I ran Rootkit Revealer and this was it's output.

C:\***\Jetico Personal Firewall\firewall.114.log 5/29/2006 3:09 PM 110.12 KB Visible in Windows API, but not in MFT or directory index.
C:\***\Jetico Personal Firewall\firewall.116.log 5/29/2006 3:16 PM 136 bytes Hidden from Windows API.

Nothing else showed up during the scan.

I certainly don't think there's anything wrong with Jetico, I like it so much I doubt I'll ever use anything else anytime soon. I just thought this was strange and was wondering if anyone might see the same strange thing.

Hello,

the technique RootkitRevealer uses can lead to some "false positives". It makes a few scans of the same thing (on different levels) and compares the results. However, the problem is that it scans sequentially instead of parallelly. Thus if some file on the disk is changed (is renamed, deleted or created) during the first scan (after this scan proceeded such file) the next scan on the different level will report different result for such file or folder. This is why we can see in the results of RootkitRevealer log files, temporary files and similar files very often.

Simply said it is some kind of imperfection of RootkitRevealer, your Jetico behaves normally.

I figured it would be something along those lines. I was just looking for a staightforward answer as to why RR would flag something this obviously benign. Jetico's logging seems very active. I didn't have any doubts as to whether Jetico was working correctly.

Thanks matousec.