Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Media Media (Apple)

AVG Update Breaks iTunes 185

nate_in_ME writes "After getting a positive from the AVG virus detector while playing music on iTunes just a few minutes ago, I did a bit of research. It appears that AVG has recently pushed an update to the virus definitions that flags every iPod/iTunes related file as being infected with the 'Small.BOG' trojan. Interestingly enough, AVG does not have any information on this particular virus in their virus encyclopedia. Discussion on the Apple forum is up to 4 pages and climbing. One user there had an interesting thought: 'Maybe Palm has some shares in AVG...MUAHAAAA!!' (on page 3)."
This discussion has been archived. No new comments can be posted.

AVG Update Breaks iTunes

Comments Filter:
  • by Norsefire ( 1494323 ) * on Saturday July 25, 2009 @07:21PM (#28822959) Journal
    Bad music is a virus.

    It spreads like wildfire and everyone has it.
    • My wife has New Kids on the Block CDs still. I'm terrified I'll catch something from her.

      • by davester666 ( 731373 ) on Saturday July 25, 2009 @07:54PM (#28823183) Journal

        No, you're safe. I know from personal experience...I haven't caught anything from her yet.

        • Re: (Score:3, Funny)

          No, you're safe. I know from personal experience...I haven't caught anything from her yet.

          I take it your sudden taste in Celine Dion is unrelated?

      • by Ilgaz ( 86384 )

        If you listen to current top 40, New Kids On The Block may sound somehow good to you. Trust me, tune into some top 40 radio/site, have patience for 1 hour and put that NKOB CD.

        As I mention that, never run goodly coded MS-DOS antiviruses like F-Prot, TBAV under FreeDOS for nostalgic purposes. I don't remember any false positive of F-Prot for example. Remember the frequency of the users database updates. Like... Never? The stuff they were looking for weren't some lame Visual Studio gigantic code to. They were

        • There are two issues.

          Firstly in the old days we were dealing with a few bored or occasionally vengefull people. Now we are dealing with massive organised crime. They can easilly afford to buy every antivirus product on the market and spend all the time they need to tweak a virus until it no longer gets detected or research new ways to make life harder for the antivirus vendors.

          Secondly there is a constant arms race, the viruses are trying to find new ways to hide and the scanner vendors are trying to find w

    • Re: (Score:3, Informative)

      by Briareos ( 21163 ) *

      More like "bad software is a virus" - have you looked at iTunes on a Windows system? Yeeech... >_<

      np: Orbital - The Naked And The Dead (2Orbital (Disc 2))

  • Update (Score:5, Interesting)

    by nate_in_ME ( 1281156 ) <me@[ ]esmith.me ['nat' in gap]> on Saturday July 25, 2009 @07:22PM (#28822969)
    I actually submitted this yesterday...updates in the Apple discussion thread make it sound like everything is back to normal.
  • Conspiracy! (Score:5, Interesting)

    by girlintraining ( 1395911 ) on Saturday July 25, 2009 @07:25PM (#28822983)

    It's a conspiracy! Or... maybe it's just that the definition for the virus in question was rushed out the door without adequate testing. How many new viruses are reported each week again? They probably don't "beta test" their definitions, and just do it in a lab. Oops. The lab machines didn't have iTunes.

    • by Ihmhi ( 1206036 )

      I wonder if lab machines are just like, fresh Windows/OSX installs or if they have real-world-use programs that many people have, like AIM, iTunes, etc.

    • Re: (Score:3, Interesting)

      by makomk ( 752139 )

      Perhaps. iTunes also uses a bunch of highly obfuscated code with anti-reverse engineering protections, which probably increases its odds of being detected as suspicious.

  • by Jucius Maximus ( 229128 ) on Saturday July 25, 2009 @07:26PM (#28822989) Journal

    It does not appear to flag "every" file related to iTunes, it is just the iTunesMiniPlayer.dll.

    The workaround is to disable the real-time scanner.

    However their latest update had fixed it, and my real-time scanner is running again without problem.

    • by Sponge Bath ( 413667 ) on Saturday July 25, 2009 @07:36PM (#28823069)

      "The workaround is to disable the real-time scanner."

      Or switch to a better AV product. For a while I was satisfied with AVG, but gave up after other false positive problems with it. Avira does a better job (check out http://www.av-comparatives.org/ [av-comparatives.org]) and still has a free version.

