1. /
  2. Security Response/
  3. Adware.Broadcastpc

Adware.Broadcastpc

Updated:
February 13, 2007 11:32:44 AM
Type:
Adware
Publisher:
Broadcastpc.tv
Risk Impact:
High
File Names:
Bpc.exe Bpc_inst.exe 27.exe 28.exe
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

Adware.Broadcastpc may download the following risks:



When Adware.Broadcastpc is installed, it does the following:
  1. Creates the following files:

    • %UserProfile%\Desktop\BroadcastPC.lnk
    • %UserProfile%\Start Menu\Programs\BroadcastPC 2.0\BroadcastPC.lnk
    • %ProgramFiles%\RVP\Bpc.exe
    • %ProgramFiles%\RVP\Uninst.exe
    • %ProgramFiles%\BPC_Search\AxInterop.SHDocVw.dll
    • %ProgramFiles%\BPC_Search\BPCv2.exe
    • %ProgramFiles%\BPC_Search\BPCv2.exe.config
    • %ProgramFiles%\BPC_Search\Interop.ADODB.dll
    • %ProgramFiles%\BPC_Search\Interop.CDO.dll
    • %ProgramFiles%\BPC_Search\Interop.SHDocVw.dll
    • %ProgramFiles%\BPC_Search\tab_0.mht
    • %ProgramFiles%\BPC_Search\TVListings.dll
    • %ProgramFiles%\BPC_Search\ZipLib.dll
    • %ProgramFiles%\btv\breg_inst.exe
    • %ProgramFiles%\btv\btv.exe
    • %ProgramFiles%\btv\btvclean.exe
    • %ProgramFiles%\BTV\uninst.exe
    • %ProgramFiles%\common files\java\breg.cfg
    • %ProgramFiles%\common files\java\breg.exe
    • %ProgramFiles%\common files\Java\tvs_inst.exe
    • %ProgramFiles%\common files\Java\tvs_re_inst.exe
    • %ProgramFiles%\tvs\AxInterop.SHDocVw.dll
    • %ProgramFiles%\tvs\BPCv2.Plugins.dll
    • %ProgramFiles%\tvs\Interop.SHDocVw.dll
    • %ProgramFiles%\tvs\ni.mht
    • %ProgramFiles%\tvs\tab_0.mht
    • %ProgramFiles%\tvs\TVListings.dll
    • %ProgramFiles%\tvs\TVSv2.dll
    • %ProgramFiles%\tvs\TVS_B.exe
    • %ProgramFiles%\tvs\TVS_B.exe.config
    • %ProgramFiles%\tvs\tvs_clean.exe
    • %ProgramFiles%\tvs\tvs_ln.exe
    • %ProgramFiles%\tvs\tvs_re_inst.exe
    • %ProgramFiles%\tvs\ZipLib.dll

      Note:
    • %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
    • %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[Current User] (Windows NT/2000/XP).

  2. Creates the following registry subkeys:

    HKEY_LOCAL_MACHINE\SOFTWARE\BTV
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    \Uninstall\BTV

    HKEY_LOCAL_MACHINE\SOFTWARE\RVP
    HKEY_LOCAL_MACHINE\SOFTWARE\DInstaller2
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    \Uninstall\RVP
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
    \Uninstall\{94A9AE37-78DD-4D81-97D3-811C430D836F}
    HKEY_CLASSES_ROOT\Installer\Features\73EA9A49DD8718D4793D18C134D038F6
    HKEY_CLASSES_ROOT\installer\Products\73EA9A49DD8718D4793D18C134D038F6
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\73EA9A49DD8718D4793D18C134D038F6
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\110354A0F168B7048A589C28467DD7F0
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UpgradeCodes\110354A0F168B7048A589C28467DD7F0
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\267D785DF5F798C4D96209DA9571EAAC
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\749A28E30FDE46846A8A43EC961357D1
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\8AD5E2611737F8F478AAF4B44FB477B4
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\9507EA438FB8F1549A97B9033CA90876
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\970B9177774A9FB4FAFC497848762F06
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\B9E252750F96E384F826B6441D51DE3E
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\CEF1CC72125C4FB49BA10B449A2093A5
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\E2513A0406B12184BB0AAAD2F46044C1
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\EBDBE77772BB25C4F883B0220F1A7460
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Components\FCD7D10BE9EEF954D8C3FD02E7289DAF
    HKEY_LOCAL_MACHINE%\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer
    \UserData\S-1-5-18\Products\73EA9A49DD8718D4793D18C134D038F6


  3. Adds one of the following values:

    "RVP" = "%ProgramFiles%\RVP\bpc.exe"
    "BPCV2" = "%ProgramFiles%\BPC_Search\BPCV2.exe"
    "DI2" = "[RANDOM PATH]"
    "Breg" = "%ProgramFiles%\common files\JAVA\breg.exe"
    "btv" = "%ProgramFiles%\btv\btv.exe"

    "tvs_b" = "%ProgramFiles%\tvs\tvs_b.exe"

    to the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVerion\Run

    so that the Adware runs every time Windows starts.

  4. May add one of the following values:

    "BtvC" = "%ProgramFiles%\btv\btvclean.exe"
    "
    tvs_re" = "%ProgramFiles%\Java\tvs_re_inst.exe"

    to the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVerion\RunOnce

    so that the Adware runs when Windows starts.

  5. May add the following values:

    "%ProgramFiles%\BPC_Search\" = ""
    "%UserProfile%\Start Menu\Programs\BroadcastPC 2.0\" = ""


    to the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders


Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver