An update of the popular anti-virus software program AVG let a false positive slip through quality control which caused widespread panic on the Internet by desperate AVG users looking for help. The update detected a virus, more precisely Trojan Horse PSW.BANKER4.APSA, in the important system file user32.dll in Windows XP. User32.dll allows programs to implement a graphical user interface and is considered a core component of the Windows XP operating system.
Users who followed the advice of the AVG software program were greeted with a Blue Screen of Death as soon as they clicked on the Heal button to remove the virus. Any attempts to boot the system afterwards failed because of the missing file. AVG was quick to react and released another update that corrected the issue.
This does not help those users who already cleaned the file in Windows. Here is the official information on how to fix the system for those users:
The system can be restored by following the steps in one of the comments on forum (using safe mode or recovery console and copying c:\windows\system32\dllcache\user32.dll into the right location)If you need to restore deleted files from AVG Virus Vault you can do it this way:
- Open AVG user interface.
- Choose “Virus Vault” option from the “History” menu.
- Locate the file that was incorrectly removed and select it (one click).
- Click on the “Restore” button.
A possibility would have been to cross-check the detected virus with another anti-virus software or an online virus scanner to be sure that it is indeed infected before deleting the file.
Related posts:
Test your Anti-virus programDisable Automatic Virus Scanning in Firefox 3
Computer Virus Effect Remover
Computer Virus Effect Remover
Anti Virus Software Removal Tools Overview
KlamAV: Outstanding KDE front-end for Linux anti-virus
Free Kaspersky Anti-Virus for 1 year
Online Virus Scan
25 Responses to “AVG 8 Update Marked User32.dll As Virus Infected”
Trackbacks/Pingbacks
-
[...] Fuente: Ghacks [...]
-
[...] 2: According to comments at ghacks, users of AVG version 7.5 might have an easier alternative: reboot in safe mode and disable the [...]
-
[...] fonte del post potrebbe essere questo articolo di gHacks ma in realtà prima citerei: il notebook della mia ragazza, il notebook di mia sorella, il notebook [...]
-
[...] system running again by booting into Safe Mode and updating to AVG 8.0 while in Save Mode. See the ghacks site for [...]
-
[...] veids kā glābt situāciju, ja spiedāt pogu ārstēt. The system can be restored by following the steps in one of the [...]
-
[...] AVG 8 Update Marked User32.dll As Virus Infected (gHacks) [...]
-
[...] Antivirus hace poco detectaba un archivo del sistema como “Troyano Generic9.TBN“, cuando los usuarios [...]
-
[...] AVG 8 Update Marked User32.dll As Virus Infected [...]
-
[...] Via ghacks [...]
-
[...] Vía: fayerwayer | Link: AVG 8 Update Marked User32.dll As Virus Infected [...]
-
[...] ofrecerá a los usuarios que se vieron afectados la semana pasada por el error en la actualización de su antivirus AVG un año de licencia comercial [...]
My girlfriend had something like this yesterday with AVG. I guess it’s the same issue. The software didn’t even ask her anything, tried to clean a file and… BSOD. At boot, it says that it can’t find winsrv and won’t boot without it.
I’ll have to find my PE DVD to recover the machine…
In fact, she was still using version 7.5 of AVG. user32.dll was still there along with winsrv but apparently, AVG prevented access to it somehow. The solution was to start in safe mode, uninstall AVG, reboot in normal mode (it worked) and reinstall a newer anti-virus (AVG 8.0 or other).
AVG 8 fails hard. First blue screens now this.
THANK YOU!
i wondered why my computer ran like shit after i did a virus scan, thanks
I haven’t seen a virus try to get into my system in 10 years (since I brought home a floppy disk containing a corrupted Word file from the company I was working for).
That being said, I would never let an AV program try to “heal” a system file.
Instead, I would look for a replacement for the file and do the switch from the recovery console.
Day of panic with this AVG prank. And their instructions on how to recover were useless. I had done that already by the time I got to their warning and nada, niente, kaput.
Destroyed my User32.DLL, but when I replaced that, got a problem with winsrv, and when I fixed that I got a prob with ntdll.dll, and there it hit a wall, since replacing that file did not help. It just keeps on not finding it. Since I am one of those poor sods who only have a ghost installation CD that deletes everything on the partition, I borrowed a XP cd, but it did not allow repair either, so in the end, brushed up my DOS skills copying everything I could to my other partition through a recovery console and went back to manufacturers’ settings. So, another day lost trying to remember all of the settings and tools I had, and finding registration keys.
After years of AVG I’m moving to Avast or Antivir.
Please don’t despair yourselves.
The only think you need to do is get a winxp cd (home edition or professional depends on the version you are using).
Start the computer from that cd, let the winxp setup run until you get the second R option, chose that option and reinstall xp over. Obviously you need a valid winxp cd key.
That is the best safe way to get your winxp back with all of your files and programs without problems.
Since from yesterday, I already need to do this in more than a dozen of computers with xp and the “old” 7.5 AVG version.
Hey guys,maybe you should start using Linux more often so stuff like this won’t happen to you.
How to escape/remove from MMBplayer/press.exe virus?
How to escape/remove from Press.exe virus?
my avg scand my computer on the c:\ and d:\ And Erased All my files i don’t have windows anymore thanks avg, vista and xp gone don’t have a vista disc and i need vista
if you have problem with AVG, i think the best and easiest way to solve it is to uninstall it, and reinstall a new one- instead of searching the net for answers.
I have AVG on the laptop, but AVAST on the desktop & AVAST is the one that alerted. I moved & deleted & now have the blue screen.
hey. any one know how 2 fix AVG. i have tried and the update will not work. i try going to the web site and it gose dnd erro. Help PLZ
until cares enough about Linux to hack it