AVG anti-virus mistakenly tags system file

— 6:00 AM on November 11, 2008

Generally speaking, anti-virus software contributes to keeping PCs up and running smoothly. Occasionally, however, things don't quite go as planned. As the Security and the Net blog reports, a recent definition update for the popular AVG Free 7.5 and 8.0 anti-virus apps mistakenly tagged a Windows system file and told users to delete it:

An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue.

According to this post on the official forums, AVG has acknowledged the problem and "immediately" posted a new definition update without the false positive. If it's already too late for you, the post suggests either booting in safe mode or using the Windows XP installation CD's recovery console to copy user32.dll from C:\Windows\System32\dllcache to C:\Windows\System32.

Like what we're doing? Pay what you want to support TR and get nifty extra features.
Top contributors
1. BIF - $340 2. Ryu Connor - $250 3. mbutrovich - $250
4. YetAnotherGeek2 - $200 5. End User - $150 6. Captain Ned - $100
7. Anonymous Gerbil - $100 8. Bill Door - $100 9. ericfulmer - $100
10. dkanter - $100
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.