Exterminate It! Antimalware


Known threats:700,085 Last Update:March 01, 12:55


Just purchased Exterminate It to remove Fake Screensaver and Richvideocodec, within minutes solved a problem I have been agonising over for days, saved my computer and sanity with minimum expense and fuss, thanks for a great product.

Craig H.

File: dregol.xml

Location of dregol.xml and Associated Malware

Check whether dregol.xml is present in the following locations:

Windows 2000, Windows XP, Windows Server 2003 specific dregol.xml file locations:

  • C:\Documents And Settings\USER_NAME\Application Data\mozilla\firefox\profiles\[%PROFILE_FOLDER%]\searchPlugins\dregol.xml
  • C:\Documents And Settings\USER_NAME\Application Data\Mozilla\Firefox\Profiles\el2q0o91.default\SearchPlugins\dregol.xml

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific dregol.xml file locations:

  • C:\Users\USER_NAME\AppData\Roaming\mozilla\firefox\profiles\[%PROFILE_FOLDER%]\searchPlugins\dregol.xml
  • C:\Users\USER_NAME\AppData\Roaming\Mozilla\Firefox\Profiles\el2q0o91.default\SearchPlugins\dregol.xml

If you find dregol.xml file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The dregol.xml file is associated with malware only if found in the locations listed above.


Different Variations of dregol.xml File^

File SizeFile Md5Last Seen
2338091E157FE20B5E9A1D6469D10368E45BApr 1, 2015
23358A8A759557FC8D613D74D41CE4EEED79Apr 21, 2015
23370C343A2781107A3AE3E908CB6101ED4DMay 4, 2015
2337BC53F8FC704FEADDA394AE14FA6CC9ABMay 8, 2015
2336175B9A1A35386AC63A8FE187452F68CBMay 9, 2015
2338A390C36B772E5718D7593B0E4CCAFCCDMay 12, 2015
27597A5892A02B3EC01958D8D3216F23D9BCJun 18, 2015
2337478E283F0A4CA7775520CE34285E1DE2Jun 25, 2015
2353258A5E0C7C3DED6D9C0C3469699FD702Jul 18, 2015
23414BF54D242C3A49D55B6102AB95FCB940Jul 30, 2015
2347C2B2E1F685BC52E6EE28753495C1B4A5Aug 1, 2015
279513A14912F4EFF4952E98311E128F4CF0Aug 10, 2015
2334770103181286A7E7E936F1551F56CA57Aug 13, 2015
28057E1B0C4A54E85CD864C61717B131B240Aug 24, 2015
236002FE20CAECFDF246B5F3DF4B9395C508Aug 29, 2015
2359540DEE65ADAA920C7BD7AAD5CE95F9F2Sep 4, 2015
283559D4BF7DE33162BF0FA4460305203525Sep 20, 2015
23644AC75394CFF0B3E638B824BF01C5ACB4Oct 3, 2015
2337225E9C8E51934052AE7CA5538CCA365EOct 7, 2015
234414B44DD4D4077BB528A7FAF3D0C18639Oct 28, 2015
2338C70404EB06F5630AFB2CEDF6E75FAABANov 3, 2015
23260B7F2EADCFB94AA09A1FB802F05AFE4ENov 11, 2015
23378511526EDF4E36FFCA33B29D04B46442Nov 30, 2015
2753A60EBEF4E9D5A56D425B1EB59D4B3BD4Dec 6, 2015
2409C564C1C8840F48E9FAC98EDDB546E5BCJan 5, 2016
233419A96EB62F6F1206D95DAD95D4B8C945Jan 7, 2016
23370ACD70B6EE0ECEA0C1B8285AFFE3A914Jan 7, 2016
23410FFDF780523B6831361B5D4F1B63B4F8Jan 19, 2016
2322E3B7C7FC901D34DD92578C1740984982Feb 8, 2016
23372806C64CEE0E6429B52D395515ECEB3FFeb 10, 2016
233674AAA3CB4D57046A89694915537ED7BFFeb 28, 2016
2769F915145292A71A79150A79C2C566B423Apr 1, 2016
233573F7BF5E5852EFF058AD2C48F6BA01D5Apr 30, 2016
2334D9C0CC37EA5446BD5806DAA8BBEEAA8BMay 7, 2016
2348F15809D7FBFABDFBA92A59058DEC3500May 26, 2016
2336E92CCC52EA6F730F67A7EC48E29C6E6EMay 29, 2016
2771126F6BB756A50BC8EF84DC160839FC2EJun 9, 2016
2805C6F14086F45D0421392539C743491FEFJun 13, 2016
2761872BE5CA069FDB7426BDAE05A24D646DJun 13, 2016
2334E6FAEC5703CB1302999A60EFB9E654C9Jun 26, 2016
2385371F1F5A25C73D6591328851DA1511D7Jun 30, 2016
23381AE9048D780B4DC61F7D90F86CF93735Jul 18, 2016
23347CA0F7794F596E7A2101C487C3ADCF16Jul 24, 2016
272736E3202EF2C77BA60D1F3E564198578EAug 31, 2016
2759585C04B85299D53973FD92E548A314C3Sep 1, 2016
2337C8DD212A518009E29716D73042DFE300Oct 4, 2016
27991640D12C1B84038B020DC3661693AAC9Oct 26, 2016
2337763338DA6C890846D44D4730ED27636BDec 7, 2016
233756D77CC075D68BB9D4B0B7E57DA7AE60Dec 15, 2016
2759A216CB3840D88D033D4D6F77610E704BDec 31, 2016
23231E2B3C0C2ED6B101A8950483CD13F334Feb 2, 2017
2751716E0684460BB3483D1ACB2B4BE78467Feb 11, 2017
23374BFE2E5E07B67C6466F76029D1C229F6Feb 19, 2017
2338E43638420DBE9F54782F0213500DD6CAMar 19, 2017
233778B70E796829F321F06EA6C2D5D14113Mar 29, 2017
27234F64662A806BE2683D67C8584A88FED4Apr 22, 2017
238326F7F8A3797D179AA1E82B8CAC8DDDF4May 7, 2017
234327B28AA114A4E2E7E6EF42C9FF3C0418May 27, 2017
232511FD9050E5D25D3F232EBD5D21EDD651Jun 18, 2017
23389EAF379213B873C9927D80AC3F2E7646Jun 22, 2017
23375877BEBAB77B407095BD88E5CC5EBB0AAug 4, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove dregol.xml^

  1. To enable deleting the dregol.xml file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select dregol.xml and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of dregol.xml and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of dregol.xml and Associated Malware.
  6. Notes:

    • The deletion of dregol.xml will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of dregol.xml will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a dregol.xml malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type dregol.xml. The name of the first found registry value referencing dregol.xml is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to dregol.xml, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of dregol.xml and Associated Malware.