Bitcoin Forum
November 17, 2024, 01:48:30 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: While doing sync on my wallet, my AV detected virus in the blockchain  (Read 1348 times)
0x54444e (OP)
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
January 18, 2015, 02:08:31 PM
 #1

So, just installed my wallet a week or so ago, and around "1 year and 17 weeks behind" my AV ( Bitdefender 2015 ) detected an virus inside the chainstate, how is that possible?

https://i.imgur.com/8h3xQw8.png
Meuh6879
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012



View Profile
January 18, 2015, 02:09:11 PM
 #2

what is "your wallet" ... ?  Roll Eyes
tokeweed
Legendary
*
Offline Offline

Activity: 4144
Merit: 1461


Life, Love and Laughter...


View Profile
January 18, 2015, 02:12:32 PM
 #3

this is how hackers backdoor your cold storage.

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT|
4,000+ GAMES
███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀
█████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀
||.
|
▄▄████▄▄
▀█▀
▄▀▀▄▀█▀
▄░░▄█░██░█▄░░▄
█░▄█░▀█▄▄█▀░█▄░█
▀▄░███▄▄▄▄███░▄▀
▀▀█░░░▄▄▄▄░░░█▀▀
░░██████░░█
█░░░░▀▀░░░░█
▀▄▀▄▀▄▀▄▀▄
▄░█████▀▀█████░▄
▄███████░██░███████▄
▀▀██████▄▄██████▀▀
▀▀████████▀▀
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
███████████░███████▀▄▀
███████████░██▀▄▄▄▄▀
███████████░▀▄▀
████████████▄▀
███████████
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄███░░░▀████░███▄▀██▄
███░████░░░░░▀██░████░███
███░████░█▄░░░░▀░████░███
███░████░███▄░░░░████░███
▀██▄▀███░█████▄░░███▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀
OFFICIAL PARTNERSHIP
SOUTHAMPTON FC
FAZE CLAN
SSC NAPOLI
Bitcoinpro
Legendary
*
Offline Offline

Activity: 1358
Merit: 1000



View Profile
January 18, 2015, 02:13:22 PM
 #4

https://bitcointalk.org/index.php?topic=811290.0

WWW.FACEBOOK.COM

CRYPTOCURRENCY CENTRAL BANK

LTC: LP7bcFENVL9vdmUVea1M6FMyjSmUfsMVYf
0x54444e (OP)
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
January 18, 2015, 02:16:10 PM
 #5

what is "your wallet" ... ?  Roll Eyes

Bitcoin Core (desktop)
Meuh6879
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012



View Profile
January 18, 2015, 02:31:27 PM
 #6

from this area ?
https://bitcoin.org/bin/
0x54444e (OP)
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
January 18, 2015, 02:32:35 PM
 #7

from this area ?
https://bitcoin.org/bin/
From the bitcoin official site on the download section, last version.
Meuh6879
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012



View Profile
January 18, 2015, 02:35:16 PM
 #8

OK, so ... create exception in your AV for the folder of bitcoin core.
AV are bad because they use somes counter fighting strategies (and they fail ... usually).

http://www.bitdefender.com/support/how-do-i-exclude-a-folder-from-being-scanned-1011.html
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
January 18, 2015, 02:43:59 PM
 #9

It is a false positive, a signature in the blockchain matches the signature in the virus database. Just whitelist the folder and continue, the 'virus' cannot do anything to harm your computer.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Flashman
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


Hodl!


View Profile
January 18, 2015, 02:47:50 PM
 #10

Since the blockchain is a variation on the infinite monkeys/typewriters theme, in that shit in it is so well encrypted it's kinda random, every virus signature will eventually be in it.

TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6

Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins.
Kazimir
Legendary
*
Offline Offline

Activity: 1176
Merit: 1011



View Profile
January 18, 2015, 02:48:41 PM
 #11

Sounds like a retarded viruskiller, as the blockchain data is just data, it's never being executed.There can be anything in there, it just doesn't matter.

In theory, there's no difference between theory and practice. In practice, there is.
Insert coin(s): 1KazimirL9MNcnFnoosGrEkmMsbYLxPPob
Sempruls
Member
**
Offline Offline

Activity: 87
Merit: 10

★777Coin.com★ Fun BTC Casino!


View Profile
January 18, 2015, 02:53:39 PM
 #12

no problem at all
just make exception for your bitcoin-core folder blockchain

pozmu
Hero Member
*****
Offline Offline

Activity: 770
Merit: 504


(っ◔◡◔)っ🍪


View Profile
January 18, 2015, 06:22:49 PM
 #13

That's normal, people are storing a lot of different types of data in the blockchain, including viruses.
I don't think making blockchain folder an exception is very good idea from the security point of view, some malware can make use of that... Better use AV software that takes care of this issue without having to create an exception.