      • Re: (Score:2, Interesting)

        by Billhead ( 842510 )

        I tried Avira on two computers two months ago, and on one it was constantly trying to access the floppy drive, and that seems to be a known problem.

        I'm not going to bother installing it on my other computers to see if it works, I'm going with NOD32.

      • by kklein ( 900361 ) on Saturday July 25, 2009 @08:24PM (#28823359)

        Or switch to a better AV product.

        I loved AVG for a long time, but since 8, it has been a resource hog and has added a bunch of crap I don't want and keeps asking me if I'd like to pay and keeps throwing up false positives.

        I just got rid of it the other day.

      • Excuse the stupid question, but it's not something easy to Google: is Avira the one that has annoying noises and talks to you? Someone recommended a great anti-virus package to me once, and it turned out to be the most irritating piece of software I've ever run.

        • Re: (Score:2, Informative)

          I think you are talking about Avast [avast.com].
          When it detects a virus a big grey window opens up showing the biohazard symbol, you hear a siren, then a voice (sounding remarkably like Kitt [wikipedia.org]) says "A virus has been detected".
          Yes it is kind of annoying, but I still regard it as one of the better anti-virus programs.
          • by adolf ( 21054 ) <flodadolf@gmail.com> on Sunday July 26, 2009 @12:36AM (#28824611) Journal

            I like Avast quite a bit. It's generally fast, problem-free, and stays the hell out of the way.

            Or at least, it stays out of the way once you do a few things to it:

            Tell it to turn off all sounds and notifications of normalcy. And to automatically accept all new program and definition updates. And to never to bother to ask to reboot the computer (it's a Windows desktop -- it'll be rebooted soon enough for othe reasons, anyway).

            After that, it just sits quietly on the taskbar unless things go awry somehow.

      • by unfunk ( 804468 ) on Sunday July 26, 2009 @04:52AM (#28825595) Journal

        "The workaround is to disable the real-time scanner."

        Or switch to a better AV product.

        Or a better media player. iTunes on Windows is superior only to Quicktime on Windows. Both are (in terms of usability) inferior to... well, pretty much everything else.

  • by Anonymous Coward on Saturday July 25, 2009 @07:35PM (#28823053)

    I work at a AV vendor (not one of the big ones), and false positives are a big problem. Essentially there are two issues. First, how severe is the threat? You might skimp on your validation process in order to get something out sooner. Second (and much harder to resolve), there is effectively an infinite amount of software out there; on top of that, there may also be many different versions (iTunes 6, 7, 8, point releases, etc). You try to do the best you can, but shit happens because you can only test against so much software.

    • by TheLink ( 130905 )
      Just curious. How well would you guys do at detection if stuff like perl malware becomes common?

      Would it the same, or harder?

      I'm asking this because if stuff like OSX and Linux become more and more popular, they will become viable targets to convert to "zombies". And both OSX and Linux have a different set of built-ins for malware authors to take advantage of- e.g. scripting languages.
  • Haha, good (Score:5, Insightful)

    by ArchieBunker ( 132337 ) on Saturday July 25, 2009 @07:35PM (#28823055)

    iTunes is about as useful as malware. If someone would only write a simple drag and drop app for the ipod touch that didn't require jailbreaking....

    Seriously does anyone else have issues with how convoluted it really is to add mp3 files to an ipod touch? Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing. Hit sync a few times and agree to all your old settings being overwritten (when all it really does is update). A $10 mp3 player allows me to right click and say "Send to..." Fuck you apple.

    • by Sponge Bath ( 413667 ) on Saturday July 25, 2009 @07:40PM (#28823099)

      "iTunes is about as useful as malware."

      The ghost of Steve Jobs rattles his chains at you. (oooooohhhh...)
      Yes, he is dead. Apple built an animatronic replica to placate shareholders.

      • Yes, he is dead. Apple built an animatronic replica to placate shareholders.

        Wow, I thought Jonathan Ive had done a good job with Eve, but designing a life like Steve Jobs is amazing. How good a job did engineering do with the RDF?

      • Re: (Score:3, Funny)

        by flydpnkrtn ( 114575 )
        Brings a whole new meaning to the "Fake Steve Jobs blog" lol... hmm what do we call it? iSteve?
    • Re:Haha, good (Score:4, Informative)

      by _merlin ( 160982 ) on Saturday July 25, 2009 @07:41PM (#28823113) Homepage Journal

      I have too much music for simple drag and drop to be useful. I like iTunes' smart playlists, which effectively give me a query language into my music library. If you do just want to drag and drop, tell iTunes that you want to manage the music on your iPod manually. You'll still have to use iTunes, but you'll be able to drag stuff on and off the device.

    • Re:Haha, good (Score:5, Informative)

      by dhovis ( 303725 ) * on Saturday July 25, 2009 @07:57PM (#28823201)

      Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing.

      In iTunes Preferences: Go to "Advanced". Uncheck "Copy files to iTunes Music folder when adding to library". iTunes will leave your files where they are and just index them.

      Personally I like the way iTunes organizes my music and keeps the actual files out of my way, but YMMV.

      • Personally I like the way iTunes organizes my music and keeps the actual files out of my way, but YMMV.

        I absolutely agree. Who would have thought I had so many duplicate songs? Only after constantly finding songs all over the place -- for instance Eric Clapton in 4 different categories (Classic Rock, 70's, Rock, and Male Vocalists) did I finally give up and relinquish control.

        The only thing I haven't figured out how to do is handle situations where you have the same song, same version on multiple albums. In most music organizers I've seen you have to keep multiple copies, which is what I'm doing now. If I w

    • wait while itunes chugs and makes a COPY of each file before syncing.

      It's a checkbox in the Advanced preferences. And you can see why they start with it turned on -- people who don't understand the filesystem would get *seriously* confused when they deleted some Blankety-Blank folder that they didn't remember creating in their My Documents folder and suddenly music disappeared from iTunes. Plus, it's easier to keep metadata (covers, for example) in the same location as the music, since otherwise you coul

    • Re: (Score:2, Insightful)

      by kklein ( 900361 )

      Seriously does anyone else have issues with how convoluted it really is to add mp3 files to an ipod touch?

      Not me. Plug in to charge, unplug when you are leaving the house. Everything is already synced. That's convoluted?

      Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing.

      As other posters have pointed out, you don't have to have it set up that way. If you want to have your music strewn all over your hard drive in random places that are hard to keep track of and hard to back up, Apple will oblidge.

      I'm sorry that you don't know how to use the software, but I'm glad that all my music is in one folder.

      Hit sync a few times and agree to all your old settings being overwritten (when all it really does is update).

      This is the one I can't figure out. The only time I hit "sync" i

    • Seriously does anyone else have issues with how convoluted it really is to add mp3 files to an ipod touch? Add a folder to your library, wait while itunes chugs and makes a COPY of each file before syncing. Hit sync a few times and agree to all your old settings being overwritten (when all it really does is update).

      PEBKAC

      Whether iTunes copies files or not is a user configurable setting. Personally I want iTunes to manage it's copy of my library without touching the original files. In my case the original files (ripped with EAC and LAME) are a backup on separate physical disc from my iTunes library.

      My smart playlist "Recent Additions" contains everything with a "Date Added" property within the last 30 days and is automatically synced to my iPhone. So I don't even need to have my iPhone connected when I add stuff to my

      • Like the subject says dragging files into itunes does nothing. It was one of the first things I tried. Setting sync to manual gave me the message about overwriting original contents. God forbid your mp3s don't have ID3 tags because itunes sticks them all in some unknown folder instead of paying attention to the filename.

        Its like people never knew how to manage mp3 files before itunes came along. How hard is it to organize the files and folders yourself? I seem to have no problems doing so. Are you keeping 1

    • Yeesh, another example of ignorance over intelligence. Are you too busy to spend 2 minutes check the settings??

      1) In itunes preferences you can tell itunes NOT to copy the mp3 file to the itunes library...the files will remain wherever you leave them.
      2) Once again in iTunes, when the ipod is connected under the music tab there is a checkbox that allows you to manually update your ipod. Once you set that then you can drag and drop any mp3 from itunes to your ipod WITHOUT syncing.

      Why do people talk about thi

  • by arcade ( 16638 ) on Saturday July 25, 2009 @07:35PM (#28823063) Homepage

    Seriously.

    Anti virus software has been breaking stuff for more than a decade. There will always be false positives, and there will always be stuff that hasn't been tested, thought about, and so forth.

    Of course, now, after this incident, they'll add a unittest to make sure that this exact thing doesn't happen again, and maybe add some for other music services. But hey - this is NOT something that should be thought of as wrong, foolish or whatever. These things *happen*.

    Anti-virus software has signatures, heuristics, and so forth. It'll be wrong from time to time. It's actually just business as usual.

    So, why is this news?

    • by nate_in_ME ( 1281156 ) <me@[ ]esmith.me ['nat' in gap]> on Saturday July 25, 2009 @07:42PM (#28823119)
      If you read through the discussion on the Apple forums, you will probably be(I know I was) surprised at how many people uninstalled iTunes out of fear of it being infected. Of course, there were just as many that uninstalled AVG in order to keep their iTunes work.

      So, while those of us here may know all about how common false positives, etc. are with AV software, reading through the now 20+ pages on Apple's site shows that the majority of iTunes users don't have the knowledge that we do.

    • It's news because it horribly breaks iTunes, and (last I heard) causes re-installation to fail.

      Of course, that's only if you believe iTunes isn't horribly broken to start with ;-)

  • causing a minor annoyance to users wouldn't do anything for Palm, so why would they bother? It's probably some poor detection on the part of AVG.
    • by 56 ( 527333 )
      Oh, so that WOULDN'T be effective, then? Gee whiz! ps, I'm pretty sure the 'palm shares' remark was sarcastic.
  • No Surprise (Score:4, Funny)

    by TheRealMindChild ( 743925 ) on Saturday July 25, 2009 @07:40PM (#28823097) Homepage Journal
    AVG does not have any information on this particular virus in their virus encyclopedia

    That is the case for ~99% of the viruses in their "encyclopedia".
    • Re: (Score:2, Informative)

      I have never located any information in their "virus encyclopedia" for any virus flagged on my machine. It is totally useless.
  • Anti-virus programs have false positives all the time over stupid shit.

    1 - Inherently, an anti-virus can only scan against a database of known problems. New problems won't be detected.
    2 - It has been demonstrated that it is VERY easy to spoof detection.
    3 - AVG did far worse recently when the firewall portion of their full internet security suite installed drivers for each network connection you had. Said drivers would cause Windows to BSOD. The only solution was to uninstall AVG. I assume that would be a bi

    • 1 - Inherently, an anti-virus can only scan against a database of known problems. New problems won't be detected.

      Most anti viruses have had behavior based virus protection for years. Even AVG has it these days.

  • by 13th seer ( 33836 ) on Saturday July 25, 2009 @07:47PM (#28823153)

    AVG turned to fucking donkey shit after 7.5. it blows my mind people still use it. the company treats their end users like idiots, their software behaves like the malware it claims to rid your system of, and eats up a shitton of resources to boot

    yet it still seems to be one of the most popular free scanners, if not the most. I don't get it

    it's hard to find a decent free antivirus that doesn't nag or suck these days. iirc Avira had nag screens, and a ridiculous amount of false positives. the least crap one I've used seems to be avast!. it seems to detect a decent amount of viruses, keeps out of the way, and and doesn't eat up a lot of resources

    • by Solr_Flare ( 844465 ) on Saturday July 25, 2009 @09:38PM (#28823729)
      It's part of the natural life cycle of anti-virus software. Anti-virus software gets really good -> geeks and techies jump on the bandwagon -> they spread this to their non-techie friends -> AV software gets bloated/crappy over time -> geeks abandon it slowly over time -> regular consumers continue to use it forever until a geek comes along to force them to use the current hotness.
    • yet it still seems to be one of the most popular free scanners, if not the most. I don't get it

      I think you answered your own question.

    • Many people don't want to pay for their virus scanner. There really isn't so much out there in the way of good, no cost virus scanners. The ones that are good, well the companies that make them know they are good and thus charge for them. NOD32 is excellent, and ESET seems to be aware of this fact. Thus there's a trial but no free version, and the full version isn't super cheap. Their produce is quality, they want money for it.

      As long as there are plenty of people who want a free virus scanner, they'll be a

    • Every AV is donkey shit. AVG happens to be the only free one.

      • It's not the only free one, but the other free ones aren't much better.

        Watch out for Microsoft Security Essentials (Morro).

        It's a drop-in replacement for Windows Defender on Vista and Win 7, and it's basically Windows Defender with realtime antivirus. Lightweight too, it's using 56 MB on my system right now. That sounds like a lot, but come on, we're in the days of 2GB RAM as a minimum.

        • The thing is i'm not going to use a beta or even freshly released version of windows and even if vista's problems have been mostly overcome by better hardware and service packs now as some people claim I don't particularlly feel like learning the quirks of a version that hardly anywhere uses. Nor do I like the fact that there is no version that does not require either activation or a code in the bios.

          So for the next couple of years at least i'm going to be staying on XP for any machines that need to run win

          • Windows 7 rocks, as much as any version of Windows can.

            But great spaghetti gods, Ubuntu Jaunty boots in 30 seconds on my laptop, and if I can just get the frickin' sound to work... the modules are THERE, but ALSA is broken in Jaunty. It worked in Intrepid, and it works in Karmic alpha 3, but so much else is borked in Karmic... way to go, guys.

            I need to stay on Windows for one reason on my big box: DVRing ClearQAM+analog from a STB.

            My friend runs MythTV, and it's just not as solid as Media Center. Especiall

    • Re: (Score:3, Informative)

      by Jeff DeMaagd ( 2015 )

      The problem is that there is momentum. Finding a trustworthy AV program on your own takes some savvy, because there are a lot of shady operators that spam the google index with shady products. They might look legitimate, but a tech savvy person, they might stumble across a trap.

      Personally, I thought Avast was kind of annoying. Except for 8.0, I really haven't had much trouble with AVG. It was with 8.0 that I tried some others, AVG 8.5 seems to work just fine now.

    • This is why: http://www.google.com.sg/search?q=free+antivirus [google.com.sg]
      I remember first running across AVG through google search too.

  • Maybe it rightfully flags DRM files. Maybe they also include a rootkit. At least it would make sense to me, if their heuristic would detect sneaky encrypted files looking like normal music files.

  • by kms_one ( 1272174 ) on Saturday July 25, 2009 @08:03PM (#28823235)
    My antivirus is Avastly superior to AVG, but I don't use iTunes anyway. Sansa ftw.
  • Trust Issues? (Score:2, Informative)

    I took it upon myself to drop them (AVG) a quick note telling them that I was hard pressed to pay/trust my welfare to a company that did not know what its own viruses were. And then I discovered that they really did not want to talk to or hear from me. It took me almost 10 minutes to find a form I could actually successfully type something into (Try it yourself!). And to do so I had to choose some very odd options from the dropdowns as they had NOTHING related to simply giving them feedback or "Other".
  • by kbahey ( 102895 ) on Saturday July 25, 2009 @09:39PM (#28823735) Homepage

    False positive from a DLL? That is nothing ...

    How about TrendMicro giving a false positive [baheyeldin.com] on a valid PHP plain text file that is part of Drupal [drupal.org]!

    • by Val314 ( 219766 )

      Our virus scanner at work once decided that *all* .vbs and .xml files are bad and deleted them as soon as the were accessed.

  • The problem of misidentification will continue to grow as the number of unique malware items are identified. It is getting to the point that software publishers need to start submitting information about their official published versions to AV projects to avoid misidentification. Such information would include size, checksum + md5sum + sha1sum or something along those lines. In this way operating system files and commonly used software could avoid misidentification I think.

  • Damn! (Score:3, Funny)

    by rueger ( 210566 ) on Saturday July 25, 2009 @10:32PM (#28824033) Homepage
    I always knew that I liked AVG, but this is just the coolest! iTunes really is rather virus like.
  • http://forums.avg.com/ww.avg-free-forum?sec=thread&act=show&id=7965#post_7965 [avg.com]

    Confirmed false positive, corrected in next update.

    I can't wait for the OSX version of AVG! :)

  • One is program that slows down your computer, takes up RAM and disk space, erases files, and generally ends up costing you quite a bit of money and time.

    The other is a program that reproduces automatically.

    • Antivirus programs don't actually do much anyway other than provide that warm, fuzzy feeling. If you run without administrator privileges and keep your machine updated, there's really no need for one.

Technology is dominated by those who manage what they do not understand.

Working...