eZula.TopText
Category: Cookie
Risk:
Low Risk
* Low risk threats pose a very low risk or no immediate danger to your computer or your privacy, however these types of applications may profile user online habits, but only according to specific privacy policies stated in the applications End-User License. These types of threats generally borderline on being a threat to being a standard application that has a complex license agreement that you knowingly installed.
Description: eZula TopText is a browser hijacker that will alter all pages viewed in Internet Explorer by adding extra links to words and phrases targeted by advertisers. These links are unauthorized by the users of the sites being viewed and not part of the orig EZula inserts information within the link (Contextual advertising) as well as affiliate advertising links so that they can collect money for any referral traffic or subsequent sales that were referred from the link inserted. eZula TopText acts as a browser plug-in for Internet Explorer. This means that the TopText software cuddles up in Internet Explorer's process. After installation of Toptext, network traffic logs revealed that there was unusual HTTP traffic between Internet Explorer and a foreign server, each time the user navigated between URLs. The data transmitted is small and cryptic so we don't know if this is confidential information or not. ommon firewalls are not capable to block this kind of traffic, as both the port (80) as the application (Internet Explorer) are considered okay. Contextual advertising may be interesting for users, it may prove deadly for Web site owners. Traffic is directed away from your site, to competitors perhaps. For example, an advertiser targets the Home Audio category. Every Web page across the entire Internet, that includes the word DVD, DVD Player or other selected keywords within this category, will be underlined and upon hovering, highlighted, with a short text message beneath the marked keyword that describes the advertiser. Clicking on the marked keyword, wherever it is on the Web, will take the user immediately and directly to the relevant URL on the advertiser's Website. If you've noticed yellow underlines with green edges showing up on a lot of the pages that you visit, you have installed (intentionally or otherwise) the TopText application. These underlines are not the work of the people who created the pages, but are added when TopText alters your browser settings without your knowledge. If you click on one of these links, you'll be taken to the website of an advertiser who paid the makers of TopText for the underline. This raises a number of concerns. For example, the page that the link leads to may not be appropriate for children. Furthermore, unreviewed links may be introduced into shopping cart links, product recommendations, editorials, online legal documents and posts to online forums, adding confusion and potentially misleading you, the user. But perhaps the most frightening concern TopText and similar applications raise is that they may spell an end to the free Web. A huge percentage of the Web's most popular sites owe their very existence to advertising dollars. TopText steals those dollars away from them without any compensation. eZula collects information about its activity, such as the keywords that the application was activated on. When you react to the highlights then eZula will also collect a standard web log that may include more information about the action such as IP address, time etc. eZula does not use your IP address to attempt to identify your personal information. eZula may, on occasion, use your IP address to help diagnose problems with our server and to administer our website. If you use Control Panel > Add/Remove Programs to uninstall it, just like eZula says to do, you still have the most hideous part of all on your system -- the eZula auto-downloader/installer. It can instantly download TopText and reinstall it, without your consent. Apart from the innocent looking tray icon flashing up, and a strangely behaving browser for a couple of seconds, the reinstall is totally unnoticeble. This component is called stub.exe and is located in the Wind
Alias: None
Signatures: None Listed
Copyright @2006 THR Computer Solutions: eZula.TopText