[WARNING] AVG ~ incorrect id of malware thats actually a crucial system file

Discussion in 'Software' started by DavidGP, Nov 11, 2008.

  1. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Wouldnt normally post in Software this but many users do like AVG as its a good free and paid for antivirus, but it seems yesterdays definition file mis-identifies user32.dll which is a crucial system file.

    SO PLEASE if you get a warning that this one is malware in the form of Trojan Horses PSW.Banker4.APSA or Generic9TBN dont delete out of hand, as the real file is in the C:\windows\system32 folder.


    More info here http://securityandthe.net/2008/11/10/avg-virus-scanner-removes-critical-windows-file/

    I personally as the article above says change your AVG to another as its just a hiccup in the definitions that cause a false positive, that will be retified if not already with a new virus definition database, so do run update on your AVG then check files.

    Just a heads up if by accident some may post that they had this virus or deleted the user32.dll file as the fix is posted in that article above.
     
    DavidGP, Nov 11, 2008
    #1
  2. oma

    oma MajorGeek

    Thank you Halo!! Additional update (4) to this warning:

    "AMSTERDAM, Netherlands, Nov. 11 /PRNewswire/ — AVG is actively working to remedy the problem some users are experiencing related to the most recent update to commercial and free versions of AVG 7.5 and AVG 8.0 in some languages. A number of users who installed the update mistakenly received a warning that the Windows system file user32.dll product version 5.1.2600.3099 was infected with a Trojan virus and were prompted to delete a file essential to the operation of Windows XP.

    The problem only affects users of the Dutch, French, Italian, Portuguese, and Spanish language versions of Windows XP."

    http://securityandthe.net/2008/11/10/avg-virus-scanner-removes-critical-windows-file/

    Therefore it seems that other languages were not affected. I didn't get into trouble here....yet. (English) :)
     
    Last edited: Nov 11, 2008
    oma, Nov 11, 2008
    #2
  3. oma

    oma MajorGeek

    Bet you, what a relief!! Something wasn't right though because I never had any problems this week. That's why when I looked up the info on the website that Halo gave us, I scrolled down a bit and saw the update 4. It must have been updated just recently.

    Poor souls in Europe and Latin America and everyone else in other countries who uses the affected languages. I've got some relatives overseas that use AVG and guess they are affected by it. :(
     
    oma, Nov 11, 2008
    #3
  4. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Yes seems this one is moving fast and being retified as we speak, just an update if anyone is affected by this and has deleted the file in question AVG have posted a small app to fix this with instructions here http://www.avg.com/faq.num-1575 (line 1575)
     
    DavidGP, Nov 12, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds