Help
This forum contains self-help guides on removing common malware and viruses. These guides can be advanced so please use them at your own risk.
How to remove the www.jimbutt.com start page
What this infection does:
- Changes your Internet Explorer
start page to http:://www.jimbutt.com/stuffs/ or http:://www.hotoffers.info/179/
- Delivers popups
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = -http:://www.jimbutt.com/stuffs/
Removal Instructions:
Manual Removal:
- Print out these instructions as you should not start Internet Explorer until
they are completed.
- Download Killbox from the above and link and extract it to c:\killbox
- Navigate to the c:\killbox directory and double-click on Killbox.exe
- When it is open enter c:\windows\system32\systr.dll, or
c:\windows\system\systr.dll if you are using Windows 95/98/ME,
into the field labeled Full path of file to delete. This
infection has recently morphed, so if the previously mentioned file does not
exist, killbox param32.dll instead. They will be in the same
directories.
- Select the Delete on reboot option.
- Then press the button that looks like a red circle with a white X in it.
When it asks if you would like to reboot, allow it to do so.
- When your computer has rebooted and your back at your desktop, download
HijackThis from the above link and extract it to c:\hijackthis.
- Navigate to the c:\hijackthis directory and double-click on HijackThis
- Run HijackThis and press the Scan button.
- Put a checkmark next to the following entries:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:://www.jimbutt.com/stuffs/
- Once those entries are checked, press the Fix button.
- Exit HijackThis.
- In this step we are going to clean out your temp files. Click on Start
and then run, and type %temp% and press
the ok button.
This should open up the temp directory that your machine uses. Please delete all files that are found there. If you get an error when deleting a file, skip that file and delete all the others. If you had trouble deleting a file, reboot into Safe Mode and follow this step again. You should now be able to delete all the files.
- Disable and reenable System restore using the instructions found here:
Windows XP System Restore Guide
Managing Windows Millenium System Restore
- Reboot your computer
This is a self-help guide. Use at your own risk.
BleepingComputer.com can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can post a HijackThis log in our HijackThis Logs and Analysis forum.
If you have any questions about this self-help guide then please post those questions in our AntiVirus, Firewall and Privacy Products and Protection Methods forum and someone will help you.
Back to top
