Marketscore

Description:	Spyware
Risk Level:	High
Date of First Occurence:	Tuesday, April 15, 2008
Software Developer:	Marketscore, Inc.
Brief Info:	When Spyware.Marketscore is installed on a computer, it starts a proxy service. Once this service runs, all the Internet connections will be routed through the Marketscore's proxy.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Marketscore"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\osmim.dll MD5: F0BFFBA3F4C2EE36FA5229FF2C293657 Size:303104 MD5: 21FEC2CF29E89093125803DF09B86E9A Size:319488 MD5: 960CEA9EEC8CD6301275171E6C25C496 Size:90112 MD5: 61956C7C4E323CB6D8982FD12033CBD9 Size:307200 MD5: F0BFFBA3F4C2EE36FA5229FF2C293657 MD5: CDED1B12E79100190688EE1C8B38D39B Size:315392 MD5: B86465E195A6E05DB640D09F232B8543 Size:303104 %SYSDIR%\okshook.dll MD5: A8A11A2873C6A21AE8C0916DAD013F7C Size:49152 MD5: 086AAF582320DB73E452944F83555A93 Size:49152 MD5: 6D5114113923593AE79F8D7C50D3A429 Size:49152 MD5: AB057E56C8AD3E3DF02CC2D6C2927BAC Size:49152 MD5: A8A11A2873C6A21AE8C0916DAD013F7C MD5: 404DA2FC2EAF09703A1F042EA78DBEA9 Size:49152 %SYSDIR%\ossproxy.exe MD5: E13C6E1ED556320BAE6A67D0E67820F0 Size:638976 MD5: 2B0553988ADE900FF234234461B67426 Size:446464 MD5: 5040B5A44472DAA1519BCBC1ED938768 Size:675328 MD5: B4F805BFD9422F073D0934531739BDC3 Size:761856 MD5: D921AE8315DEADCC2699516E51567FCF Size:770048 MD5: B4F805BFD9422F073D0934531739BDC3 MD5: 6E5324491B9E36B80A131E00D86C0C54 Size:434176 MD5: D8D6A2A93D6ECDF90AC7CC70B1998DE2 Size:446464 %SYSDIR%\rlls.dll MD5: 191230E0F9E3B183875BC2E6519DCFCD Size:344064 MD5: 4E30E1CBE1AB76315C6B070BECB875DA Size:315392 MD5: 46786B2C66A1DE475D5701AF10244942 Size:303104 MD5: BBE1D40E83E6EB8B3B1087DD7B4C1E9A Size:352256 MD5: 96355FE7CE9DD447EB1748A215CED781 Size:270336 MD5: E3B936F37F362B2E67E9E97B7F06A6A6 Size:368640 MD5: DFD1E8E79331697A66EDEDE0EB435527 Size:368640 MD5: 6D798791AFD616D08FDEDF48258A9344 Size:368640 MD5: C44467146588CE6E6D1B609FA397D7F1 Size:385024 MD5: 8A55A49C82B593CBDEAA781432CE1C0F Size:327680 MD5: 174E54EF324B52ABF279B7754AAB7978 Size:303104 MD5: F3862A118585DF7CD2081BC2134895D2 Size:380928 and more.... %SYSDIR%\rlvknlg.exe MD5: 2708244626988F42089E3F390F472E68 Size:1429504 MD5: 4C3E9C9EDD603C9F30BC910F393FA8C1 Size:1429504 MD5: 01416E9CF294A6858DA0E03B108995B7 Size:1114112 MD5: 58F15F4738C1D6BAA45057016D238FDE Size:991232 MD5: 4F2866BE788EA10FE26DD6F37B7835D4 Size:1622016 MD5: 656B54DB957636C9472AD868A07D7EF3 Size:1609728 MD5: 62959C13F4CF9E5CC68A363C02DCCA09 Size:1150976 MD5: 5E6429421D983E4E0E8F1A8E96F56687 Size:1576960 MD5: 5EDDC36AF69F81A65B50D9BBF9C8CC2D Size:1114112 MD5: 7E873D485C9A8ABEE149696745DC2699 Size:1503232 MD5: 03C2939513D1E1A3509BD72801F5DCA1 MD5: 6705277D3196C828653BFA2EE579305F Size:1503232 and more.... %SYSDIR%\OSMIM.DLL MD5: 263650F0AA5653CC4BC7D89669DD1257 Size:167936 MD5: 080C441EDCA06E4773C6138B47B77E84 Size:319488 MD5: 3A5E81300A14AD489DF25AF338F5C99F Size:315392 %SYSDIR%\rk.exe MD5: 29E899AE116A172FDF536295A0C788E5 Size:344704 MD5: 46AECCCD6B6BBAD4FA3C153DE00A3C08 Size:864256 MD5: F43E7627F29B46C26B91C002114FBFB8 Size:864256 MD5: 141BAE5215DE2463759F2AB9400677D6 Size:851968 MD5: 9B966C7D9A061DD5CC8823C45CD5A118 Size:85504 MD5: 95D3A6F65E3A5BB7728D05D05612D122 Size:520937 MD5: FF4D5BBE072B4797F3673D045A192C78 Size:647924 MD5: BE0D4DB013BB2A5C930F0D2669E3CE16 Size:802816 %SYSDIR%\osconfig.dll MD5: 885E25DA2627615C3E6AEDB091CC0A36 Size:225280 MD5: 885E25DA2627615C3E6AEDB091CC0A36 %SYSDIR%\mksc.exe MD5: DAFE4C0D8C4B025C0B5420878690896D Size:802816 %SYSDIR%\osrouter.dll MD5: 166810FC4E896D89D001F356494F3D5D Size:114688 %SYSDIR%\nsosscfg.exe MD5: D6053551E5926C1B90C3DC64C03647D9 Size:45056 MD5: 569D948F32D954DE03379CCE6A312FC3 Size:118784 %SYSDIR%\rlls.dll MD5: AE7DC403CAECD2D47605B6C93BF2E7CD Size:344064 MD5: 4CA695EC1EE4C7CF2144DFA00EA0E1F7 Size:24576 MD5: F652E796C26EC4089D2C03D4C1201A04 Size:327680 MD5: 4166508CC87CEEAA0C02065AF7ED6FB5 Size:380928 MD5: E265B60A4AF7915C7064C2B7AEC8E1D2 Size:344064 MD5: 0CD946F4D6AD079D2967F4736BCAD2DB Size:344064 MD5: EE755CCE82360EE579E6787F8D7C60B3 Size:364544 MD5: 3B5B0B01F5E97C9A0E38F67D5F2E6DCE Size:364544 MD5: 242BF3CB8CA475F2E4DA0770A6270D20 Size:344064 MD5: DB4C51A9A6541BEDC7DFCAF79D341ADE MD5: DB4C51A9A6541BEDC7DFCAF79D341ADE Size:352256 %SYSDIR%\rlvknlg.exe MD5: 9C6457162CB78FB1FFDAB58F7B3EDE5E Size:1622016 MD5: 1999B64E5DB2C8DB3DD8B78C95587CB6 Size:1576960 MD5: BE21A211EF416E06E25B6FC6587122E4 Size:1609728 MD5: 47B6BF94B47392A43F477485135D14EA Size:1605632 MD5: 6D86C218110B5B1D959832A65F400B2C Size:1511424 MD5: F63C3D5EA16B30DAFB3935598A528692 Size:1576960 MD5: 5D324DB65EE01FE64CC207C269D60A70 Size:1613824 MD5: A48B8AA20A85AB49435BDFB5BEFBFDEA Size:991232 MD5: 5B056C8C38A8F4ABBD22AC33E15B946D Size:1515520 MD5: C037AEC77CDBA66FBE764A2526DD1C90 MD5: 4F2866BE788EA10FE26DD6F37B7835D4 MD5: 189AF76DFF141CADFF084CC7577F849D Size:1605632 and more.... %SYSDIR%\OSSPROXY.EXE MD5: A5F305181AFA951EC02195CA54386794 Size:524288 MD5: 719EE66F638BF6E1A5AC8275C81D0B94 Size:37155 %SYSDIR%\csloa.dll MD5: 23DBE95C01BAC29F93624154FF56DC21 Size:135168 %SYSDIR%\RLVKNLG.EXE MD5: 2ECD3117C919AA7878729D5D7F453B6C Size:1626112 %SYSDIR%\rlvknlg.exe MD5: C037AEC77CDBA66FBE764A2526DD1C90 Size:1622016
Detected Files with variable Filenames: MD5: 46AECCCD6B6BBAD4FA3C153DE00A3C08 Size: 864256 %SYSDIR%\rk.exe %SYSDIR%\mksc.exe %SYSDIR%\ossproxy.exe

Detecting items list:

Files by Name %sysdir%\nsosscfg.exe %sysdir%\rk.exe %sysdir%\rlls.dll %sysdir%\rlvknlg.exe %windir%\system\nscheck.exe %windir%\system\nscheck.lgc %sysdir%\csloa.dll %sysdir%\mksc.exe %sysdir%\okshook.dll %sysdir%\osconfig.dll %sysdir%\osmim.dll %sysdir%\osrouter.dll %sysdir%\ossproxy.exe
Files by CLSID or Name CLSID=b2c03e2e-2219-4ff9-810a-540aca63f8d9 CLSID=f88527e2-a8a7-4227-8683-05cfa4eec511 CLSID=2f9bfca0-082b-4aaf-96e5-6dc17ebc8335 CLSID=169c7855-c096-4d45-803b-6441552a7e92 CLSID=35b7e48b-9d81-4c6c-9578-5fd4f620d886
Registry Keys HKCU\software\netsetter
Registry Values HKLM\Software\Microsoft\Windows\CurrentVersion\Run ValueName=OSS

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »