AVG Asks Users to Delete User32.dll

Earlier this week, users of AVG’s virus scanner accidentally got asked to ‘remove’ user32.dll, a core system file for the Windows operating system – by mistake of course.

AVG mistakenly thought that user32.dll contained one of two Trojan horses – PSW.Banker4.APSA or Generic9TBN. Users were instructed to delete the file. The action of deleting this file caused systems to go into an endless boot loop, leaving users unable to boot into Windows fully.

The solution to the issue was to boot from your retail or OEM supplied operating system disc and either run a repair, or use the recovery console (for the more tech savy). Some users were not so lucky if they didn’t receive an operating system disk, rather they had the emergency restore feature – which in most cases causes the users to lose everything stored on their system after a re-imaging of the hard drive.

AVG anti-virus is one of the most popular protection software suites as there is a free version for home use, and it has been around for a very long time with a rather good reputation. However, this is not the first time AVG has had issues with ‘user32.dll’. Around a year ago, AVG was alerting its users that ‘user32.dll’ (among other core system files) has ‘changed’. Nothing serious by all means, but it definitely alerted some users. Some users even removed it out of fear of infection.

False positives in the anti-virus world are not uncommon, and they happen from time to time with every protection suite available, free or not. Some packages will flag certain files or processes as potentially dangerous, while others will not see anything out of the ordinary.

AVG claims it has fixed the current user32.dll problem and have apologized for the mishap on the AVG User Forums.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
  • megamanx00
    Heh, noobs ^_^
  • resonance451
    Anti-Virus programs screw with you the same way viruses do. Thank god at least this one's free. Norton is by far one of the biggest scams, and everybody seems okay with that.
  • zenmaster
    The funniest gaffe I recall from two years ago was a 1-2 bug punch.

    I don't recall the vendor, but one of their updates did two things...

    #1 - Flagged All Office Documents as Infected.
    #2 - Instead of moving any infected documents to the quarentine folder, it just deleted them.

    It was real nasty because it was a Corp Edition type that ran on File Servers.