Posey's Tips & Tricks

How To Alter the Edge Browser's Ability To Access a Site

Here's how I fixed an issue when malware took down Edge's ability to connect to Google.

I use the Microsoft Edge browser on my primary desktop PC, and the browser is set to open Google as the default page. A few days ago, I started getting the infamous "Hmm, we can't reach this page" error, shown in Figure 1. At first, I thought that my Internet connection was down. I live in a rural area, and my connection goes down fairly often. But then I noticed that a download that I was running on another computer was still progressing. To make a long story short, the problem was isolated to one computer, and it only affected google.com. Everything else worked fine.

[Click on image for larger view.] Figure 1. Google was inaccessible.

To the best of my knowledge, no new updates had been installed and I had not encountered any malicious Web pages (at least not that I know of), so I was a bit perplexed as to what was going on.

The first thing that I did in an effort to diagnose the problem was to try pinging Google. I simply opened a Windows command prompt and typed Ping www.google.com. The ping was returned successfully, as shown in Figure 2.

[Click on image for larger view.] Figure 2. I was able to successfully ping Google.

Since I was able to ping Google, I decided to try entering the IP address that is shown in the figure above directly into my browser, rather than typing the Google URL. Although this trick has occasionally worked for me in the past, it did not work this time. Google was still inaccessible.

At that point in the process, I assumed that maybe I had suffered some sort of DNS poisoning attack. As such, I cleared my DNS resolver cache by typing IPCONFIG /FLUSHDNS within the Command Prompt window. Once the cache had been cleared, I tried the ping again. However, the ping resolved to the same IP address as before. You can see what this process looks like in Figure 3.

[Click on image for larger view.] Figure 3. Flushing the DNS resolver cache did not solve the problem.

Because the problem was isolated to this one specific computer, I decided to ping Google from another computer to see which IP address was returned. As suspected, the ping returned a completely different IP address, which you can see in Figure 4.

[Click on image for larger view.] Figure 4. Pinging Google from a different computer returned a different IP address.

At this point, I decided to try putting this IP address into my browser to see if I could access Google. Not only could I not access Google, but I noticed that my cursor was spinning. This made me suspect that my browser might be infected with some sort of malware.  Out of curiosity, I decided to open Google Chrome (which I almost never use) and try accessing Google. Chrome had no trouble. Clearly, there was a problem with the Edge browser. There might also be a DNS problem. It is possible that since Google makes Chrome, Chrome might have a direct path to Google that did not require a DNS resolution.

The next thing that I did was to open the Edge browser to an empty page. I then pressed the F12 key to reveal its developer tools. I went to the Network tab and then tried to access Google. You can see the results that were returned in Figure 5.

[Click on image for larger view.] Figure 5. This is what happened when I tried to access Google.

As you can see in the figure above, the browser contained references to c.betrad.com. I was initially unfamiliar with this, but a quick Bing search revealed a number of pages describing c.betrad as malware. With that information in hand, I tried running Windows Defender and the Windows System File Checker, but neither identified any problems. As such, I decided to get rid of the software manually. I started out searching my computer for any instances of betrad. As you can see in Figure 6, I found several files. I also discovered a number of registry entries containing references to betrade. I promptly deleted all of the betrade references within the registry.

[Click on image for larger view.] Figure 6. A search of my computer revealed several betrad related files.

The next thing that I did was to search the registry for any references to the files shown in the figure above. I didn't receive any search results, so I closed the registry editor and deleted the offending files.

Upon rebooting, I still couldn't access Google, but I was able to confirm that the malware was gone. Since I couldn't find the DNS redirection, I edited my computer's Hosts file (C:\Windows\System32\Drivers\Etc\Hosts) and added an entry for Google, which you can see in Figure 7. This fixed the problem.

[Click on image for larger view.] Figure 7. I added a reference to Google to my computer's Hosts file.

Although the Edge browser is more secure than its predecessors, it is not immune to malware. Fortunately, there is often a way to get rid of such infections when they occur.

About the Author

Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.


comments powered by Disqus

Subscribe on YouTube