home

btmshell.dll

Intel PROSet\Wireless Bluetooth

Motorola Solutions Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘BTMTrayAgent’.
Publisher:
Motorola Solutions, Inc.  (signed by Motorola Solutions Inc.)

Product:
Intel PROSet\Wireless Bluetooth

Description:
Bluetooth Shell Extension

Version:
2.2.0.0214

MD5:
c86afa1ad68d6869b1c2f0f910842a3c

SHA-1:
43a34ac30c71c87ef16cc55d0d1f29e56d464f5c

SHA-256:
824f02f3b734a10f63ef015a04c700c7668cdc2f9662aba21c96d5b94e171a93

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 2:44:06 AM UTC  (today)

File size:
11.1 MB (11,586,944 bytes)

Product version:
2.2.0.0214

Copyright:
Copyright 2012 Motorola Solutions, Inc.

Original file name:
btmshell.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\intel\bluetooth\btmshell.dll

Digital Signature
Signed by:
Motorola Solutions Inc.

Authority:
VeriSign, Inc.

Valid from:
12/3/2011 8:00:00 AM

Valid to:
1/24/2013 7:59:59 AM

Subject:
CN=Motorola Solutions Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Motorola Solutions Inc., L=Schaumburg, S=Illinois, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
515BBF757514ED358532FA545C5AF1E4

File PE Metadata
Compilation timestamp:
6/9/2012 6:31:52 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x120860

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 83, FA, 01, 49, 8B, F8, 8B, DA, 48, 8B, F1, 75, 05, E8, 9F, 99, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 83, FE, FF, FF, CC, CC, CC, 80, 3A, 00, 4C, 8B, D2, 4C, 8B, C9, 75, 04, 48, 8B, C1, C3, 0F, B6, 01, 84, C0, 74, 44, 4C, 8B, C1, 4C, 2B, C2, 66, 66, 66, 90, 84, C0, 49, 8B, D2, 74, 1E, 0F, B6, 02, 84, C0, 74, 2F, 41, 0F, BE, 0C, 10, 0F, BE, C0, 3B, C8, 75, 0B, 48, 83, C2, 01, 41, 80...
 
[+]

Entropy:
6.2002

Code size:
1.2 MB (1,278,976 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BTMTrayAgent

Command:
rundll32.exe "C:\Program Files\intel\bluetooth\btmshell.dll",trayapp


Scan btmshell.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.