my homepage opens to bitable.com for both IE and Chrome regardless of my homepage settings
Hi! I have a user whose browsers open to bitable.com regardless of what I have entered in the homepage settings. I have run virus scans and malwarebytes as well and no malicious results. I have made sure there are no unfamiliar programs installed as well. Does anyone know what I should do to get the homepage settings to work? I have no problems getting to other web pages either.
Gabriel Clifton
Reset your browsers and check your registry for bitable.com
ASKER
I did a browser reset already, but how do I go about searching the registry for bitable.com? Please forgive my ignorance as I rarely edit the registry manually.
Your system must have been infected by trojan. Scan your system to detect any trojan.
ASKER
well I have run current and updated versions of Malwarebytes and SEP without any malicious items found already
From run type regedit.exe and hit enter. When Registry Editor opens hit Ctrl + F, type bitable.com and hit enter. Wherever it finds it, examine everything around it, all keys and other strings. If they appear legit just change the bitable.com to your home page and hit F3 to keep searching. Also, try combofix from BleepingComputer.com.
ASKER
Hi Gabriel,
I did find two instances of this in the registry:
1.) hkey_current_user<Software
2.)hkey_user<S-1-5-21-*ran
Am I able to modify/delete them?
I did find two instances of this in the registry:
1.) hkey_current_user<Software
2.)hkey_user<S-1-5-21-*ran
Am I able to modify/delete them?
Yes modify.
ASKER
Ok I tried modifying them, but when I open IE or Chrome, a new registry key appears in those same sections for bitable.com and the browsers open to that page still. Should I try the combofix instead?
Yes, you still have something there that keeps changing it back. Be careful with combo fix. I have seen it break some things in the past. Back up, back up, back up.
ASKER
well short of the combofix, is there anything else I can try/check?
That is one of the best.
ASKER
ok gotcha, I will give this a try tomorrow and come back with the outcome. Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Awarding points is purely your opinion. Whomever gave the the best answer to solve your problem gets the accepted solution, even if it is your own, and any helpers get assisted answer, but only ones that helped solved it. So if you figured it out on your own and everyone else was trivial the you get all the points.
ASKER
Ok thanks Gabe, I appreciate the guidance!
ASKER
This really was the only solution as the other solutions didn't change the state of the machine at all though everyone's efforts were much appreciated