Marketscore.com users security probs

**ubbuser** · Sun 14 Apr '02, 11:15pm

Right now I think I am going to ban all this crappy proxy site's IP's as we cannot deal this site specific complain

The prob here is that a malicious user can use this proxy's services and bet that he/she will log in sometimes as a valid normal member using the same service.

**Alwaysmefirst** · Mon 15 Apr '02, 8:34am

I have noticed the same problem a few days ago on my board with two users who shared the same IP from Marketscore.com, but I don't think they can post as another user. It is just the welcome message they get with a wrong username.

Olly

**ubbuser** · Mon 15 Apr '02, 9:32am

Thanks for the feedback, yes I will check with our members who use (or are forced) to use this spyware. I really do not think the members know they are using this as it is just a software that redirects all web browser requests to their proxy servers

**Alwaysmefirst** · Mon 15 Apr '02, 10:37am

I will ask them again if they downloaded that software or not.
I just remember one of them was using AOL and it was also the first time I heard of that problem on my board.

Olly

**ubbuser** · Tue 16 Apr '02, 6:04am

What would be cool is if there were a software to remove this spyware software that I could point to some of our members.

**tamarian** · Tue 16 Apr '02, 12:15pm

I have the same problem, as reported here:

Users auto-logged as someone else? - vBulletin Community Forum

http://www.vbulletin.com/forum/showthread.php?s=&postid=278060#post278060

Are you sure it's only the welcome message?

One of my mods, hit the CP link, and was sent to another member's CP.

For this reason, I have removed their mod priviliges, until we can get to the bottom of this.

**ubbuser** · Tue 16 Apr '02, 6:45pm

An immediate fix is if someone could find a way to delete the marketscore.com software from member's PC's. The way I understand it is that it is a piece of software that re-directs normal users requests to web sites to its own proxy/caching site.

It is not needed as it is spyware BS.

**tamarian** · Tue 16 Apr '02, 7:07pm

Originally posted by ubbuser
An immediate fix is if someone could find a way to delete the marketscore.com software from member's PC's.

But only the user may be able to do that, and it's not straight forward, as it requires logging in to MarketScore.

I'm thinking of writing an Apache REWRITE directive, to redirect all members coming from the marketscore IP's, to a page letting them know why they can no longer access the forum, with instructions and links to Ad-aware download page to remove NetSetter/MarketScore software.

**ubbuser** · Tue 16 Apr '02, 9:57pm

Hmm, Adaware removes Marketscore junk?

**Shakron** · Wed 17 Apr '02, 6:44am

Ya, I have the same problem. First I thought it's a user with several nicknames but then I realized that it's not just one user.

I have 13 users that share the IP-numbers. Some of them are using this marketscore and some are ...cache.pol.co.uk
and ...webcache-11.segfl.ifl.net

Now I understand the point about the marketscore users but what's with all this other users?

Could that be providers where the users get the same IPs? And how "high" is the possibility that I get 13 of this users? I am just really wondering if I have double-users or "just" an IP-problem here ...

**tamarian** · Wed 17 Apr '02, 10:11am

Originally posted by ubbuser
Hmm, Adaware removes Marketscore junk?

I thought it did.

But not sure if the component is one of those:

Adware, Alexa 1.0-5.0, Aureate v1.0,2.0 + 3.0, Comet Cursor v1.0 and v2.0, Cydoor, Doubleclick, DSSAgent, EverAd, eZula, Expedioware, Flyswat, Gator, Hotbar 1+2, OnFlow, TimeSink v1.0,v2.0 and v5.0, Web3000, Webhancer, Transponder,Wnad,
ZapSpot and more... (updated regulary)

Free Antivirus Download for PC | Adaware Virus Protection Software

http://www.lavasoftusa.com/aaw.html#a3

Adaware free antivirus protection safeguards your computer from online threats, so you can focus on the things that really matter to you, We’ve got you covered.

**Alwaysmefirst** · Tue 23 Jul '02, 3:06am

This problem happened again on my board and it was again with a member on marketscore's proxy according to her IP.
I told her to read http://www.cexx.org/adware.htm where they tell how to remove that spyware manually.

PestPatrol can remove it. From http://www.safersite.com/PestInfo/N/...ter_Adware.asp:

"Summary: NetSetter (MarketScore) is a proxy service which claims to increase the speed of your internet connection. It runs at startup to ensure all your web connections are routed through NetSetter's proxies. (You will not observe any significant speedup from using the service.)
Netsetter has changed its name to Marketscore and is no longer operating under or using the name Netsetter.

Category: Adware/Trackware.

Aliases: Netsetter (previous name), ossproxy (program name), MarketScore (current name).

Distribution: Is installed through ActiveX at MarketScore's site, promoted by MarketScore affiliates.

Advertising? No.

Privacy Violation? Yes. Every web connection you make, including 'secure' connections, goes through the proxies and is logged and analysed on behalf of MarketScore's customer companies.

Security Issues? Unconfirmed. There is a 'required update' feature, but it is unknown whether this happens without consent from the user.

Stability Problems? Won't work if you have to use a different proxy. Will kill your internet connection if you try to delete the csloa.dll component manually.

Privacy Policy: Privacy policy.
Vendor: MarketScore official distribution site
ComScore sell the information to other companies

Detection: PestPatrol detects this pest.

Removal: PestPatrol removes this pest.

Manual Removal: There is a hidden uninstall feature. Open a command window and enter (for Windows 95/98/Me):

"%WinDir%\SYSTEM\NSCheck.exe" /uninstall
Or for Windows NT/2000/XP just:

NSCheck /uninstall

Olly

Marketscore.com users security probs

Marketscore.com users security probs

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment