[Janice D. Soderling]

This happened to me a while back. It is malware that has somehow infiltrated your machine to cause the appearance of certain words on your screen to pull up junk.

I too was frantic, Ann, like you and there is a thread somewhere by me that sounds like you. It won't infect via Eratosphere.

I have forgotten how I got rid of it but I did. Run your virus program to start with, and do a complete scan. Try changing browsers. Someone smarter than me will be along soon to propose the solution.

[Ed Shacklee]

Ann, I did a search for Dregol, and there are instructions on the Net here. They're rather long-winded but supposedly effective. I'll copy them for you either on the Sphere or in an email if you like.

Good luck!

Best,

Ed

[Ann Drysdale]

Thanks all - Ed, if you copy them on the Sphere others may benefit, too. My virus scan is still running...

[John Whitworth]

Not smarter, Janice. Just better at this sort of thing.

[Ed Shacklee]

Quote:

Originally Posted by Ann Drysdale

Thanks all - Ed, if you copy them on the Sphere others may benefit, too. My virus scan is still running...

Here's the shorthand version, anyway:


STEP 1: Remove Dregol Search browser hijacker from your computer with AdwCleaner

STEP 2: Remove Dregol Search from Internet Explore, Firefox and Google Chrome with Junkware Removal Tool

STEP 3: Remove Dregol Search malicious files with Malwarebytes Anti-Malware Free

STEP 4: Double-check for the Dregol Search infection with HitmanPro (Optional)

STEP 5: Remove Dregol Search from Internet Explorer, Firefox and Google Chrome

[Ann Drysdale]

Well, I've run a full scan and dumped a lot of dodgy files into the virus vault - but the mad ads are still there and my default browser is still Dregol. Bugger.

I am looking at Ed's method and have only just realised that steps 1-5 are not consecutive steps, they are alternative software downloads. I looked at the first one which seemed anxious to be paid in Bitcoins and the last one which tells me to close all programmes before clicking the link and I don't see how that can be possible...

Has/can anyone tried/recommend any of the software

I am feeling like Gregory Corso in my rising desire to throw the whole fudgebucket "out the window".

[Janice D. Soderling]

Ann, this Dregol malware infects browsers, so eliminating it will depend on which (infected) browsers you are using.

You might have downloaded some freebie that included an invisible version of the malware. Here are some instructions (with links) that may help you get rid of it.

Check out the list of add-ons to determine where the malware is attached and then remove it with an uninstall. (Make sure you have a good backup of your system before attempting to make changes in the system.

If you don't feel comfortable doing it yourself and if you have (for instance) protection via Norton, they will do it for you--it is part of the protection package you are paying for.

It might suffice to switch to a new browser and then uninstall the infected one. I think that is what I did, but I'm not sure. Otherwise, check out the following instructions.

Dregol.com infects your Internet Explorer when a browser hijacker that comes with freeware sets it as your homepage or a search engine. It can install Internet Explorer extension or browser helper object or just replace your search engine and homepage with different web pages used for promotion. So, if you want to remove Dregol.com from Internet Explorer, then you should remove this component(s) and restore your favorite homepage and search engine.

http://malware-detective.com/remove-...rnet-explorer/

How to remove Dregol Search in Chrome, Firefox and IE

The adware called Dregol is trending on security discussion boards currently, so the article below is going to sort of aggregate the known information about this threat and add in-house research data. The most important part of the present entry is dedicated to the instructions on Dregol removal and ways to restore the system settings that the virus changed.
It doesn’t take a rocket scientist or an IT guru to tell a normal web service enhancement tool from a malicious one. The key differentiation here is in the realm of an app’s activity and symptoms it causes. Normal add-ons won’t make changes to the browser settings unless authorized to do so, whereas adware doesn’t ask the user for approval. The Dregol Search extension, for instance, circumvents the user consent phase while drastically modifying the way Chrome, Firefox and Internet Explorer operate on a PC. Likewise, people get this program without really being aware that it’s getting inside, rather than install it voluntarily. This behind-the-scenes installation is powered by a multitude of applications that covertly host the potentially unwanted payload. During the setup of affiliated software, you might actually get a notification about extra promotions, but this information is overlooked by most users because it’s embedded in the default installation options. The types of such underhand shipper programs vary, but in most cases these are free multimedia tools, streaming video downloaders, poorly rated OS maintenance utilities and cracked variants of software updates that are critical for system stability.

http://keonesoftware.com/guides/dregol/

Remove Dregol Search from Mozilla Firefox, Google Chrome and Internet Explorer

You are here:Home » Types of Threats » Remove Dregol Search from Mozilla Firefox, Google Chrome and Internet Explorer
Dregol is a growing adware menace distributed via popular open source software installs, the overall contamination surface thus being large enough for the security industry to sound some alarm bells. It’s not a nasty virus, identity theft infection or scareware, but the trouble it causes victims is more than substantial as it affects the usage area that computers these days are nearly worthless without – web browsing. Also, this sample is not a code that executes and does filthy things in the background. Instead, you can easily spot it on your browser add-ons list, but there is a delineation from the normal extensions: you never allowed this one to be installed, at least you didn’t do it knowingly; and the imbalance of privileges that it gets is striking. Another non-standard feature of this app is that it cannot be removed as easily as the rest of your web service enhancements. All of these attributes add up to the clear-cut classification of Dregol as adware.

http://nabzsoftware.com/types-of-threats/dregol

[Ann Drysdale]

Right from the very beginning I knew what it was and now, thanks to reading this, Janice, I know how I "caught" it. It was a disguised download pretending to be an update to Adobe Flash Player. I couldn't open any YouTube clips and kept getting this prompt to download the "update" and I did.

So you see why I am doubtful about downloadng any of these software solutions and am asking if anyone can recommend just one that they have used and that I can trust.

I am battling on. Thanks for the extra piece of the puzzle.

[W.F. Lantry]

Ann,

Step one: download Malwarebytes. https://www.malwarebytes.org/mwb-download/

Run it.

More when you're done with step one...

Thanks,

Bill

[W.F. Lantry]

OK, so it's not a virus, it's just a browser hijack. No biggie. But you should be running malwarebytes in the background anyway, because: yikes!

You just have to get rid of it, one step at a time. First, go to control panel, programs and features. Is it listed there? if it is, uninstall it.

While you're in there, check for any new programs you've installed in the last couple weeks. If there's anything that looks at all dodgy, dump it!

Second, do you use any toolbars, in any of your browsers? Get rid of them... those things are evil.

Third: go into your settings, on each browser. Don't be tempted to skip one just because you don't use it. Change the search engine setting back to what you want, in each one. While you're in there, change the homepage setting too. Also, check your extensions. If anything looks suspicious, disable it.

Has malwarebytes finished running? Quarantine whatever it tells you to. With extreme prejudice!

It will probably want you to reboot. Starting fresh is always a nice idea.

There's a guide here: http://support.kaspersky.com/us/viru...s/10319#block2

Are you back up now? Good! Any improvement? Let's hope so. If it's not completely gone, go here: http://www.bleepingcomputer.com/download/adwcleaner/

Download the cleaner. Don't worry, it's got like 300,000 downloads this week alone. Run the cleaner. Usually, while I'm at bleeping computer, I also download the latest version of their combo fix. There's a link on the right side of the page. Sometimes I even download and run the latest version of their junkware removal tool. All three are safe and effective.

Let us know how it works out!

Best,

Bill