Spyware: BPT.exe, BPCv2.exe, AutoUpdate.exe

Posted on 2005-05-09
Last Modified: 2013-12-04
I have popups randomly displaying ads. Upon running Norton's Internet Security 2005 scan, the files BPT.exe, BPCv2.exe, AutoUpdate.exe are displayed as spyware, but inspite of deleting them they appear again in the next scan. I also get a popup IE window titled 3-30369Plat0pct9BAP3SP each time I open IE.

Running a HijackThis gives the following log:

<<  HijackThis log removed 5-10-2005 - humeniuk, Page Editor  >>

<<  log file available at  >>
<<  courtesy of r-k  >>

Any suggestions on what to clean up?
Question by:scptech
    LVL 32

    Expert Comment

    Tip for next time: Please submit the Hijackthis log at: and post just the link to the analysis. I did this for you, and you can view it at:

    The programs you want to eliminate or disable are:

     bpcv2.exe, Autoupdate.exe, bpt.exe, czwXTp6k.exe, nsvsvc.exe, modsd.exe and possibly ads.exe

    There is not enough information here to know how these programs are starting, probably from registry entries. You can still disable and render them harmless by changing their permissions so that no one, not even system or administrator, can access them in any way.

    Just right-click on each of these files in Windows Explorer, select Properties -> Sharing then click on Advanced, un-check the box that reads "Inherit from parent...", then click on remove to remove all permissions to access these files. Do this for each file, then reboot and they should no longer be running.

    (If you have XP Home Edition then you will fist have to boot in safe mode before you can change the security settings on a file).
    LVL 32

    Accepted Solution

    Also, here is how you can determine where they are starting from, and disable that as well:

    Download Autoruns.exe from:

    When you run it, it shows a bunch of things that start automatically. Open the "View" menu and select everything from "Show Appinit Dlls" to "Hide Microsoft Entries",then select Refresh and it will give you a new list of startups.

    Examine the list carefully and un-check anything that looks suspicious.

    Then exit Autoruns and reboot.

    Run Autoruns again and see if the things you unchecked earlier are still unchecked.

    Once you're sure everything is normal you can delete the .exe files themselves (after first changing their permission back to give yourself delete permission).
    LVL 29

    Expert Comment


    I would suggest you paste your FULL log at

    Click the "Analyze" button.

    Scroll down, click Save Analysis.

    Post the LINK to that saved analysis here (as r-k suggested above and posted).

    Without that there is no one that can help you in detail.


    Author Comment

    After accepting the answer from r-k I realized that there is still an issue - so I hope you can help.

    I started the PC (running Windows XP Prof) in Safe mode and deleted the folder C:\Program Files\bpc_search. To be absolutely sure, I also emptied the Recycle bin.

    The folder (and all the files in it) shows up again when I boot up regularly.

    Tried this several times, the folder keep coming back from the dead.

    Any suggestions would be appreciated.
    LVL 32

    Expert Comment

    Sorry to hear that. It means that there is still something running that re-creates this folder.

    First, I would remove all permissions on any file that is known to be bad, using the process outlined above. But don't delete the files. That way they are rendered harmless even though they are still on your disk.

    Next, please run Autoruns in the way suggested above. Then, use File -> Save As.. and save its table to a text file and then cut and paste it here.
    LVL 32

    Expert Comment

    I found a link on the net re. this type of adware. There are removal instructions also there. Please see:

    LVL 32

    Expert Comment

    Also more removal instructions at:


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now