AVG update deletes critical Windows file

Many users of AVG 7.5 and AVG 8.0 reported seeing a warning that the Windows system file 'user32.dll' was infected with the PSW.Banker4.APSA or Generic9TBN Trojans, with a recommendation that the file be moved to the program's vault and deleted.

However, this rendered the PC useless as it could no longer boot without the system file.

The problem only affects users of the Dutch, French, Italian, Portuguese, and Spanish language versions of Windows XP, AVG said in a statement released late today.

After a slew of complaints and queries on AVG's forums, some users began offering step-by-step guides to getting PCs up and running again by booting from the Windows install disk and replacing the lost file.

AVG has since admitted that the detection was a false positive. "Unfortunately, the previous virus database might have detected the mentioned virus on legitimate files. We can confirm that it was a false alarm," said a company spokesman.

The antivirus firm has published a workaround under Hot Topics 1574 False Positive user32.dll to help those affected get back to normal. It has also released another update to correct the problem.

"We have immediately released a new virus update (270.9.0/1778) that removes the false positive detection on this file. Please update your AVG and check your files again," said the spokesman.

AVG has over 80 million users around the world, and is hugely popular thanks largely to the free version of its software.

The problem only affects users of the Dutch, French, Italian, Portuguese, and Spanish language versions of Windows XP, according to AVG's Australian spokesperson.

Copyright ©v3.co.uk

avgfalsefilepositivesecurityupdatewindows