AVG Update Labeled Windows File As Trojan

SecurityProNews
Staff Writer
2008-11-11

File this one under super embarrassing: Some users of the latest two versions of AVG's free virus scanner ended up with a computer in eternal boot mode. The antivirus software had falsely identified a critical Windows XP file as a Trojan virus.

AVG Update Labeled Windows File As Trojan

And when you remove that, see, Windows doesn't work anymore.

Alarms went up soon after the release of an update to AVG 7.5 and 8.0, when forum posters reported an incorrect virus signature identifying Windows XP file user32.dll as containing Trojans PSW.Banker4.APSA or Generic9TBN. AVG recommended deleting this file, which is a really, really bad recommendation.

Fortunately English speakers, the problem only affected users of the Dutch, French, Italian, Portuguese, and Spanish language versions of Windows XP.

AVG was pretty quick about addressing the problem, even though it was the middle of the night in Amsterdam, so kudos to them on that. The company confirmed it was a false positive and offered instructions for how to fix the problem from safe mode or recovery console. Soon after that, they issued this press release:

AVG is actively working to remedy the problem some users are experiencing related to the most recent update to commercial and free versions of AVG 7.5 and AVG 8.0 in some languages. A number of users who installed the update mistakenly received a warning that the Windows system file user32.dll product version 5.1.2600.3099 was infected with a Trojan virus and were prompted to delete a file essential to the operation of Windows XP.

The problem only affects users of the Dutch, French, Italian, Portuguese, and Spanish language versions of Windows XP.

AVG is taking these steps to assist users in remedying the problem:

- Immediate release of a new update to correct the problem.
- Creation of a specific informational section on the AVG website that enables users to resolve the problem.
Affected users should follow the weblinks below for further information and to download the fix tool:
(1) http://www.avg.com/support/HotTopics1574 FalsePositiveuser32.dll
(2) http://www.avg.com/support/HotTopics1574 FalsePositiveuser32.dll - fix tool

Affected users unable to use their PCs should contact their AVG reseller or ask a friend to download the information and fix tool for them. After running the fix tool, users should run the AVG update program to download and install the correct AVG update.

AVG sincerely regrets the inconvenience users have experienced. We are working to remedy the problem and ensure that any other potential vulnerabilities are identified and eliminated before they can impact users.

About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More insider_reports_insider Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials