How do I get rid of
Cdn.startpagea.com Redirect Virus
McAfee won't do it
What message does McAfee give you when it determines it's unable to remove the virus?
Maybe our Shaw Secure expert shaw-phil will have some advice when he is in next.
No message it just ignored it. I downloaded AVG and it also does not recognize it.
I searched the net and it is referred to as a virus but nothing I tried in regedit can get
rid of it. Seems if I am willing to buy a program I can get rid of it but would rather
get an unbiased opinion first.
Thanks for your input
If you've got Shaw Secure (McAfee) installed and it's not removing the infection, then we will support this and help you get rid of it manually. shaw-phil is part of our Shaw Secure team and will be able to help for sure, although he's not in until tomorrow. We'll likely need to connect with you directly through a screen sharing session.
If you like, I can get your details through direct messaging and set up a call back for you.
Let me know.
Setting up a callback with our department would be easiest. But a few questions that may help you get a few steps ahead while waiting for a callback.
What browser are you using? Have you checked the browser for unknown add-ons or extensions? Have you tried simply changing your homepage within the browser's settings? If so, does it immediately change back (in the settings) to this unwanted page? Have you checked your control panel add/remove programs (programs and features) for unwanted software?
Cdn.startpagea.com isn't actually a virus but a browser redirect. Removing it is a bit complicated, but try to follow through.
1. Reboot your computer.
2. Use Control Panel, Add, Remove Programs or Programs and Features and uninstall the Cdn.startpagea.com toolbar. This will not remove the hijack, but prevent it from automatically reinstalling itself once you do remove it.
3. Start IE and go to manage add-ons. The process for this varies from version to version but requires you to click on the gear icon (settings) and selecting manage add-ons
4. Click on Toolbars and Extensions on the top left. Click on Cdn.startpagea.com (if it is there) and then click on disable (bottom right)
5. Click on Search Engines (top left). Click on any search engine you don't recognize and disable it as well (sorry, I'm working from memory and can't remember the name of the search engine Cdn.startpagea.com installs)
6. Open regedit
7. Backup your registry by exporting it - File, Export, All, and put it in a folder off of the root
8. Delete the key: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vir-help.exe
9. Change the value of the key: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell from whatever random.exe name it has to explorer.exe - the value is usually random characters not making a "word"
10. Reboot your system again and test
I haven't dealt with malware that replaced explorer.exe in quite a while... Nasty...
Nasty, and also the "key" to the thing...
Retrieving data ...