Window Defender History: HKCU@s-1-5-21-1526629015-466950700 -13192692-1000
I happened to open the Window Defender History log and found that it has permitted these strings of regkey:
......................................................................
Description:
This program has potentially unwanted behavior.
Advice:
Permit this detected item only if you trust the program or the software publisher.
Reg Key:
HKCU@s-1-5-21-1526629015-466950700-13192692-1000 \software\classes\VirtualStore\MACHINE\software\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}
ieext:
HKCU@s-1-5-21-1526629015-466950700-13192692-1000\software\classes\VirtualStore\MACHINE\software\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8F4460577F}
File:
C:\Program File\WIDDCOMM\Bluetooth Software\btsendto_iehtm
.........................................
I have never seen any window defender popped up and warned me about this program but from the history log itindicated that it was permitted successfully. I would like to know what this is and how do I get rid of it if it's a spyware. I did open the quaranteen option but there isn't anything in it for me to erase. I figure since window defender already permitted it, I should somehowreverse it but I don't know how to go about doing this. There isn't any button or tab or option for me to reverse the permission. Please help. My computer recently been hacked and I used window recovery to start anew. Yet this item shows up in the defender's history log after I did the recovery. It is also in the followings:
Resources:
ie main:
HKCU@s-1-5-21-1526629015-466950700-13192692-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page
and also it's in
Resources:
Reg Key:
HKCU@s-1-5-21-1526629015-466950700-13192692-1000\Software\Microsoft\Internet Explorer\MenuExt\Send image to &Bluetooth Device...
iemenuext:
HKCU@s-1-5-21-1526629015-466950700-13192692-1000\Software\Microsoft\Internet Explorer\MenuExt\Send image to &Bluetooth Device...
File:
C:\Program File\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
October 13th, 2008 12:49am
Hi LeeRoyJenkins, I suggest you try a free online virus scan on the following site and see if this is a false negative from Windows Defender: http://safety.live.com
Meanwhile, if you need more help with virus/spyware related issues, please contact Microsoft Product Support Services. For support within the United States and Canada, call toll-free (866) PCSAFETY (727-2338).
For support outside the United States and Canada, visit the Product Support Services Web page (http://support.microsoft.com/?pr=SecurityHome ).
Free Windows Admin Tool Kit Click here and download it now
October 15th, 2008 10:58am
Thanks Sean Zhu. I followed your link there and ran the scan with the results of 157 registry changed/errors. Then Iinstalled the trial OneLive but it did require me to uninstall my Norton firewall. So I cancelled the process. From the log, it seems that it has fixed 144 registry error but the rest were skipped. I restarted the system and checked Window Defender Log and yet such registry: HKCU@s-1-5-21-1526629015-466950700-13192692-1000 with permit successfullystill is in my log. I don't know if it's been removed or not. I guess I will do the whole system recovery to start anew since this is the new computer and I don't have any file saved in it yet. I reallly appreciate your help.
October 16th, 2008 12:18am