# How can i permanently remove the this 'use automatic configuration script'?



## CJDavis

Hi

Why is this file or 'use automatic configuration script' reappearing as checked under my connection settings:

http://proxycfg.marketscore.com/gencfg.asp?id=651voz1Nh6&id2=U1eObtwUq5&Ip=1&nsu=5.1.0.4

Could you please help me delete this file from hardrive as it is damaging my Internet settings. I have deleted all other evidence of (www.marketscore.com) spyware using PestPatrol but cannot seem to delete this. Please help.

Many thanks

AOL 7.0
IE 5.5


----------



## TonyKlein

Go to Start > Run, and type Regedit.

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings.

Click 'Internet Settings' once in order to display it's contents in the right hand pane.

Tell us whether the following values are there, and what they say:

ProxyEnable
ProxyHttp
ProxyServer


----------



## CJDavis

Hi again

These are the following values and what they say:

ProxyEnable 0x00000000(0)
ProxyHttp1.1 0x00000000(1)

For some reason Proxy Server is not there however there is a value with this:

AutoConfigURL ...and that proxy marketscore address.

Should i delete this?

Many thanks

AOL 7.0
IE 5.5


----------



## TonyKlein

Absolutely.

Delete the entire AutoConfigUrl value in the right pane.

Tell us whether your Connection settings stick this time.


----------



## CJDavis

It is still there under Use Automatic Cinfiguration Script

i really dont' know what to do!

It is as if the file or program is indesctructable. If i ever you modify the regedit is it best to shut down and restart or it doesnt matter?

I actually went to the proxy address and i got a download program starter file. 

Please, please help!

Regards


----------



## TonyKlein

Go to edit > find in Regedit, and do a keyword search for 'Marketscore'

After the first hit, click F3 to find a possible next instance.

Anything come up?

Also, there may possibly be a restriction in place.

Examine the following regsiry subkeys:

HKEY_USERS\.Default\Software\Policies\Microsoft\Internet Explorer\Control Panel 
and
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel 

If you have one or both of those subkeys that already points to restrictions being set.

If you find any of them, examine the contents.
There might be a 'proxy' value in the right pane which causes this.

The entire Subkey 'Control Panel (only if found at exactly those locations, of course) can be removed.

Tell us what you find.


----------



## CJDavis

Well, basically after pressing F3 i found all these marketscore files under the following areas:

HKEY_CURRENT_USER\Sofware\Netsetter\Netsetter\Settings
HKEY_USERS.\DEFAULT\Sofware\Netsetter\Netsetter\Setings
HKEY_LOCAL_MACHINE\Sofware\Microsoft\CodestoreDatabase\Distribution Units...

I also found HKEY_USERS.\DEFAULT\Software\Netsetter\Setings\OSSProxy\Settings

is it necessary for me to list every single file name to you ?

Regards


----------



## TonyKlein

The HKEY_USERS.\DEFAULT\Sofware\Netsetter and HKEY_CURRENT_USER\Sofware\Netsetter keys can be deleted in their entirety.

The Distribution Units entry is interesting, as it points to Marketscore having installed an ActiveX object in Downloaded Program Files.

Go to Internet Options/General Tab > settings > show objects.
Tell us what you see there.

Eventually, the Marketscore ActiveX needs to be removed, as will the registry entry containing 'Marketscore'


----------



## TonyKlein

Two other things:

Did you find the two 'Control Panel' subkeys at the location I specified?

And download BHO Cop

It detects Browser Helper Objects of the kind MarketScore may have installed as well.

Just activate the program, and tell us what BHO's it detects.


----------



## TonyKlein

You just told me in a PM you deleted the three registry keys.

Please continue to post your progress here at the board so that we can all see how you're getting on.

Be sure to check your downloaded program files and run BHO cop as well.


----------



## Mosaic1

Marketscore used to be known as Netsetter
Here's a link to a page with directions on how to remove the proxy. See if this helps.

http://www.marioncomputer.com/internet/Help/netsetter.htm


----------



## CJDavis

OK, so far, under LAN settings the proxy address has gone -HOORAY!!

