Topic: Windows Defender detects DOS/Stoned in chainstate files (Read 2010 times)
I got this virus message today, blockchain was up to date, so it is not the same old message. Anyone else got it? Is it safe to make exception in antivirus?
same shit here: I get this -
Apparently the fix is you have to exclude the C:/Users/yourusername/AppData/Roaming/Bitcoin directory from Windows Defender
I blew away the entire directory just to be safe and am working off a backup wallet -- only 153 weeks behind now :-(
toolie fucking kids gotta fuck around...
Apparently the fix is you have to exclude the C:/Users/yourusername/AppData/Roaming/Bitcoin directory from Windows Defender
I blew away the entire directory just to be safe and am working off a backup wallet -- only 153 weeks behind now :-(
toolie fucking kids gotta fuck around...
I doubt it would as the data there should not get executet. Also the data just matches the signature of a virus thats not the same as the actual virus.
I understand the second part, thanks for the clarification.
Maybe it's the paranoid part of me, but I can't help but feel that the type of action that we have to take to "fix" this is exactly the type of action that could be exploited down the line, especially because the folder that everyone has to ignore is in the same place. Even if the data cannot get executed, it still causes a security weakness.
It's like the boy who cried wolf.
So this is a false positive detection and the only work around is to exclude the \chainstate folder from virus scan?
Doesn't this seem like it creates a vulnerability?
Doesn't this seem like it creates a vulnerability?
I doubt it would as the data there should not get executet. Also the data just matches the signature of a virus thats not the same as the actual virus.
so we are safe?
So this is a false positive detection and the only work around is to exclude the \chainstate folder from virus scan?
Doesn't this seem like it creates a vulnerability?
Doesn't this seem like it creates a vulnerability?
I think somebody introduced a virus code in the blockchain ..
But I'm not sure if it is possible ?
But I'm not sure if it is possible ?
Its possible and it has been done. In fact it allready has been done a long time ago in the testnet.
See here https://bitcointalksearch.org/topic/security-dos-vulnerability-554738
where on of the devs talks about it. This also links to a swedish board where this is discussed.
Also here:
https://bitcointalksearch.org/topic/uploading-virus-signature-to-the-blockchain-470326
Also getting a positive for Virus:DOS/Stoned, but in Bitcoin\chainstate\285512.sst, from Microsoft Security Essentials.
Running Windows 7.
I believe I've also seen threads about this before, trying to dig up the relevant information...
Running Windows 7.
I believe I've also seen threads about this before, trying to dig up the relevant information...
There have been similar posts here:
https://bitcointalksearch.org/topic/solved-downloaded-viruses-by-bitcoin-core-090-558919
https://bitcointalksearch.org/topic/bitcoin-virus-559365
https://bitcointalksearch.org/topic/bitcoin-core-virus-alert-from-windows-security-essentials-560070
even from 2011:
https://bitcointalksearch.org/topic/avg-thinks-bitcoin-is-a-virus-43803
https://bitcointalksearch.org/topic/avg-is-flagging-bitcoinexe-as-generic-trojan-43752
https://bitcointalksearch.org/topic/avg-antivirus-finds-a-new-generic24bzcm-signature-43741
https://bitcointalksearch.org/topic/avg-claims-bitcoin-is-malware-23465
Maybe this should be in some sort of sticky or this will pop up again and again.
well... it probably will anyway.
I think somebody introduced a virus code in the blockchain ..
But I'm not sure if it is possible ?
But I'm not sure if it is possible ?
Different operating system, different virus, different anti-virus.
Not the same issue. Similar issue.
Not trying to pick nits, but there's a level of specificity that you just don't take for granted with computers. Since I'm not an expert, I'm asking the experts here.
Why do you think I didn't read those threads? I did two searches, for the virus name and for the error code. I gleaned what I could from them and I'm asking again to be sure.
Not the same issue. Similar issue.
Not trying to pick nits, but there's a level of specificity that you just don't take for granted with computers. Since I'm not an expert, I'm asking the experts here.
Why do you think I didn't read those threads? I did two searches, for the virus name and for the error code. I gleaned what I could from them and I'm asking again to be sure.
I saw a couple threads about a similar issue. Is there anything specific I should do?
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
protip: if you saw similar threads about the same issue, consider reading those threads for a solution. Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
I saw a couple threads about a similar issue. Is there anything specific I should do?
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
I got the same...
Should I just ignore it?
It closed my bitcoin core program.
Not willing to riskt it to restart until I got confirmation
chainstate\142266.sst is the "infected" file
I saw a couple threads about a similar issue. Is there anything specific I should do?
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
Running Windows 8. I keep getting alerts from Windows defender. The virus definitions were last updated this afternoon.
Jump to: