Avira anti-virus labels itself as spyware
Avira anti-virus detected components of its own application as potentially malign on Wednesday following a dodgy signature update.
Avira detected its own AESCRIPT.DLL library file as the previously obscure "TR/Spy.463227" strain of malware.
The dodgy AntiVir virus definition file was quickly pulled and replaced with a new version – 220.127.116.11 – that resolves the problem, as explained in an official post on Avira's support forum here.
Avira's own stats suggest 4,000 to 5,000 rogue detections, suggesting that the problem was caught before it affected the vast majority of the user base of the freebie security scanner software, which has a user base of million. This is just as well because users hit by the false detection would have been left with hobbled systems.
False positives involving anti-virus software are all too common. Normally these involve application files or, more damagingly, Windows components. Avira's auto-immune false detection is worse still, but not unprecedented. CA had similar problems two years ago, for example. ®