AVG False / Positive

Yesterday they asked me to fix 3 computers that had all the same symptoms. The computers immediatly rebooted after start at the point where the startup screen normally dissapears.

Crash report: missing ‘winsrv.dll’

Seem it isn’t really the virus that is making the computer go banana but an update of AVG 7.5
AVG is calling a false positive on either user32.dll, winsrv.dll or gdi32.dll, putting it in the vault and causes windows boot to fail.

The solution in my case was booting in safe mode, removing AVG completly and rebooting. After that you can install AVG 8.0 without any problem.

If this doesn’t work, it’s possible you will have to copy one or more files back to their original place:

copy c:\windows\system32\dllcache\user32.dll c:\windows\system32\user32.dll < enter >
copy c:\windows\system32\dllcache\winsrv.dll c:\windows\system32 < enter >
copy c:\windows\system32\dllcache\gdi32.dll c:\windows\system32 < enter >

These commands can be performed by booting in repair mode.

Shame this must happen with a well known and used virusscanner.