Recently I have found that I have adware on my computer. Called AltBrowser.exe. I have asked around a little and googled it, i also googled just altbrowser. I can really get a good picture of what it is and what i should do about it. However, the one thing i think that is evident according to its various defintions is that it works with IE. I also noticed a dramatic change in performance with IE. I have just changed to firefox yesterday and i do not notice this change.

Also I searched my computer with Ad-Aware which didnt find it, and Norton Anti-Virus which dead. Here is all the information norton gave me:
FileName: AltBrowser.exe
FilePath: C:\Program Files\Online Services\PeoplePC\Utilities\AltBrowser.exe
Threat Name: Adware.Ezula

also on the norton site i found more
[url]http://securityresponse.symantec.com/avcenter/venc/data/adware.ezula.html[/url]
im not exactly what i should do, im pretty sure the threat isnt very big since im not using IE, but i would like to somehow get rid of it. thankyou!

Have you tried uninstalling it? Seriously, that sometimes works

Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.

Report Offensive Follow Up For Removal

No, but it isnt listed as a program in my list of programs. i dont know if i can unistall it otherwise. the only method i know for getting rid of this file is deletion, but im not sure if that is a wise move.

Well, that Symantec page advises you to uninstall TopText, and then claims that its spyware scan will take care of the rest. How did that go?

Sure, you can delete the program if nothing else works, but you might want to sift through the registry etc. and remove any references to it.

Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.

Report Offensive Follow Up For Removal

I have the exact same problem,NAV '05 found Altbrowser.exe,said it was Ezula based spyware,and to remove under add/delete "TopText".I cannot find TopText anywhere in my system,and Webroot spysweeper and Adaware SE Pro cannot find it (AltBrowser) either.I can tell you that it randomly selects keywords and highlights them in green,and underlines them with a add/hyperlink to sell me stuff.I also have a hard time using the browser back function,etc...I have a report ticket in with Spysweeper as of yesterday,no luck yet..This just started happening about 3 days ago,..I cannot for the life of me imagine what i loaded to get this thing as i am very cautious.i found this forum doing a search of Altbrowser.exe.I am starting to wonder if SBC/Yahoo has something to do with it as i have DSL with them and use Yahoo webmail and homepage with IE.I went to another page that checks for browsers infected with Ezula topText,and it said i was clean,and so apparently this thindg has morphed again,and probably just recently,as the previous post suggests.Any ideas,besides changing browsers..??

Dan Dan,just curious,since our NAV filepaths were the same...Did you ever use SBC/Yahoo or it's toolbar or webmail by them..???

I have the same problem-adaware found nothing,norton found ezula w/exact same file path as dandan20. Do you think this is something that's been on your computer & just picked up by antivirus because of updated definitions? i searched &searched on my computer & couldnt find toptext to delete as directed on Symantec website. I think I finally got rid of it by deleting folders called "online options"(preinstalled on my computer)--which contained AOL,MSN & PeoplePC

I meant to write in the previous post that the folder was called "online services" NOT "online options", inwhich I deleted PeoplePC

Muu and Dan Dan20,i think we are on to something here.Yes,I have the same filepath ending in Onlineservices\PeoplePC\Utilities\AttBrowser.exe which was discovered by NAV '05 latest defs.Top Text spy defs. have been out for a couple years now,I cannot find it either in my add/delete files...topText highlights text (used to be yellow highlights,when moused over,would advertise hyperlink to advertisers page,etc,and often lock-up your browser)..I am now getting GREEN colored hilited and underlined text on random keywords which produce a small ad "bubble" when moused over,but not on every page,mainly those with plain text,No HTML.I Really suspect that since I use SBC/Yahoo/Dsl with toolbar add-on,etc,...that this could be a possible culprit,and was curious if you guys might also have loaded yahoo elements..????I also get alot of 404 errors,unable to load pages for no apparent reason.My laptop is oonly 2mos.old,and i have been extremely Carefull where i go and what i load on it,..hardware firewall router,spy and virus apps,etc...Just points to Yahoo...Okay,so here is a link that supports this a little,go to:http://www.pcsympathy.com/article435.html

MUU and DanDan 20,
In regards to the preinstalled ISP launchers,..yes,I still have those on my laptop,like MSN,and AOL,and also believe this could be a source for the Alt Browser demise,...although outwardly i cannot see any reference to PeoplePC....does anyone know what people pc is,...??Is it an ISP..??I have never heard of it....I also have a listing under start/programs called "Online sercices"..nested to AOL,MSN,Netscape,earthlink,and "get high speed internet",..and "Easy internet sign-up"..(logo of a hand)....Curiouslly,my browser hijacking problems did not seem to start untill I loaded Yahoo,and seem to be independent of the online services file issue,although i could be wrong.you stated you think you got rid of the malware by deleting the online services folder....are you symptom-free now..??Was there a subfolder called peoplepc..?..Did you delete these items using explorer files,and all their nested subfolders,or were you able to just locate it on add/delete and nuke it that way...Wow..i need some technical help as i am a newbie when it comes to this.....thanks for your time,especially on if you guys noticed the hilited random text in your browsers before fixing your issue.!

I think People PC is an ISP in the US.
Did anyone have any problems after simply deleting the ...Online Services\People PC\Utilities\AltBrowser.exe file?

Did you find any registry entries for this? (I'm nervous about touching the registry - what happens if you delete the file but leave the registry entries in?)

Same problem here guys. I was in Florida for a week. My girlfriend has not installed anything new while I was gone and now NAV find the same thing you guys have reported and the path is the same:

The file C:\Program Files\Online Services\PeoplePC\Utilities\AtlBrowser.exe is a Adware threat.

I have searched the registry for both ezula and for altbrowser and nothing shows up.

Has anyone deleted the AtlBrowser.exe from the C:\Program Files\Online Services\PeoplePC\Utilities\ path? If they have has it caused any problems?

Same problem as you all. Anyone worked out how to completely and safely remove it yet? Its killing my IE, locking it up, really slow etc. I'm loathe to delete the .exe file or the PeoplePC folder unless I know what else might happen. Contacted NAV/Symantec - useless - just directed me to fee paying service!

I am wondering if I really have ezula, since I have not noticed any yellow highlights or extra popups in my google search results (if you look on the McAfee site they show you an example of what this adware does).

I have deleted the atlbrowser.exe file, but left it in my recycle bin in case I run into problems and have to restore it. I am going to wait and see.

Guys,

I called Symantec support after creating a prioritycare report. The agent told me to go ahead and remove the atlbrowser.exe file that was being reported as the Adware.Ezula and to then run a Virus-Scan to see if it clears the problem. I will report the outcome once the scan is complete.

Ok guys,

The scan completed and it redected the the file but as dc35.exe and it now points to the recycle bin which is where I left it. I want to see if the highlighted green links still show up. But I have noticed that although I removed the atlbrowser.exe the green underlined links still show up and the links still pop up when you hover over them.

Does this thing show in more than one way? Seems in some cases people get the underlining and highlighting but in others it just slows down IE and often locks it. Are there 2 different problems here? I have deleted the .exe file now but it doesnt seem to make much difference to my IE problems

To LittlePr:
Did Symantec tell you to delete it from the Recycle Bin as well? Maybe it's worth asking them.

Did you have "top text" or "ezula" in your program list (i.e. were you able to remove the program per the Symantec removal instructions?)

This past weekend I deleted the atlbrowser.exe file and scanned again. The scan picked up the dci35.exe?? file in the recycle bin, which I then emptied. I had been having problems with my mouse (hesitating as I tried to move past the edge of the IE browse window), and this problem seems to have been corrected. Did anyone else have this problem?

ASC,

Top Text and ezula is no where in programs list and no I was not able to remove it using the Symantec removal instructions. I did the same as dawn10. I left it in the recycle bin and when NAV scanned it found it in the recycle bin but was now named dc53.exe. I have not removed from the recycle bin because I want tot make sure I don't delete it until we really find out if deleting it will get rid of the spyware/adware. I say this because although the atlbrowser is no longer in it's origianl path, the green hyperlinks still show on web pages.

i have the same problem. i don't know how to get rid of it. i can't find any exe file or program files or online services. please anyone help!!!!!

Back in November I bought a new Compaq Presario X1000. It came pre-loaded with several online services such as PeoplePC, AOL, Earthlink, MSN Explorer, and Easy Internet Setup. I have never clicked on the shortcuts to execute any of these. But the file, AtlBrowser.exe, is associated with PeoplePC in that subfolder. Norton Anti Virus never detected that file until about three weeks ago even though I'm sure it was there all along. I don't have TopText or any of the other files Norton associates with Ezula. I am curious, though, if you were to use the PeoplePC shortcut, if it would automatically execute AtlBrowser.exe which would then install TopText. After that you certainly would have Adware. It seems to me that all of those pre-loaded online services files and folders could be safely deleted completely. I have none of the green highlights or IE issues someof you have. I think you just dump the files and folders. Anybody agree with that assessment?

EXPC75 - seems logical but have you tried it ?! I think you are right and its been there all along and possibly is just being detected by NAV now. Strangely enough I deleted it and NAV no longer picks it up after the first time. Its weird.

Looks like someone has been able to get rid of this. Have a look here:

http://forum.aumha.org/viewtopic.php?p=76230

I contacted HP for their spin on my assessment of just deleting the subfolders for "Online Services." The following quoted sentences is their response. Again, I am not having highlighted or underlined text like some of you.

"David, your Presario X1000 PC is shipped preinstalled with PeoplePC, AOL, Earthlink, and MSN Explorer.

PeoplePC is an dialup and they have also made deals with PC manufacturers so their software is pre-installed on computers. They do not provide an uninstaller.

The PeoplePC software is known to cause slowdowns, blue screens and crashes.

You may go ahead and delete the Sub folders that you no longer use.

Alternatively, you may use Hijack This Software in order to remove
AtlBrowser.exe from the following website:

http://www.majorgeeks.com/download3155.html"

I simply deleted all the subfolders and their contents for all of those online services. NAV scan does not show any adware threat any longer.

I also found this link that I found very interesting and may be of value to those whose text has become highlighted and/or underlined, etc.

http://castlecops.com/postt115684.html

Hope this helps someone else.