Virus:DOS/Stoned from Bitcoin Core

[Dr. Sekxy]

So I was updating my full node today when suddenly this pops up

https://i.imgur.com/RNrC90h.png

What's going on? Did anyone also experienced this?

[1715580526]

1715580526

[nitehawk]

the stoned virus.. wow i havnt seen that in ages..  for the record DOS in that case is not Denial of Service. its actually MS DOS  the " stoned " virus is  that old.  your normal virus scanner should take care of it .. however if it works the same way it use to DO NO REBOOT unless youve fixed it.

if it doesnt your going to have to fix your MBR as thats what the virus affects if you reboot you'll see a message " this pc is STONED" its already to late at that point time to format and start over

[jl2012]

false positive. someone put the signature of the virus to the blockchain.

[stergium]

stoned? I suddently feel so old
a friend of mine had an alert for another virus while updating the blockchain (he too into a chainstate file). at the same time i was updating.
His av poped up mine didnt. Same av... we assumed it was a false positive like this one

[sirky]

I had this too - it crashed my core client because MSE automatically quarantined the blockchain file.

I saw people suggesting not scanning .sst files, or not scanning your blockchain dir in the github comments, but those don't really seem like acceptable solutions to overcautious me. I mean, I do have my (somewhat meager amount of) bitcoins accessible to the core client.

I love the idea of helping bitcoin out by running a full node, but don't really want to put this PC or my bitcoins at risk, and exempting locations and files in AV seems to be doing that to me. On the other hand, not exempting them will just allow annoying kids to crash my node over and over by putting these signatures into the blockchain at will.

Am I looking at something wrong? Should I just move my full node somewhere else to a PC I don't care about so I can make these exemptions, and keep my wallet with some other software on a more protected computer?

Sorry for seeming somewhat uptight about this, but my greatest fear as a bitcoin owner is viruses somehow taking my unlocked wallet so anytime I see anything with viruses and bitcoin it sort of psyches me out.

[knightcoin]

is that why 80 bytes is too much 

[Raize]

It would appear others have been having this issue as well. Here's a clamAV report from a month ago:
http://www.opendevs.org/mvkwt/virus-infection-alerts-from-files-in-bitcoin-chainstate.html

I ran into this issue on my Synology which I rsync with my blockchain as well. I imagine they use clamAV for their virus scanning engine. We'll probably have to start excluding .SST files from virus scanners, which isn't too horrible because they aren't executables, but like sirky mentions, this isn't a great solution long-term for the average home user.

[m5j0r]

We urgently need a statement from the bitcoin core developers.

Has anyone found one yet?

This is an absolute DEFCON 1 situation for bitcoin. I uploaded the sst file to virustotal.com and it gets recognized by all the common AV products so millions of Bitcoin users are going to see this!

[knightcoin]

We urgently need a statement from the bitcoin core developers.

Has anyone found one yet?

This is an absolute DEFCON 1 situation for bitcoin. I uploaded the sst file to virustotal.com and it gets recognized by all the common AV products so millions of Bitcoin users are going to see this!

yep, rebels .. the empire strikes back ..

[m5j0r]

I wonder what the intentions were. A serious attack can't be realized as far as I know. And just for trolling? Why?

[lateblooming]

https://answers.microsoft.com/en-us/protect/forum/mse-protect_updating/microsoft-security-essentials-reporting-false/0240ed8e-5a27-4843-a939-0279c8110e1c?tm=1400189799602