SargeR33
Member
**
Offline Offline

Activity: 112
Merit: 10

★Bitin.io★ - Instant Exchange


View Profile
January 19, 2015, 07:14:30 AM
 #14

As other suggest, make an exception in your AV. I had the same issue, after some research it seems back in the day there were viruses designed to run scripts on your PC to mine for somebody else. These signatures probably pick up on something like that or something that isn't even remotely related.

I would be cautious though, I'd use another AV and do a scan just to be sure.

Newar
Legendary
*
Offline Offline

Activity: 1358
Merit: 1001


https://gliph.me/hUF


View Profile
January 19, 2015, 09:22:04 AM
 #15


Report the false positive to Bitdefender.

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
Rannasha
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


View Profile
January 20, 2015, 06:04:28 AM
 #16

Since the blockchain is a variation on the infinite monkeys/typewriters theme, in that shit in it is so well encrypted it's kinda random, every virus signature will eventually be in it.

False, there is nothing encrypted in the blockchain. All transaction data is directly readable.
cr1776
Legendary
*
Offline Offline

Activity: 4228
Merit: 1313


View Profile
January 20, 2015, 10:18:15 AM
 #17

It is a false positive, a signature in the blockchain matches the signature in the virus database. Just whitelist the folder and continue, the 'virus' cannot do anything to harm your computer.

This.  It is a false positive.
Flashman
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


Hodl!


View Profile
January 20, 2015, 11:24:28 AM
 #18

Since the blockchain is a variation on the infinite monkeys/typewriters theme, in that shit in it is so well encrypted it's kinda random, every virus signature will eventually be in it.

False, there is nothing encrypted in the blockchain. All transaction data is directly readable.

Yah, I wasn't terribly clear that I meant that there are some products of encryption in it, like block hashes. Anyway, lots of essentially randomish strings.

TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6

Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins.
crazyearner
Legendary
*
Offline Offline

Activity: 1820
Merit: 1001



View Profile
January 25, 2015, 05:01:12 PM
 #19

This is a false positive caused by many anti virus and many treat it as a virus or malware due to how it works. Simple solution to that white list it in your anti virus and should be fine. But I would also look it up to be on the safe side or back up all wallets and delete it all and start fresh and import your old wallets first. Then id do a scan of full system to make sure their is nothing on system that might cause a threat to your coin.

=
  R E B E L L I O U S 
  ▄▀▀▀▀▀▄▄                           ▄▄▀▀▀▀▀▄
▄▀        █▄▄                     ▄▄█        ▀▄
█            █████████████████████            █
█▄          ██       ██ ██       ██          ▄█
█        █            █            █        █
  █    █               █               █    █
   █ ██               █ █               ██ █
    █ █               █ █               █ █
    █ ███▄  █████▄   ██ ██   ▄█████  ▄███ █
    █     ███     █         █     ███     █
     █   █   ▀███ █  █   █  █ ███▀   █   █
     █   █      █ █  █   █  █ █      █   █
     █   █      ██  █     █  ██      █   █
      █  █     ██  █       █  ██     █  █
      █  █    ██  █ ███████ █  ██    █  █
      █ ███   ██  █         █  ██   ███ █
       █   ▀███      █   █      ███▀   █
        █     ██       █       ██     █
         █      █   ▄▄███▄▄   █      █
          ███   ███▀       ▀███   ███
             █████           █████
                  ███████████
  ▄▀▀▀▀▀▄▄                           ▄▄▀▀▀▀▀▄
▄▀        █▄▄                     ▄▄█        ▀▄
█            █████████████████████            █
█▄          ██       ██ ██       ██          ▄█
█        █            █            █        █
  █    █               █               █    █
   █ ██               █ █               ██ █
    █ █               █ █               █ █
    █ ███▄  █████▄   ██ ██   ▄█████  ▄███ █
    █     ███     █         █     ███     █
     █   █   ▀███ █  █   █  █ ███▀   █   █
     █   █      █ █  █   █  █ █      █   █
     █   █      ██  █     █  ██      █   █
      █  █     ██  █       █  ██     █  █
      █  █    ██  █ ███████ █  ██    █  █
      █ ███   ██  █         █  ██   ███ █
       █   ▀███      █   █      ███▀   █
        █     ██       █       ██     █
         █      █   ▄▄███▄▄   █      █
          ███   ███▀       ▀███   ███
             █████           █████
                  ███████████
  R E B E L L I O U S
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!