G
Guest
I shall explain step wise how things occurred:
1. Firstly installed Win Xp SP2 using a CD. (Fresh clean install)
2. Than installed AVG 7.1 & did a pre windows update scan, both the system
areas & whole machine. System was clean & system files ok.
3. Connected to the internet to auto update windows.
4. After downloading & installing all the critical updates, again preformed
a system scan which showed 3 system files being changed & no evidence of any
sort of infection.
5. By the way, am very conscious regarding security of my machine, so always
use Spy bot 1.4 & Ad aware SE Prof to scan & clean any spy wares or tracking
cookies IF ANY?
6. AVG system areas scan, when showed that these 3 files have changed, gave
me 3 options. Ignore, View file, confirm change.
7. Just to experiment I clicked on confirm change & the result was that Page
file got fragmented/ split into 2 parts.
8. I used Disk keeper Pro 9.0 by Executive as a defragmenter, which has many
options like MFT, page file defrag, boot time defrag, consolidation of file
folders etc.
9. Despite the page file getting spilt, the machine was working normally,
error free. But I could not defragment & compact the page file.
10. To clear my doubts I formatted & reinstalled windows again. But now
before updating, performed a pre update scan, went into the Sytem32 folder &
looked for the files. e.g. schell32.dll which was of 7.99 MB & the scan
revealed all these 3 files as OK.
11. After update the size increased to 8.05MB. So in a way AVG was smart
enough to pick the change.
12. My query is that were the original files updated OR new files installed
during update? If new were installed where the original 7.99MB shell32.dll
vanish.
13. Till now I do scan regularly for any virus threat, but don’t click on
confirm changes, as previously it split the Page file, although no harm to
the OS or its performance but doesn’t give me a peace of mind.
14. Now I am sure that file were updated/ changed/ increased in size, but my
query is why didn’t the auto update of windows make the change in the system
registry, coz as I initially manually clicked on confirm change, a change in
the OS registry was made resulting in split in Page file, which I don’t
prefer & have NOT DONE this time.
15. Can you come up with any logical answers, solutions, advice so that this
issue can be fixed, coz tweaking with windows registry is not some thing I
would like doing on my own.
16. At this moment I just have the windows & antivirus installed along with
the updates. This end user / stand alone machine is working perfectly apart
from the 3 messages which I get while doing a virus scan that the files have
been changed, which they have been.
Just 2 after thoughts that might be helpful in suggesting an advice, solution,
1. Is it technically possible & logical that if I copy/ burn these 3 system
files i.e. user32.dll, shell32.dll, and ntoskrnl.exe. & save them to a media,
after a fresh install & before going online to update the OS, & If for some
reason they again show changed after windows update, to replace the newer
ones with older??
2. Since my personal machine, as mentioned earlier as end user/ stand alone
system with a dialup connection, with NO net working/ work station/ server
function. So for security reasons I change some of the Services according to
my usage e.g. disabling Secondary logon, Remote Reg. Manipulation etc, before
going online to get the updates. In addition I do make slight changes in the
windows out look e.g. Classic type start up etc, all these after a fresh
install & before going on line.
Could this be the reason of the changed files?
Just a gut feeling!
1. Firstly installed Win Xp SP2 using a CD. (Fresh clean install)
2. Than installed AVG 7.1 & did a pre windows update scan, both the system
areas & whole machine. System was clean & system files ok.
3. Connected to the internet to auto update windows.
4. After downloading & installing all the critical updates, again preformed
a system scan which showed 3 system files being changed & no evidence of any
sort of infection.
5. By the way, am very conscious regarding security of my machine, so always
use Spy bot 1.4 & Ad aware SE Prof to scan & clean any spy wares or tracking
cookies IF ANY?
6. AVG system areas scan, when showed that these 3 files have changed, gave
me 3 options. Ignore, View file, confirm change.
7. Just to experiment I clicked on confirm change & the result was that Page
file got fragmented/ split into 2 parts.
8. I used Disk keeper Pro 9.0 by Executive as a defragmenter, which has many
options like MFT, page file defrag, boot time defrag, consolidation of file
folders etc.
9. Despite the page file getting spilt, the machine was working normally,
error free. But I could not defragment & compact the page file.
10. To clear my doubts I formatted & reinstalled windows again. But now
before updating, performed a pre update scan, went into the Sytem32 folder &
looked for the files. e.g. schell32.dll which was of 7.99 MB & the scan
revealed all these 3 files as OK.
11. After update the size increased to 8.05MB. So in a way AVG was smart
enough to pick the change.
12. My query is that were the original files updated OR new files installed
during update? If new were installed where the original 7.99MB shell32.dll
vanish.
13. Till now I do scan regularly for any virus threat, but don’t click on
confirm changes, as previously it split the Page file, although no harm to
the OS or its performance but doesn’t give me a peace of mind.
14. Now I am sure that file were updated/ changed/ increased in size, but my
query is why didn’t the auto update of windows make the change in the system
registry, coz as I initially manually clicked on confirm change, a change in
the OS registry was made resulting in split in Page file, which I don’t
prefer & have NOT DONE this time.
15. Can you come up with any logical answers, solutions, advice so that this
issue can be fixed, coz tweaking with windows registry is not some thing I
would like doing on my own.
16. At this moment I just have the windows & antivirus installed along with
the updates. This end user / stand alone machine is working perfectly apart
from the 3 messages which I get while doing a virus scan that the files have
been changed, which they have been.
Just 2 after thoughts that might be helpful in suggesting an advice, solution,
1. Is it technically possible & logical that if I copy/ burn these 3 system
files i.e. user32.dll, shell32.dll, and ntoskrnl.exe. & save them to a media,
after a fresh install & before going online to update the OS, & If for some
reason they again show changed after windows update, to replace the newer
ones with older??
2. Since my personal machine, as mentioned earlier as end user/ stand alone
system with a dialup connection, with NO net working/ work station/ server
function. So for security reasons I change some of the Services according to
my usage e.g. disabling Secondary logon, Remote Reg. Manipulation etc, before
going online to get the updates. In addition I do make slight changes in the
windows out look e.g. Classic type start up etc, all these after a fresh
install & before going on line.
Could this be the reason of the changed files?
Just a gut feeling!