How to Remove Windows Utility Tool (Uninstall Guide)

Windows Utility Tool is a rogue application that gives false reports about non-existent viruses and system errors on your computer. Usually, we encounter fake anti-virus or anti-spyware software but this rogue pretends to scan your computer for registry errors and even checks your Internet connection security, so it's more like a combination of anti-virus software and system optimization utility. It states that you can make your PC run faster. You just need to purchase a license of Windows Utility Tool and it will fix all the errors and remove viruses from your computer. The rogue program displays fake security warnings and pop-ups saying that your computer is infected with malware that may execute malcode, download additional malware on to your computer or even steal your sensitive information. What is more, Windows Utility Tool blocks task manager, registry editor, web browsers and other programs. As you can see, this rogue program uses misleading methods to scare you onto thinking that your computer is infected. Low system performance score and fake security alert may actually trick inexpierenced Internet users into paying for this bogus software. If you somehow ended up with this malware, please follow the removal instructions below to remove Windows Utility Tool and any related malware for free using legitimate anti-malware software.



Windows Utility Tool is from the same family as Windows Security & Control and Windows System Optimizator.
Here's an example of a fake Windows Utility Tool security notification that you will probably see if you got hit with this malware:

System Security warning!
Potentially harmful script execution is detected.
It is strongly recommended to run total System scanning.

The fake message that you will see when you attempt run a program is:



The main executable of Windows Utility Tool resides in C:\Documents and Settings\[UserName]\Application Data\ folder if you run Windows XP. If you have Windows Vista or Windows 7, then this file resides in C:\Users\[UserName]\AppData\Roaming\ folder. The file name is different in each case, we had "spkbqg.exe". This file was hidden. Change folder settings to view hidden files; otherwise you won't find it. Rename the rogue file to "malware.exe" and restart your computer. For more information, please read the removal instructions below. Last, but not least, if you have already purchased Windows Utility Tool malware, then you should definitely contact your credit card company and tell them that this program is an infection. Besides, scammers may charge your credit card again it won't so anything about it. Good luck and be safe online!

---

Windows Utility Tool removal instructions:

1. Rename the main executable of Windows Utility Tool:

In Windows XP:
C:\Documents and Settings\[UserName]\Application Data\[SET OF RANDOM CHARACTERS].exe

In Windows Vista/7:
C:\Users\[UserName]\AppData\Roaming\[SET OF RANDOM CHARACTERS].exe



In our case, the file was spkbqg. Look for similar file and rename it to malware. Then restart your computer. This should disable Windows Utility Tool. After reboot, please continue with the rest of the removal process. NOTE: By default, Application Data folder is hidden. If you can find it, please read Show Hidden Files and Folders in Windows.

3. Download shell-fix.reg. Double-click to run it. Click "Yes" when it asks if you want to add the information to the registry. This file will fix the Windows Shell entry.
4. Download free anti-malware software from the list below and run a full system scan.

• MalwareBytes Anti-malware
• SUPERAntispyware
• Spybot S&D
• Hitman Pro 3.5

NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

4. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET NOD32 Antivirus.

---

Alternate Windows Utility Tool removal instructions (in Safe Mode with Networking):

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Download free anti-malware software from the list below and run a full system scan.

• MalwareBytes Anti-malware
• SUPERAntispyware
• Spybot S&D
• Hitman Pro 3.5

NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET NOD32 Antivirus.

---

Windows Utility Tool associated files and registry values:

Files:

In Windows XP:

• C:\Documents and Settings\[UserName]\Application Data\[SET OF RANDOM CHARACTERS].exe

In Windows Vista/7:

• C:\Users\[UserName]\AppData\Roaming\[SET OF RANDOM CHARACTERS].exe

Registry values:

• HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\[SET OF RANDOM CHARACTERS]"

Share this information with other people: