AVG antivirus falsely accuses critical Windows file of virality

Share

avg-antivirus.jpgI’ve been a long-time fan of AVG Free Antivirus, until recently when I had to swap to Avast because it worked with Vista 64, and AVG didn’t. That said, with free antivirus software you’re always running the risk of ‘getting what you paid for’ and experiencing a show-stopping bug.

Well, AVG’s show-stopping moment occurred on Sunday. It somehow got it into its head that user32.dll – a critical Windows file that lets users interact with programs – contained one of two Trojan Horses – PSW.Banker4.APSA or Generic9TBN. AVG, hilariously, recommended deleting the file, which would cause a system to either fail to boot, or get stuck in a continuous reboot cycle.

AVG 7.5 and 8.0 were affected, and AVG swiftly pushed out an update that fixed things, but many users were left staring at ‘broken’ computers. The AVG team has responded in their forum and in their FAQ, listed under “False positive user32.dll”, is some advice on how to use the virtual console to fix things. Most people can just stick in their original Windows disc, however, and choose ‘repair’.

If you didn’t get caught by the bug, and you’re running AVG, then make sure you’ve got the very latest version before running scans. Also, if a program is ever asking you to delete any system files, it’s always worth checking Google first to see what the file does.

AVG Free (via Security and the Net)

Related posts: Microsoft on viruses and malware: It’s not our fault, guv. | “Norton, we have a problem”: Virus on-board the ISS.

Duncan Geere

9 comments

Comments are closed.