Microsoft Security Essentials detects DOS/Invader in chainstate files

[wzaker]

Hi,

I noticed since 8:54am EST, MSE is detecting a virus in the chainstate files in my Bitcoin wallet. It seems it's deleting the files one by one 

At this point, I'm not sure if this is a false detection or there's actually a virus on my machine as I wasn't able to find anything about this.

Note that MSE update its definition at 7:24am EST on my machine.

Any comments?

Thanks

The following error occurred: Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this computer.
Category: Virus
Description: This program is dangerous and replicates by infecting other files.
Recommended action: Remove this software immediately.
Items:
file:C:\Users\~~~\AppData\Roaming\Bitcoin\chainstate\282352.sst
Get more information about this item online. ==> http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Virus%3aDOS%2fInvader&threatid=2147492097

[shorena]

this is a false positive. Im pretty sure, you are not the first. Two reasons:

- the data in the blockchain is bound to match the signature of a virus over time
- there have been attempts to DoS bitcoins with specially crafted transactions that match the signature of a virus. (thread can be found by using search)

[wzaker]

Thx

[Dare]

this is a false positive. Im pretty sure, you are not the first. Two reasons:

- the data in the blockchain is bound to match the signature of a virus over time
- there have been attempts to DoS bitcoins with specially crafted transactions that match the signature of a virus. (thread can be found by using search)

Specifically, antivirus software looks for specific sequences of bytes to identify viruses, and some of those byte sequences end up stored in the blockchain (both unintentionally from random generation and intentionally from people attempting to trigger this deliberately). There have been several threads about it if you want to confirm this, but as a false positive it's nothing to worry about.

[Kluge]

I wonder if there are any ongoing pet projects trying to insert a large file into the blockchain which is executed by calling up complete blk files and executing certain lines.

You get - what is it - 140 arbitrary bytes per .0001BTC fee? Let's say you want to put, Idunno, a 40MB Cosby Show episode in the blockchain. .0001BTC=.0001335MB, so ... ~30BTC to get an episode of the Cosby Show distributed to hundreds of thousands of people forever? Everyone should have the same blk files, so you just need a program with precompiled lists for where to find the code to play back the episode. Can you trick a central lite-wallet server into feeding you just the relevant transactions so you can stream it?