I happened to open the Window Defender History log and found that it has permitted these strings of regkey: ...................................................................... Description: This program has potentially unwanted behavior. Advice: Permit this detected item only if you trust the program or the software publisher. Reg Key: HKCU@s-1-5-21-1526629015-466950700-13192692-1000 \software\classes\VirtualStore\MACHINE\software\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} ieext: HKCU@s-1-5-21-1526629015-466950700-13192692-1000\software\classes\VirtualStore\MACHINE\software\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8F4460577F} File: C:\Program File\WIDDCOMM\Bluetooth Software\btsendto_iehtm ......................................... I have never seen any window defender popped up and warned me about this program but from the history log itindicated that it was permitted successfully. I would like to know what this is and how do I get rid of it if it's a spyware. I did open the quaranteen option but there isn't anything in it for me to erase. I figure since window defender already permitted it, I should somehowreverse it but I don't know how to go about doing this. There isn't any button or tab or option for me to reverse the permission. Please help. My computer recently been hacked and I used window recovery to start anew. Yet this item shows up in the defender's history log after I did the recovery. It is also in the followings: Resources: ie main: HKCU@s-1-5-21-1526629015-466950700-13192692-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page and also it's in Resources: Reg Key: HKCU@s-1-5-21-1526629015-466950700-13192692-1000\Software\Microsoft\Internet Explorer\MenuExt\Send image to &Bluetooth Device... iemenuext: HKCU@s-1-5-21-1526629015-466950700-13192692-1000\Software\Microsoft\Internet Explorer\MenuExt\Send image to &Bluetooth Device... File: C:\Program File\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

Hi LeeRoyJenkins, I suggest you try a free online virus scan on the following site and see if this is a false negative from Windows Defender: http://safety.live.com Meanwhile, if you need more help with virus/spyware related issues, please contact Microsoft Product Support Services. For support within the United States and Canada, call toll-free (866) PCSAFETY (727-2338). For support outside the United States and Canada, visit the Product Support Services Web page (http://support.microsoft.com/?pr=SecurityHome ).

Thanks Sean Zhu. I followed your link there and ran the scan with the results of 157 registry changed/errors. Then Iinstalled the trial OneLive but it did require me to uninstall my Norton firewall. So I cancelled the process. From the log, it seems that it has fixed 144 registry error but the rest were skipped. I restarted the system and checked Window Defender Log and yet such registry: HKCU@s-1-5-21-1526629015-466950700-13192692-1000 with permit successfullystill is in my log. I don't know if it's been removed or not. I guess I will do the whole system recovery to start anew since this is the new computer and I don't have any file saved in it yet. I reallly appreciate your help.