Many of our readers wrote telling that AVG AntiVirus Update 270.9.0/1777 caused serious problems with their Windows XP systems, deleting the User32.dll (false-positive issue) which prevented Windows XP from starting. AVG has documented this problem in their support pages immediately, and also released a definition update which does not has this problem.

They’ve also released a fix-it tool that can restore the quarantined User32.dll in the affected computers. If the file User32.dll is not available in the quarantined location (AVG Vault), then this tool gets a copy of the file from DllCache folder and places it in the System32 folder. This utility can be used if you don’t have a Windows XP CD and if the Windows XP Recovery Console is not installed in the system.

After restoring the User32.dll file, the tool disables AVG Resident Shield monitoring by renaming the corresponding executable files so that the problem does not surface again upon next boot. The user is supposed to update AVG virus definitions, rename the modules back and then restart the computer.

REF: AVG FAQ 1575: False positive "user32.dll" – fix tool.

We have prepared an utility which can fix the issue mentioned above. You can use the following boot media: either CD-ROM or USB flash drive. If you decide to use CD-ROM, please follow the instructions in part A), in case of USB flash drive follow the steps in part B). When finished it is necessary (in both cases) to follow additional instructions described in part C).

I created the boot CD and used it in my clients systems successfully to restore the user32.dll file. Here is a detailed write-up on the same.

Creating and Using the Bootable CD

From another computer running Windows XP/Vista/2003, perform the following steps to create the AVG User32.dll Fix – Boot CD.

1. Download bootcd_en.iso (~9 MB) from AVG Website

2. Download ISO Recorder PowerToy and install it.

3. Right-click bootcd_en.iso file and choose Copy image to CD

4. Follow the instructions and create a bootable CD.

5. Insert the CD into the CD-ROM drive of the affected computer and restart the computer. If it does not boot up from the CD, you may have to set the boot order (CD drive as the first boot device) in the BIOS setup.

6. Press ENTER when you see the following screen:

As you see, the tool tries to restore the quarantined file (user32.dll) from the AVG Vault folder. If it’s missing, then the DllCache folder is used as the source.

Update AVG and Re-activate the Resident Shield

Remove the boot CD and restart the computer. You should be able to start Windows XP now, with the Resident Shield disabled. The Update feature works fine though.

Right-click on the AVG icon in the Notification area and choose Update now. Follow the instructions and install the update.

Open the "C:\Program Files\AVG\AVG8" folder using Windows Explorer. Rename avgrsx.exe_off to avgrsx.exe & avgsched.dll_off to avgsched.dll.

Restart Windows so that the AVG Resident Shield starts working.

Related Posts

• Add “Lock Workstation” Command to the Windows XP Start Menu
• How to Restore .BKF Files Using NTBackup in Windows 7 and Windows Vista
• How to Restore .BKF Images Using Windows NT Backup Restore Utility for Windows 7
• Scan for Affected Programs – New System Restore Feature in Windows 7
• How to Change the Disk Space Allotted to System Restore in Windows 7

If you enjoyed this post, make sure you subscribe to our RSS feed! We feature Tips, Troubleshooting information, Scripts and Utilities for Microsoft Windows Operating Systems!

Prefer an E-mail subscription?

Enter your email address:

Delivered by FeedBurner