Solved! Virus dosent let me use Google

[WildJoker]

I stupidly downloaded a virus that didn't let me change proxy or internet settings, and other stuff. I used malware bytes, adwcleaner, and Windows Defender and I think most of it is gone. Now I cant use google but I can use google.ca
on chrome it says: ERR CONNECTION RESET
Edge: Hmm, we can't reach this page.

I also deleted chrome so I could try reinstalling it but I cant because I cant get tot he google website without that error.

I ran RKILL and it says this

* HOSTS file entries found:

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 czzsyzgm.com
127.0.0.1 czzsyzxl.com
127.0.0.1 baidu2019.com
127.0.0.1 .baidu2016.com
127.0.0.1 sogou.com
127.0.0.1 czzsyzgm.com
127.0.0.1 czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 google-analytics.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com

20 out of 90 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/15/2017 12:13:16 AM
Execution time: 0 hours(s), 2 minute(s), and 32 seconds(s)

 

[TMTOWTSAC]

First off, please don't include clickable licks in malware related posts. Second, did you remove your HOSTS file after running RKILL?

 

[WildJoker]

First off, please don't include clickable licks in malware related posts. Second, did you remove your HOSTS file after running RKILL?

Sorry, I didn't know it would do that, should I just remove the RKILL report?. I also don't really know how to remove the host files, can you help me out.

 

[TMTOWTSAC]

First off, please don't include clickable licks in malware related posts. Second, did you remove your HOSTS file after running RKILL?

Sorry, I didn't know it would do that, should I just remove the RKILL report?. I also don't really know how to remove the host files, can you help me out.

I think you can just remove the "www" in front of those addresses. As far as the HOSTS file goes, it's safe to just delete it. Windows will rebuild it automatically with new entries. Just make sure you've verified your DNS settings are correct first.

What's going on is that address names like "google.com" use letters for our sake as humans. Machines communicate with the numeric addresses like the ones in that report. When you type in an address your computer queries a DNS server to look up the numeric address assigned to that domain name. The HOSTS file is essentially a cached lookup table, but it can also be used to remap addresses like you're seeing with yours, or store permanent addresses with no alphanumeric equivalents like some update servers.

The 34.195.153.94 is the IP address the malware assigned to all the addresses you see next to it. Instead of going to the proper server when you type in those addresses, it takes you to that one. Once you've deleted the HOSTS file, it shouldn't find any cached addresses so it will be forced to do a fresh DNS query. Just stay away from whatever got you infected in the first place.

 

[WildJoker]

[/quotemsg]
I think you can just remove the "www" in front of those addresses. As far as the HOSTS file goes, it's safe to just delete it. Windows will rebuild it automatically with new entries. Just make sure you've verified your DNS settings are correct first.

What's going on is that address names like "google.com" use letters for our sake as humans. Machines communicate with the numeric addresses like the ones in that report. When you type in an address your computer queries a DNS server to look up the numeric address assigned to that domain name. The HOSTS file is essentially a cached lookup table, but it can also be used to remap addresses like you're seeing with yours, or store permanent addresses with no alphanumeric equivalents like some update servers.

The 34.195.153.94 is the IP address the malware assigned to all the addresses you see next to it. Instead of going to the proper server when you type in those addresses, it takes you to that one. Once you've deleted the HOSTS file, it shouldn't find any cached addresses so it will be forced to do a fresh DNS query. Just stay away from whatever got you infected in the first place.
[/quotemsg]

Thank you so much!!!! AstroGhost/PC thanks you too!