Summary

MarketScore (also called NetSetter) is a spyware-like application that compromises the security of all data sent or received by your web browser, even on "secure" encrypted web sites. All external browser communications are re-routed through MarketScore's proxy servers, so they have access to any "secure" traffic/passwords/accounts that otherwise would be encrypted.

MarketScore affects the most popular browsers on the Microsoft Windows platform, including Internet Explorer, Netscape, Mozilla, and Firefox. It does not appear to affect Macintosh or Linux platforms.

What to Do

SpyBot Search and Destroy is known to detect and remove MarketScore. Alternately, there are removal instructions on Columbia University's MarketScore removal web site.

If you have MarketScore installed on your computer and have used your browser for any services that require WebLogin, your password should be considered compromised. After you have removed MarketScore from your computer, we STRONGLY recommend that you change your SUNet password. This advice also applies to any other secure web sites you may have visited with your browser.

The Information Security Office is directly contacting owners of machines that appear to behave as if MarketScore is present. If your computer is on the Stanford campus, you can also do a rudimentary self-check of your browser by going to the fixme.stanford.edu web page. If you get a message saying access is forbidden, your browser might be configured to use an outside proxy, so to be safe you should follow one of the removal procedures listed above or in the References section below...

Click here to download Spybot Search and Destroy.

Click here for the full alert from Security.