Alert: If you use AVG Antivirus, User32.DLL may have been removed from your system!

I've encouraged the use of AVG antirus in the past but I guess no antivirus program is perfect. I guess that Saturday's November 8th update falsely marked a critical Microsoft file user32.dll as a virus and deleted it which caused many systems running Windows XP to crash and blue screen. AVG gives instructions on it's site how to recover the file.
http://freeforum.avg.com/read.php?7,155461#msg-155501

Here is some text from the thread:
Many PC's crashed after todays's update of AVG. The update destines user32.dll as a virus: PSW. banker4.APSA.
Valid for Win XP SP2 and SP3 with AVG7.5 and AVG 8.
This is not a virus, but an essential part of your windows programme.

prevention:
before you start up your PC, unplug the internet cable. Boot your PC and disable in your firewall the access to internet for the AVG update manager. Reconnect the internet cable. In this way your PC stays safe from the maliceous AVG update.

solution:
if you happen to believe the AVG programme (like I did) when it shows you the virus alert, and have choosen "heal"or quarantine""your PC will no longer restart. It shows a blue screen at start up and tells you it cannot find winsvr, error c0000135. System recovery has no effect. Don't panic (like I did) but:

-restart your PC in safe mode (press F8 during windows start up)
-open the AVG control centre by clicking the logo or via start-programs-AVG
-go to the virus vault, select user32.dll and click restore.
-empty the virus vault
-close AVG
-now unistall the whole AVG program: start-programs-AVG-uninstall
-reboot the PC and it is fine.

Wait with installing a new version of AVG until they releas a good version. In the mean time, use a different virus scanner.

The faulty AVG update was released 8 nov around 2200 GMT apparently, looking at various fora. It impacted many PC's around the world in the mean time. This is actually worse than a virus itself.
It also effects the paid-for Pro versions, so wondering what will happen on Monday morning in many businesses.....

As I just spent many hours tackling this issue and found help in many internet fora, I thought it would be apprpriate to post a solution here. For those that experience the same issue, I hope you will find it usefull.

With best regards,
Richard.

and from AVG Support
Richard, Email confirmation reply from AVG Technologies Support....

thank you for your email.

Unfortunately, the previous virus database might have detected the
mentioned virus on legitimate files. We can confirm that it was a
false alarm. We have immediately released a new virus update
(270.9.0/1778) that removes the false positive detection on this file.
Please update your AVG and check your files again.

The system can be restored by following the steps in one of the
comments on forum (using safe mode or recovery console and copying
c:\windows\system32\dllcache\user32.dll into the right location)

If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.

We are sorry for the inconvenience and thank you for your help.
Best regards,
Zbynek Paulen
AVG Technical Support
There is also a false positive user32.dll dropdown at: http://www.avg.com/support

These are the directions that AVG gives to recover your system...
In case you are not able to run your Windows XP operating system after AVG virus definition update, it may be caused by a false positive on a specific "user32.dll" system file. The file was moved to the AVG Virus Vault and deleted. Therefore it is not possible to start Windows. Please follow the steps below to rectify this situation:1. Please insert the Windows XP installation CD and boot computer from this CD.
2. Choose and run Recovery Console.
3. Choose Windows operating system you want to repair.
4. Disable AVG Resident Shield from loading. You can disable loading services/drivers with "disable" command, i.e. you have to type the following commands (some
of them might not be present in all AVG editions):
disable avgMfx86disable avgMfa86disable avgldx86disable avglda86
5. Restore the User32.dll file from the Windows XP installation CD (instead "D:" use letter of your CD-ROM drive):
expand D:\i386\user32.dl_ c:\windows\system32\
In case the command fails, please use the following command to rename original user32.dll and repeat the command above.
ren user32.dll user32.bak
6. Restart computer and boot Windows normally.
7. In order to re-enable the AVG Resident Shield services we recommend that you perform the AVG repair installation as follows:

- Download the latest AVG installation package from the following webpage and save it on your hard disk:

http://www.avg.com/download?prd=aav(AVG Anti-Virus 8.0)http://www.avg.com/download?prd=ais(AVG Internet Security 8.0)
http://www.avg.com/download?prd=avf(AVG Anti-Virus plus Firewall 8.0)

- When you are prompted, please do not open this file directly from the internet, but click the Save button and choose a location, where the installation
file should be stored. We recommend saving the file to the Desktop.- Restart your computer.- Locate the downloaded AVG installation file (it has a four color square icon and its name starts with AVG_...) and launch the installation by
double-clicking on it.- Follow the installation wizard.- When prompted, please select the Repair installation option.- Enter your license number when you are asked (we recommend that you use the copy&paste* method to enter this license number into the installation form).- Restart your computer and update AVG.