Yesterday the AVG virus scanner accidentally marked User32.dll as a virus.

Since this is a critical windows component, it has caused many machines not to boot. Two of our XP machines experienced the issue here, but it has not seemed to have bothered our Vista installs.

This happened because their scanner contained an incorrect virus signature that led it to think that user32.dll contained the Trojan Horse PSW.Banker4.APSA. AVG then prompted to delete the file (Heal). Luckily we did not do that

If you are running AVG, and you deleted the file, you will need to run system recovery or boot from a CD like BartsPE and restore it from c:\windows\system32\dllcache

Within a few hours AVG updated their signatures, and it no longer has the incorrect entry.

Like this article? Then sign up for my newsletter to get free tips and software sent right to your inbox once a week. Like you, I hate spam – I will never spam, or sell your email address.