But not in dial-up settings!

However, i have so far removed the activex file (ns Browser which appeared to be damaged - 96KB)

I have also removed the two languages thanks Mosaic1, but still doing the Control Panel thing Tony! 

Hopefully it will be cleared soon!

Thanks again


----------



## Mosaic1

Are you still cleaning uot the registry? I would suggest at this point that youDownload and install ADAware. Run it and make a backup in the event of a problem. Also do a deep scan. Look at the log to see what is has found. Make that backup as already stated.

Maybe it will find the remnants. I am not sure, but it might, I also know that Ad-aware recommends it be run twice with a reboot in between to totally remove some problems.

If you want to try it here's the link:
Download the newest version 5.81 If you have an older version of Ad-aware, remove it before installing the newest. Also Download and install the refupdate addon. This will check for updates and will keep you updated.

http://www.lsfileserv.com/


----------



## Mosaic1

I have been reading a bit more and do not think ADAware will do it for you. 
Did you install this on purpose?

Did you install this on purpose?

This is from their Faq page.

What if I don't want to be a Marketscore member anymore?

Although we would hate to see you go, we realize there might be reasons you need to stop being a Marketscore member. If that is the case, simply login to the Marketscore members section by going to www.Marketscore.com then clicking on the 'Members' link and entering your email and password. Once you have logged in, click on the 'Modify or Remove Services' link. There you will find instructions on how to deactivate your membership and unconfigure. (Please note: to avoid disrupting any of your other computer settings, please DO NOT attempt to adjust the settings yourself; instead, please go through the members section as described in this paragraph). If you are having problems removing Marketscore, please click here for Marketscore support information. Before you remove Marketscore, please take a moment to let us know why you are leaving so that we can continue to improve our services.

https://www.marketscore.com/e/faq.asp

Sorry about all the edits. I had a miserable time with the url. Hope it takes this time.


----------



## Mosaic1

CJDavis PM'd me a while ago to say that it is finally gone . I am not sure what finally worked. I am waiting to hear.

This is one nasty Program.


----------



## CJDavis

Hi 

I would just like to say a big public thank you to all to TonyKlein and Mosiac1 for their suport and would like to strongly stress that Marketscore has to be the worst and most annoying program i have ever downloaded. 

I would just like to say, Mosaic1, that i feel both your suggestions and Tony's helped. However, using Tony methods of deleting registy files only appeared to have deleted the 'Use Automatic configuration script' in LAN settings. 

However, i have to say that in order for you to obtain marketscroe on your system you need to sign up via a questionnaire which they ask and they congfigure your browser settings as you sign up. So as soon you enter your details, you've HAD IT basically.

But i found that, in order to PERMANENTLY remove Markesctore' proxy settings from the hard drive and Dial Up connection settings, you needed to 'remove' your self from their list and they then, after asking you why, configure your browser back to normal for you. (See Mosaic1 previous posts on '..configuration script...' thread).

So, i do warn any one reading this to not to sign up in the first place as Marketscore are a nasty piece of work - TAKE MY WORD FOR IT!!

Thanks again to Tony and Mosaic1!! Truly some of the best members around!


----------



## CJDavis

Hi

Me again, just wondering does anyone know what this application is all about. I thought it would have been removed along with other files however it appears i cannot run my Internet connection with out this file. Why is this so? 

regards again


----------



## Mosaic1

I did a little research and found just a little information.

http://groups.google.com/groups?q=O...1c1f87b$ccb27d80$9de62ecf[email protected]&rnum=3


