|
-
October 8th, 2002, 02:35 AM
#1
Getting Rid of Istarthere.com
Several months ago the web site Istarthere hijacked my home page.
I got rid of it. Or so I thought.
Now I find that if I click on the Search function on my hme page then Istarthere comes up there.
Also, I found out that its still there when I click on the DEFAULT
setting when I am trying to change my home page setting.
What can I do to completely eradicate this pervasive pest?
-
October 8th, 2002, 03:01 AM
#2
Do you have a startup entry in msconfig called gshp linking to zzgshp.vbs (or a file called winsys.vbs)?
Actually I think AdAware targets this one now - how did you get rid of it the first time?
http://www.lavasoftusa.com/
I think SpybotSD also gets it.
http://patrick.kolla.de/software/spybotsd/
Have you looked for an activex object in Internet Options > General Tab > Settings > View Objects ?
They actually have a remove site - but I'm not really sure I trust it.
Last edited by IMM; October 8th, 2002 at 03:18 AM.
-
October 8th, 2002, 09:42 AM
#3
Dr. Seven, The below instructions may be of some help.
Here is a Registry hack to remedy this particular hijack. The customary warning and disclaimer apply. For help with Regedit, see 'OLEXP: About the Registry and How to Use Registry Editor (Q293130)':
http://support.microsoft.com/default...;en-us;Q293130
and for instructions on 'How to make a backup of the Windows registry':
http://service2.symantec.com/SUPPORT...f/docid/199762 382617
Launch Regedit and navigate to the following key...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Cur rentVersion\Run]
Then look for the following three entries...
"5-1-25-342"="c:\\windows\\5-1-25-342.exe -m"
"5-2-110-7"="c:\\windows\\5-2-110-7.exe -m"
"zzgshp"="C:\\WINDOWS\\gshp.vbs"
The first two are diallers and the third is a Visual Basic Script which sets a new home page in the registry. All three need to be deleted. (Attribution: spywareinfo.com forums).
The reason websites are able to do this, is because both Microsoft's Internet Explorer and the Windows 'operating' system are ludicrously insecure. In particular, Internet Explorer's ActiveX capability is a serious vulnerability. If you must use Internet Explorer, you can disable Active Scripting. However, by doing so you will lose some functionality such as multimedia playback. Much better to sideline Internet Explorer altogether and use a more secure browser. I suggest using Netscape 7 or Opera (see below).
The above instructions are from the link below.
http://www.vnunet.com/forums/thread....11&thread=2688
HTH
Tufenuf
-
October 8th, 2002, 02:07 PM
#4
RE: Getting rid of Istarthere
I went into regedit and found gshp.vbs.
I deleted it. The other two files or
whatever you call them were not there.
I went back to my home page
and clicked on Search. Istarthere is
still there.
I got rid of (or so I thought) Istarthere the first time
because someone found an article on the
internet that told about gshp.vbs I
went into regedit and FIND (on start menu)
and deleted it. The page on the
internet by Istarthere that supposedly
tells how to get rid of it is a sham.
Apparently, Istarthere is harder to get
rid of than just using regedit.
Any other ideas?
-
October 8th, 2002, 02:22 PM
#5
Dr. Seven, Check out the many links/threads at the search link below. From what I gather the Spybot program mentioned in another previous reply is supposed to get rid of it. Here's the search link.
http://www.google.com/search?hl=en&i...=Google+Search
Good Luck,
Tufenuf
-
October 8th, 2002, 02:41 PM
#6
RE: Istarthere
Have downloaded Spybot. Will let you know if it
works.
-
October 8th, 2002, 02:59 PM
#7
RE: Istarthere
Spybot did the job! Istarthere is gone!!
I have run adaware any number of times and it
didn't do anything. Tell people that adaware
is worthless for this.
Thanks so much for the tip!!
-
October 8th, 2002, 03:03 PM
#8
 It worked rather well for me, but I did have the latest refupdate
Of all the things I've lost, I miss my mind the most
-
October 8th, 2002, 03:41 PM
#9
RE: Istarthere
If you're talking about adaware then I
had the version from late last year and
that one didn't work.
I was unaware that adaware had a newer update
and no one mentioned it here.
Whatever works though, huh?
-
October 8th, 2002, 03:46 PM
#10
Horses for courses!! The main thing is that your problem is solved, it really doesn't matter how! 
Of all the things I've lost, I miss my mind the most
-
October 8th, 2002, 03:52 PM
#11
RE: Istarthere
Just for curiosity I checked the update page
for Adaware. It said that the newer version
only worked with windows 9x ME etc. No
mention of windows 98 that I could see.
I have windows 98.
-
October 8th, 2002, 04:48 PM
#12
9x means any version of windows beginning with a 9 ie
95
95OSR1
98
98SE
Of all the things I've lost, I miss my mind the most
-
October 8th, 2002, 07:18 PM
#13
SpyBotSD is looking to be a keeper 
-
October 9th, 2002, 01:19 AM
#14
RE: Istarthere
Thanks for the info. I didn't know that
9x stood for windows 98. I still have
the earlier version of Adaware. I might
update it if Spybot fails me somehow. But
I doubt that since it too can be updated.
For the mean time, Spybot is a keeper.
Thanks again to all that helped with this!
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
