using-android-phone-192561 but nobody replied. I suspect it is either trivial or uninteresting for others.
If perhaps you can find time to have a look and have working knowledge of how 2 factor auth on MtGox works, your help will be appreciated.
Thanks
Rayen,
Thank you very much. My knowledge of computers increased by 200%
Your initial post should be placed in bitcoin wiki.
Thank you, Loozik.Thank you very much. My knowledge of computers increased by 200%
Your initial post should be placed in bitcoin wiki.
If you've got more questions, at anytime, just ask here.
= )
Rayen,
Thank you very much. My knowledge of computers increased by 200%
Your initial post should be placed in bitcoin wiki.
Thank you very much. My knowledge of computers increased by 200%
Your initial post should be placed in bitcoin wiki.
Excellant information. Thank you!
How to find out if you have been keylogged?
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
Should I look for different than mine addresses in Local Address column or in Foreign Address Column?
I just watched some video on YT and used ''netstat -b'' command and there appears to be an active connection using ''jusched.exe'' between my IP (Local Address) and Foreign IP that belongs to Akmai Technologies http://www.checkip.com/ip/23.64.224.60 http://www.akamai.com/html/industry/index.html this company provides services to people with guns calling themselves US Gov.
Should I be concerned?
Some people say jusched.exe is a virus, some say it's Java related process.
EDIT: there is also lms.exe running. People say it is sometimes a legitimate Windows process and sometimes a maleware with the same name http[Suspicious link removed].html
Jusched.exe is Java auto-updater
To know if it's a virus or not, go to this
C:\Program Files\Common Files\Java\Java Update\
You should find jusched.exe there, If your Windows/Operating platform isn't installed on drive C:
Then, go to the drive the Windows/Operating platform is installed on
Or you could simply search for "Java"
If it exists in the Java folder, then it's just a Java updater.
If it does not, then it's a virus and you should do a hard drive scan
Viruses typically do not target Program Files, it mostly gets in the System32, Application data, and Temp folder.
Akamai Technologies is safe, it's probably where Java checks if there's an update needed.
, LMS.exe is a shortcut for Local Manageability Service
It's manufactured by Intel, if you have an Intel motherboard, Graphics card, proccessor or so, then it's okay.
You could try this to check if lms.exe is a virus or not.
Simply go to the Windows/Operating platform drive.
Search for lms.exe
If It shows up unhidden, then you should know where it's located, and go to www.virustotal.com and scan it there, it'll give you complete and accurate results if it has a malware or not.
If It shows up hidden, then it's okay, because LMS.exe has the ability to hide itself and most of the times exists in the Program Files folder.
How to find out if you have been keylogged?
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
Simple
First of all, disconnect all Internet using programs, Skype, Yahoo, Hotmail, Browsers, etc.
Go to Start--->Run---> type CMD
When the command window opens
Type netstat -a
A list of connections will appear, letting you know what IP's are connected to your PC
If you recognize an IP that's different from yours and has " ESTABLISHED" behind it, then you have an ongoing connection with that IP and you're probably keylogged.
Should I look for different than mine addresses in Local Address column or in Foreign Address Column?
I just watched some video on YT and used ''netstat -b'' command and there appears to be an active connection using ''jusched.exe'' between my IP (Local Address) and Foreign IP that belongs to Akmai Technologies http://www.checkip.com/ip/23.64.224.60 http://www.akamai.com/html/industry/index.html this company provides services to people with guns calling themselves US Gov.
Should I be concerned?
Some people say jusched.exe is a virus, some say it's Java related process.
EDIT: there is also lms.exe running. People say it is sometimes a legitimate Windows process and sometimes a maleware with the same name http://www.pcpitstop.com/libraries/process/i/LMS.exe.html
Very helpfull, thanks!
Jump to: