AVG anti-virus recently released an update to their virus definitions file which incorrectly detected a critical Windows file as being a Trojan horse program.

Both AVG 7.5 and 8.0 (free versions and pay versions) incorrectly identified “user32.dll” as being a malicious Trojan program called PSW.Banker4.APSA (according to their forum post).

AVG Forum Post

Depending on the configuration settings chosen for AVG, the detection could result in the removal of user32.dll and the inability to reboot the PC.  User32.dll is a critical file which allows for API calls to the Windows Graphical User Interface.  If the file is missing during  boot, the computer will Blue Screen.

We get the following from Computer World’s report:

AVG released a follow-up signature update to correct the problem, but that solution only worked if the user had not turned off his PC, or rebooted it, after installing the buggy update and then deleting user32.dll.

AVG’s support website has some details on how to recover user32.dll in their support section.