The Windows file user32.dll is not malware. However, in an AVG antivirus update issued on Sunday, it was wrongly identified as the banking Trojan PSW.Banker4.APSA, according to ZDNet.
Those who followed the recommendation and deleted the file discovered that they either could not boot up their machines or they continually rebooted. Unsurprisingly, that left the forums filled with people seeking advice.
Later the same day the company issued another update which corrected the error.
On its support pages, AVG advised those who could still run their computers to download a utility to delete the update files then download the newer update. For those who couldn’t boot up, the option was to use the XP recovery console on their installation disc, disable AVG, and restore the user32.dll file.
On the AVG free forum, Zbynek Paulen of AVG Technical Support wrote:
"Unfortunately, the previous virus database might have detected the mentioned virus on legitimate files. We can confirm that it was a false alarm. We are sorry for the inconvenience and thank you for your help."
Editors' Recommendations
- Common iOS 11 problems and advice on how to handle them
- Slingshot malware that attacks routers may be state-sponsored espionage tool
- How to remove Android malware from your phone or tablet
- Pixel 2 and Pixel 2 XL problems, and what to do about them
- Not on my watch: How to fix the most annoying Apple Watch problems