Grisoft AVG Antivirus 7.5 on Windows XP False Positive that HURTS



This looks like a REALLY bad false positive. It appears that AVG 7.5 for a short period of time detected user32.dll as a trojan horse. (trojan horse psw banker4). It looks as though update to the virus database VDB 270.9.0/1778 fixes the problem.

Unfortunately if you have been bitten by this, you’ll need to boot into a Rescue or Repair Console and do the following (from the Link above)…

Fix

When AVG have performed the same action on your PC, cleaning/removing user32.dll, reboot your PC with the Windows XP CD, hit in the upcoming menu the “R” on your keyboard, hit “1″, hit “enter”, answer password question with “enter” on your keyboard, after that you get the command prompt c:windows>
Type behind that prompt copy c:windows$NTuninstallKB925902$user32.dll c:windowssystem32 and hit “enter” on your keyboard.

According to this story it affects both AVG 7.5 and 8…. there are several “you get what you pay for” kind of comments over there, but there are a lot of people that pay for AVG – it’s not JUST a free scanner. For that matter I seem to recall Symantec flagging a system file as a virus not too many years ago. That’s part of the problem with antivirus – it works at a system level, many of the recent releases not only do on-access scanning (scan something when you try to load or run it) but they also do the forced daily search of EVERYTHING… which does increase the odds that a false positive will bite you.

Related Posts

Blog Traffic Exchange Related Posts
  • HP Vista CLFS.SYS error I've had a fun time this week dealing with a STRANGE Vista problem on an HP computer (I doubt it's HP specific, but don't know for certain.) The error goes like this... "A problem has been detected and Windows has been shut down to prevent damage to your computer." "CLFS.sys"......
  • Remote Tech Support using VNC (Ultravnc SC and x11vnc+wrapper script) Ok, some time back I'd done a writeup on UltraVNC SC, which is a nice customizable (windows version) VNC server that essentially let's someone doing remote support build their own downloadable .exe that runs and automatically tries to make a direct connection to a "listening" vnc viewer. It's good for......
  • Windows XP lost administrators password Some time ago, I've talked about chntpasswd as a great utility for when you're locked out of a Windows 2000 or XP installation because you've either forgotten (or weren't informed) of the valid password to get in. It turns out there is a different approach... well yes, you could format......
Blog Traffic Exchange Related Websites
  • Obamacare Page 838 We've seen the health care bill page 58 and other sorts of controversies around the health care reform. Now, another page is on fire as being a dirty secret of this reform. It is called the Obamacare page 838 secret. Well what does this particular page tell us? This......
  • Golf Ball Glossary Continued Here is a continuation on the golf term glossary that we have been working on for a little while now. Divot - This is a piece of the turf that has been cut out with the club head during a shot. The golfer that creates the divot is obligated to......
  • My Take on Windows Vista When I bought my laptop (my first and only laptop by the way...), it came pre-installed with Windows Vista Home Premium. And being a Windows user all my life, I had my qualms and doubts. You probably know of BSOD (blue screen of death) and the many viruses directed at......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site