Overview |
Vendor Notes: |
from the doc: "EzSearch is the search engine for your Personal Computer! EzSearch allows you to uniquely select and combine powerful date, time, content, file type, and drive location data into an explicit search operation."
|
Alias: |
ctavp |
Category: |
Browser Helper Object: (BHO). A component that Internet Explorer will load whenever it starts, shares IE's memory context, can perform any action on the available windows and modules. A BHO can detect events, create windows to display additional information on a viewed page, monitor messages and actions. Microsoft calls it "a spy we send to infiltrate the browser's land." BHOs are not stopped by personal firewalls, because they are seen by the firewall as your browser itself. Some exploits of this technology search all pages you view in IE and replace banner advertisements with other ads. Some monitor and report on your actions. Some change your home page.
Adware: Software that displays popup/popunder ads when the primary user interface is not visible or which do not appear to be assocaited with the product. |
Similar Pests: |
Browser Helper Object · Adware |
Origins |
Group: |
ezCyberSearch.com |
By This Group: |
EZCyberSearch · |
Date of Origin: |
February, 2004 |
Distribution |
Distribution: |
Installed by ActiveX drive-by-download, suspected in pop-up ads. Describes itself as a 'Required Access Key' by 'Sunny View inc'.
|
Prevalence: |
EZSearch: 0.3%
More Info |
Clot Factor: |
EZSearch: 2
The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone. |
Growth: |
EZSearch: Insufficient data to report growth |
Operation |
Platform: |
Windows XP, 2000, NT, ME, 98, and 95. |
Advertising: |
Yes. Opens periodic untargeted pop-up ads as directed by the controlling server.
|
Storage Required: |
EZSearch: at least 573 KB |
Browser Performance: |
Likely to slow performance of Internet Explorer. |
Risks |
Security Issues: |
Yes. Can download and execute arbitrary unsigned code by FTP to its controlling server, as an update feature.
|
Detection and Removal |
Automatic Removal: |
 PestPatrol detects this.
PestPatrol removes this.
|
Manual Removal: |
Open the Downloaded Program Files folder inside the Windows folder, right-click the 'PKey Class' entry and choose Remove. Sadly this does not actually remove the software itself.
The main code file can be found in the System folder (inside the Windows folder; called 'System32' on Windows NT/2000/XP or just 'System' on Windows 95/98/Me), with the name 'ctavp3.dll'. If you have an older, un-updated version you may have 'ctavp2.dll' instead. Before you can delete the file you must deregister it.
Open a DOS command prompt (from Start->Programs->Accessories) and enter the following commands:
cd "%WinDir%\System"
regsvr32 /u ctavp3.dll
(Change ctavp3.dll to ctavp2.dll if you have the older variant.) Now you can restart the computer and delete the file. You can also open the registry (Start->Run->regedit) and delete the key HKEY_CURRENT_USER\Software\AP to clean up, if you like.
Then go to the Programs tab in Internet Options and click 'Reset Web Settings' to restore the normal address bar search features.
|
|
Unregister DLLs:
Unregister these DLLs with Regsvr32, then reboot:
|
|
Clean Registry:
Remove these registry items (if present) with RegEdit:
|
|
Remove Files:
Remove these files (if present) with Windows Explorer:
|
Research |
File Analyses: |
|
More Info: |
Key Benefits:
Intelligently create and save frequently used file searches.
Search any combination of drives, folders, or file types at at once.
Detect binary files or text files for date, time, content, attribute, and more.
Automatically generate batch files to manage results.
View creation, modification, and archive file information.
Omit files by type, content, or many other file attributes.
Limit search operations to detect only the files you want!
AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo! |
Research By: |
PestPatrol's Pest Research Center |
Last Revised: |
April 02, 2005 |