> I downloaded some speed enhancer(netsetter), and then I
> decided it is no good and tried to remove it.
> There was no uninstall, so I deleted the item which
> started everytime I boot up. When I deleted the actual
> file, ossproxy.exe, it just came back. I uninstalled it
> according to what one helpfile had said, about looking in
> the languages tab in internet options; but, then it still
> was around. It would still put its address in my proxy
> box in internet options. I got really upset, so I deleted
> all registry keys where netsetter showed up. Still
> around. So I deleted a file called *csloa.dll*, which one
> of the keys in the registry referred to. If opened in
> wordpad, and searched, it is possible to find netsetter
> and other devilish files which I don't want on my computer
> referenced in csloa.dll. When I removed it, my internet
> doesn't work at all; not just explorer but netscape also,
> so I restored it.
> I wanted the original windows files to get rid of this
> junk, so I removed internet explorer, so that I could
> reinstall it. Now nothing works. Internet explorer opens
> to a DNS error page, as does netscape. Can't connect to
> the internet to install IE6.
> I tried removing all my network stuff, and reinstalling it
> so it might force reinstallation of network files. That
> doesn't work either.
> Any ideas?


----------------------------------------------
http://groups.google.com/groups?q=Ossproxy&hl=en&[email protected]&rnum=5



> Use Find to track down the two files that Zonealarm detects as requiring
> Internet access, The active versions are in Windows/System, and a spare pair
> are secreted elsewhere.
> Delete the "spare pair" of these files.
> Boot from a startup diskette, go to the Windows/System folder, and delete
> the files nscheck.exe and ossproxy.exe.
> Check that the spare pair are still deleted.
> Boot as normal, then go into the browsers and change the proxy settings to
> the original, deleting the path to ossproxy. Close and reopn the browsers.
> While this doesn't get rid of the Registry entries, it does stop the program
> from running. If you just boot from the Startup diskette, and then just
> delete the two files in Windows/System, a hidden file somewhere will copy
> them from the spare pair next time you reboot (or when you close down,
> maybe).


-------------------------------------------------------------
Me again. 
Sometimes removing spyware can have a nasty effect. Ad-Aware has a file you can download. It repairs and returns connectivity in other cases. It's a Winsock fix. I don't know if it will work in this case, but it's something to try.

http://www.lavasoft.de/aaw/binary/whndnfix.zip

Download and copy to floppy. Take it over to the problem computer. Unzip it and run it. Good luck. I hope it helps you out.


----------



## Mosaic1

I should also have asked you how you know that Ossproxy is the problem. Are you getting error messages?


----------



## CJDavis

Hi

Me AGAIN.

I am still happy marketscore is removed but why am i still getting error msgs. For example, trying to access Audiogalaxy Satellite - www.audiogalaxy.com - i am getting Error: Web Site Not responding (502 Connection failed). I dont think there is a problem with the site as i can access it, but not all the time. This is using the AOL service.

Also using Internet Explorer i get 'HTTP 500 Internal server error' every other page i try to access. Could it be that marketscore has completely wrecked my connection settings??


----------



## CJDavis

Sorry for got details:

I am on Win98 SE
AOL 7.0
IE 5.5


----------



## Mosaic1

Earlier you said 


> Me again, just wondering does anyone know what this application is all about. I thought it would have been removed along with other files however it appears i cannot run my Internet connection with out this file. Why is this so?


 Was this an overstatement? You actually can run your internet connection but are having problems connecting to various sites?

Did you download and run the Winsock fix I suggested? 
http://www.lavasoft.de/aaw/binary/whndnfix.zip


----------



## CJDavis

Hi

I have Ad-aware but not sure exactly how to fix the file you mention Mosaic1

Please help

regards


----------



## Mosaic1

Hi,

This is a separate Download from LavaSoft. This is not Ad-aware. This is a fix for a broken Internet Connection after the removal of spyware. I thought at first you had said you couldn't connect at all.

The name of the zip file is
whndnfix.zip

Download it here:

http://www.lavasoft.de/aaw/binary/whndnfix.zip

You need to unzip it and then run sockfix.exe which is contained in the unzipped archive. I am not sure it will help, but it won't hurt and honestly it's about all I can think of at this point to try.

If you don't
have an unzipping program to unpack the compressed archive,
whndnfix.zip , you can download and install Winzip here:
www.winzip.com


----------



## CJDavis

Hi

I have run the winsock fix program and it did not detect any problems/errors thankfully.

One more thing...when i log onto sites using IE5.5 i get the connection message at the bottom of the page 'Finding site: proxyhttp.netsetter.com'. How could this be? All traces of netsetter and marketscore have been removed from my pc!

is ther anyon1 who knows why i am getiing this msg?


----------



## Mosaic1

It sounds like you are still on their Network. Did you go back and check the IE settings again?

Try going to Marketscore again and letting them remove you.

Do not lose that Winsock fix you Downloaded. If you try removing and reinstalling IE and you lose your Internet Connection, runing that fix may get you back online.

I hate to suggest reinstalling that thing and then going over there first to be removed before then cleaning out all the junk. You did it in reverse. Honestly, after reading what others have gone through, I am afraid to tell you to do anything because of the problems involved.

I would email them and see what they have to say about all this. I'd like to see you avoid all the pitfalls and problems others had after trying to resolve these issues themselves. Let's see what they have to say.

http://www.marketscore.com/e/support/support.asp


----------



## Mosaic1

There was a double post on this subject. I advised to go back and read this quote in particular.

http://groups.google.com/groups?q=Ossproxy&hl=en&[email protected]&rnum=5


> Use Find to track down the two files that Zonealarm detects as requiring
> Internet access, The active versions are in Windows/System, and a spare pair
> are secreted elsewhere.
> Delete the "spare pair" of these files.
> Boot from a startup diskette, go to the Windows/System folder, and delete
> the files nscheck.exe and ossproxy.exe.
> Check that the spare pair are still deleted.
> Boot as normal, then go into the browsers and change the proxy settings to
> the original, deleting the path to ossproxy. Close and reopn the browsers.
> While this doesn't get rid of the Registry entries, it does stop the program
> from running. If you just boot from the Startup diskette, and then just
> delete the two files in Windows/System, a hidden file somewhere will copy
> them from the spare pair next time you reboot (or when you close down,
> maybe).


---------------------------------

In other words, do a find files for
nscheck.exe and ossproxy.exe.
Delete the pair you find not in Windows\System

Then you need to boot to the command prompt and use a DOS command to delete to two files from windows\system

To be safe, I would boot and hold CTRL to bring up the Boot menu. Choose Command prompt only. This will take you to this:

C:\>
Type 
cd windows\system and press enter
this will bring you to this prompt
C:\windows\system>

type this and press enter
del nscheck.exe

At the next prompt type this and press enter
del ossproxy.exe

Spaces are important in DOS I will retype these commands using the word space where you need to press the spacebar.

cd space windows\system

del space nscheck.exe

del space ossproxy.exe


----------



## Mosaic1

Did you have any luck? I posted at LavaSoft and so did someone else. He got an official reponse from the Marketscore People on how to remove the Proxy.
Here's the link to that: Do read the link. I quoted the official response but there is more important information on removal in the actual link here:
http://www.lavasoft.nu/cgi-bin/forums/ikonboard.cgi?s=3ce6cfb8175fffff;act=ST;f=5;t=314



> I am a network admin who has been trying to remove marketscore from a machine it infected.
> 
> I noticed a line in the browser settings where it routes the internet connection thru them to monitor all secure and non secure activity for use on comscore.com.
> 
> Ad-Aware did not detect this program that latched itself onto my machine and has no uninstall or opt out built in the design.
> 
> I have done my homework and tracked them down in their homes late at night with a wake up calling expressing my anger.
> 
> After getting good phone numbers, I have rattled some cages and got the removal procedure from a tech who designed the program
> 
> -----------------------------------------------------------
> We apologize for any inconvenience that it may be causing you. One of
> your household member might have configured your machine with
> Marketscore. That is the only possiblity that your machine can be
> configured with our service. * For removal of Marketscore, please follow
> the instructions below.
> 
> 1.
> 
> Click Start.
> 2.
> 
> Select Run...
> 3.
> 
> Type in NSCheck /uninstall
> 4.
> 
> Click OK.
> 
> If the instructions did not work, please reply to this message with your
> phone numbers included.
> 
> Thank you for your patient and understanding.
> 
> Regards,
> 
> Eddie
> Marketscore Support*


----------

