BLUETOOTH.EXE is Trojan Agent

September 4, 2012 by NightWatcher
Filed under: Malware 
: Solved!

You should Download Removal Tool here...

Is the file BLUETOOTH.EXE located on your computer? Then your computer is infected.
We do suggest you should remove BLUETOOTH.EXE from your computer as soon as possible.
BLUETOOTH.EXE is Trojan/Backdoor.
Kill the process BLUETOOTH.EXE and remove BLUETOOTH.EXE from the Windows startup.

Malware Analysis of BLUETOOTH.EXE
Full path on a computer: %Local Appdata%\Bluetoothh\Bluetooth.exe

Detected by UnHackMe:

BLUETOOTH.EXE
Default location: %Local Appdata%\Bluetoothh\Bluetooth.exe

Removal Results: Success
Number of reboot: 1

BLUETOOTH.EXE is known as:

Trojan.Agent

BLUETOOTH.EXE hash:

  • MD5: 7b014bd29ef5982e7da191cceda10bb5
How to quickly detect BLUETOOTH.EXE presence?

Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Miller.exe: “”
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Android.exe: “”
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MsnMessenger.exe: “”
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AdobeReader.exe: “”
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Bluetooth.exe: “%Local Appdata%\Bluetoothh\Bluetooth.exe”
Folders:
  • %Local Appdata%\Bluetoothh
Files:
  • %Local Appdata%\Bluetoothh\Bluetooth.exe
  • %Local Appdata%\Bluetoothh\Bluetoothh.ini
  • %Local Appdata%\Bluetoothh\RCX1.tmp
  • %Local Appdata%\Bluetoothh\RCX2.tmp
  • C:\sand-box\RCX1.tmp
  • C:\sand-box\RCX2.tmp


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.