CeeCee

Those \FileExts\ entries are safe to remove, although they are not high priority and critical. Basicly it's a good thing to exclude them. Those FileExts entries are created and become useless, when you double click (try to open) a file type (like .bak), which is not registered (to open) with any application. One thing to do, is register them to open, for example with Notepad. --- And then about those 0 byte folders: Yes, they might seem to be safe to delete, but actually it's not that safe. After all, they are created by application or Windows, so those apps/OS might expect them to exist. I think some of those empty folders (and files) can be recreated, when you launch a program or Windows. Anyway, it's better to leave, atleast those empty folders alone, if the actual program it's referring to, is still installed on your system. It's pretty much a same thing with empty registry keys.

I downloaded version 1.25 few weeks ago and scanned with a "Quick" scan. All it found was 3, basicly false positives -> registry settings i have changed myself, like remove log off from Start Menu. No actions taken.

I tried to install SP3, when it came available on Microsoft Update, but without any succes. It was so frustrating episode, that i will go without SP3, and won't try to install it again, until it comes fully required.

I have UXTheme Multi-Patcher (Neowin Edition) 4.0 on my SP2 and it works fine. Hmmm, can that be the reason why i wasn't able to install SP3?? Although, i remember it was a registy related problem...

It only tries to protect you. I don't have Vista though.

USB FireWall http://net-studio.org/application/usb_firewall.php USB FireWall blocks all virus and other wilful programs which try to spread in your system when an USB device is inserted.

Thanks. Just checked from the log and my last scan took 7 seconds. So it's basicly nothing. Better keep it enabled.

No.

New info about this rootkit boot scan. This is a response to me on Avast! forum: It isn't run at boot, but 8 minutes after boot to enable any boot activity to complete, allowing a comparison to be made against what is actually running and what is reported as running. If you found the C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log you will also have found that the scan takes seconds, my last one took 3 seconds (start time at top and finished time at the bottom of the report). Well, i think i enable it after all...

True. Strangely i somehow missed it. Btw, i can't see the picture, but i think what you mean. Edit: i had to enable referrer to see it.

My "bad habit" is that i rarely read help files. But i usually go through the program settings and learn that way.

These rogue apps are really taking over these days.

I didn't notice any difference. I just noticed this thing from the log file. I have disabled this startup scan for now. Might enable it again later though.

How many of you know, that Avast! will run Anti-rootkit scan on Windows startup by default? LOG file is placed in C:\Program Files\Alwil Software\Avast4\DATA\log. If you want, here's the way to disable rootkit scan on Windows startup: http://support.avast.com/index.php?_m=know...ratingconfirm=1 Another thing you might not know, is that some Avast! LOG files are locked and can't be deleted (not even by using Unlocker program). This is because of the self-defence mode. You have to temporarely disable it to delete LOG files. You can disable it by going avast! Program settings -> Troubleshooting. Of course, some of you already know these things, but some might not.

Same here. I never just blindly click Next, Next/OK,OK. And if there's Custom/Advanced options, i take a look at them. I don't have any installed toolbars.

Opera (my default browser): JavaScript & Java disabled globally. 3rd party cookies not allowed. Referrer disabled. IE7: Internet zone set to "High". Microsoft.com along some other sites added to Trusted sites zone. 3rd party cookies disabled. Java disabled globally. Remember that some IE settings affects to other MS programs too, like WMP and OE (even though i use Thunderbird) Ad Muncher, SpywareBlaster.

Opera 9.52 Security Fixed a startup crash that could allow execution of arbitrary code: see our advisory Sites can no longer change framed content on other sites: see our advisory Fixed an issue that could allow cross-site scripting, as reported by Chris Weber of Casaba Security: details will be disclosed at a later date Custom shortcuts no longer pass the wrong parameters to applications, as reported by Michael A. Puls II: see our advisory Prevented insecure pages from showing incorrect security information, as reported by Lars Kleinschmidt: see our advisory Feed links can no longer link to local files: see our advisory Feed subscription can no longer cause the wrong page address to be displayed: see our advisory Full changelog

"The above are rogue domains and offering Fake or misleading software. Don't ever go to the above sites and please add the above domains in your HOSTS file, Blocklist or Restricted Zone." If using IE, it's better to set 'Internet' zone to "High", and then allow "full power" to trusted sites by using 'Trusted sites' zone. Leo & Steve http://www.youtube.com/watch?v=_LN3D90eQOQ

Microsoft Most Valuable Professional. But they are not any Gods, that knows everything.

What happens after the icon is deleted?

You can remove them, since it's found to be safe. But if you have a lot of disk space, you can just leave them alone. They are folders, that contains data to UNinstall installed Microsoft updates.

Btw, DX install creates a .log file to C:\WINDOWS\Logs. At least it created for me.

So they can not be deleted or is the problem freezing? What do you mean you can't do anything?

There should be a program to remove empty/unused entries from 'ActiveX Compatibility' key.