Hmmm, I see this thread was moved and I got no notice of it. Anyway, I THINK I found the cause. I run an Oracle Virtualbox WIN10 VM to use as a (LOL) sandbox for questionable items I find in posts on here before I report them as malware or whatever. It seems that is what bit me and I believe I know where/when I got it. Unfortunately (or fortunately) the guy was nuked after I reported his post.
After I reboot, I no longer have the issue but, so far, as soon as I load the VM it returns. That's how it looks at the moment, of course I can easily be proven wrong although I have replicated it about 10x so far. If that is the case it's easy enough to nuke the VM.
After I reboot, I no longer have the issue but, so far, as soon as I load the VM it returns. That's how it looks at the moment, of course I can easily be proven wrong although I have replicated it about 10x so far. If that is the case it's easy enough to nuke the VM.
So, you had shared clipboard enabled?
If so, this definitely makes sense. If it isn't, nuking the VM does not necessarily mean your problem is solved.
And for the future, you might want to make sure to disable any interfaces such as shared folders, shared clipboard, network interfaces, etc..
And I am quite sure THIS download https://bitcointalk.org/index.php?topic=5305039.new#new or one similar to it is where it came from.
https://archive.vn/wip/lIP97
Head bob123's warning! I use VMs for a variety of things myself, mostly so I can test stuff on Ubuntu and MacOS, and I have those linked to my host PC via shared folders and clipboard, but if you are using a VM for investigating potential malware, make sure to keep that VM isolated.
Deleting that VM might work, but unless you're a wizard with the windows registry and can confirm your host PC hasn't been infected I recommend you nuke the whole system and start from scratch.
