New
#1
Dad's PC infected with Dregol, etc.
My Dad's PC was infected with some sort of adware package I think was clicked on in a webpage popup. He says he knows not to do anything but close those out, but I wonder if even doing that can download them. Are they able to reprogram the exit X to download in IE11? Should we always just reboot if a dodgy ad page or popup appears while browsing?
For Dregol, after uninstalling that and some others in Control Panel, a search suggested SPyhunter which I ran. It seems to have found multiple adware and searchware. But when I click Fix Infections it wants us to pay so now I'm suspicious of it. It says it found evidence of Conduit, Search Protect, Adware Helpers which I see no evidence of so I'm now wondering if it is illegit and maybe seeded us. I uninstalled it.
I could not remove Dregol from IE search so reset that browser which seems OK now. There is no evidence of it in files or registry using name search.
MBAM found PUPS I removed but didn't seem to find Dregol, SAS found cookies, so I ran AdwCleaner and ESET online scanner. AdwCleaner found Conduit and Search Protect and some other things but I'm waiting for ESET to finish before cleaning those up since it wants to Force Shut all programs.
Anything else suggested?
Last edited by gregrocker; 12 May 2015 at 12:01.