Found 8 Virus on chainstate

[jantaro]

  Hi: I m trying to use bitcoin in the safest way: I learned that the best thing I could do is running bitcoind and bitcoin-qt, as it is a full-node and outcoming transactions are safer because part of the process is done on my computer due to that huge folder (over 60 GB ) where blockchain is stored.
   
   I choosed Linux as Operative System for bitcoind and bitcoin qt and well, the thing is that I found up to 8 virus on this location:

/home/user/.bitcoin/chainstate/

like for instance:

/home/user/.bitcoin/chainstate/427915.ldb: Gen 981 FOUND

well, CLAMAV reports 8 viruses on these .ldb files contained on /home/user/.bitcoin/chainstate/

GEN 981, Violetta-B, Gergana-222, Gen 100 Years 1, Phantom, Italian 1, Copyright.2, Syslock.2 are the names

Tried to find out if some other users where afected or how this could be solved, the only thing I found is a similar problem related with sst files on Windows users and some other reports but no forum discussion.

Would like to ask someone who would know about it what should I do next?.

of course I can erase them with

 sudo clamscan -r --remove/home   

but ... will I mess something on bitcoind, bitcoin-qt ?

What could I do?. I don´t feel like safe using this due to CLAMAV, but little do I understand about virus or malware, apart from scanning. So I m making this post to let the community know about it and in hope I could find a solution and/or explanation.

Kind Regards.

[CIYAM]

I am pretty sure any such AV reports are "false positives" (i.e. not the actual virus but some bytes that the software has confused with the virus).

Understand that the blockchain files are not "executable" so you aren't really risking virus infection even if they did contain a virus.

IMO you'd be best to configure your AV software to "ignore" the blockchain files.

[sho_road_warrior]

They are just signatures of viruses some funny people stored in the blockchain. You need to add an exception for these folders or your anti virus software will keep breaking core.

Once you added the exceptions you probably need to -reindex

[defcon23]

That's only a FALSE AV detection in this case..

[jantaro]

   Really, I was supposing so, but there´s absolutely no information about this for linux users. The only thing I found were reports with no explanations on github. And well, as far as i m not engineer or professional on computers I prefer to ask. Thanks a lot for your answers. Kind regards!.

[Raize]

I thought there was an entry about this on the Bitcoin FAQ but it appears there isn't or isn't anymore.

[pisko]

so it is sure thate there is no viruses in this files?
having same issue
8 infected files
same viruses
yesterday somebody connected on my bittrex accout and solded out mine coins
support said me that orders comes from my ip address.

[longbob72]

so it is sure thate there is no viruses in this files?
having same issue
8 infected files
same viruses
yesterday somebody connected on my bittrex accout and solded out mine coins
support said me that orders comes from my ip address.

like people already said above, they are most likely false positives. something similar to this have happened 2 years ago. even if there is a virus inside the blockchain it can't be executed.

if you got a virus on your computer it certainly didn't came from the blockchain.
srsly if people can get infected by viruses just by syncing bitcoin would be dead by now.

[pisko]

so it is sure thate there is no viruses in this files?
having same issue
8 infected files
same viruses
yesterday somebody connected on my bittrex accout and solded out mine coins
support said me that orders comes from my ip address.

like people already said above, they are most likely false positives. something similar to this have happened 2 years ago. even if there is a virus inside the blockchain it can't be executed.

if you got a virus on your computer it certainly didn't came from the blockchain.
srsly if people can get infected by viruses just by syncing bitcoin would be dead by now.

i understand but no other viruses found...
maybe he cleaned yet

[defcon23]

there's NO virus in chainstate. 

[shorena]

-snip-
i understand but no other viruses found...
maybe he cleaned yet

How did you search? You need to scan from an external system, as advanced malware will circumvent your anti virus software and any software you installed after you have been infected.

[jaff11]

Use antivirus  Microsoft security essential

[fbueller]

Unless one of them actually affects Bitcoin Core (which has never happened before) it's not going to get executed. Previous occurrences of this were only heuristic matches, so not even viable software. The intended effect for the culprits is probably panic.

[AleScamHole]

ya dude, anyone tecky enough knows due to how the blockchain works a virus wouldn't work, not to mention i think the checksum mis-match would crush any chance of a bug getting into core ;p
ill ask one question tht will prob tell you the culprit

have you installed any of the random alt-coin wallets launched almost everyday? 
cause thats where your bug came from guaranteed haha
go from vm do external scan, and for gods sake use a reputable AV atleast like ESET or something
someone above said use Microsoft security essentials, worse answer ever
when i wore a few different color hats back in university we TESTED malicious code around Microsoft security essentials, its total garbage lmao

[GreenMatrix]

I have AV too.....give me a lot of false positive viruse too