Utilitool Malware Removal

Can’t Remove Utilitool hijacker virus? This page includes detailed Utilitool Removal instructions!

Utilitool is a deceptive browser extension. Security researches categorize it as a browser hijacker. It is a parasite that corrupts your favorite browsers and throws you into a whirlwind of ads. Utilitool follows programming to generate revenue through a pay-per-click mechanism. It displays ads and gets paid when you click on them. Don’t imagine an ad or two, though. No! The hijacker inserts various banners on every website you visit. It also opens pop-ups and plays video commercials. It even turns random text into hyperlinks. You can barely get any work done. The hijacker always finds a way to interrupt you with an advert of some kind. Click nothing! These “great deals” are not trustworthy. A parasite displays them. You can’t expect them to be beneficial. Quite the contrary! More often than not, the “Ads by Utilitool” are deceptive and misleading. Some of them are even malicious. These annoying pop-ups, banners, and notifications arise unwarranted expectations at best. At worst, they redirect traffic to scam and corrupted websites. That’s the nature of the hijacker. It not only ruins your browsing experience but also threatens to lure you into online traps. Don’t put up with this situation. Your best course of action is the immediate removal of the parasite. Find where Utilitool hides and delete it upon detection!

How did I get infected with?

Fake updates, corrupted links, malicious ads, malvertising, pirated software. There are myriads of malware distribution tricks. Utilitool, however, tends to travel the Web hidden in software bundles. The hijacker gets installed alongside third-party apps. It infects your PC when you “forget” to deselect it. Do not make that mistake! The hijacker preys on your naivety. No anti-virus app can protect you if you throw caution to the wind. Your vigilance, on the other hand, can keep the parasites away. Even a little extra attention can spare you an avalanche of problems. So, don’t be lazy! Take the time to do your due diligence. Don’t visit questionable websites. Download software from reliable (preferably official) sources only. And forget about the “Next-Next-Finish” setup strategy. If available, use the advanced/custom option. Deselect the unwanted bonus apps. And before you hit that “Accept” button, go through the terms and conditions. Of course, if you can’t read the whole document, you can use an online EULA analyzer. Opt out of the installation if you notice anything suspicious!

Why is this dangerous?

As soon as Utilitool sneaks into your computer, corruption follows. The parasite modifies your browser settings and throws you into a whirlwind of reshuffles. It replaces your default search engine and forces you to use a questionable alternative. You might also end up with a new homepage. There is nothing you can do to restore your preferences. The hijacker locks the changes. As long as it’s active, you are stuck with its modifications. And if you are not sure, that’s dangerous. Utilitool uses a search engine that provides more ads than actual results. The search tool also displays sponsored links that are not marked as such. How do you think that ends? Hundreds of dodgy websites pay for their links to be displayed at the top. You risk ending up on phishing and corrupted pages. And that’s only the tip of the iceberg. You can notice the full extent of the corruption only when you examine the ads carefully. Everything “Powered by Utilitool” is targeted at you. The hijacker bases its ads on your online activities. This parasite spies on you from day one. It knows which websites you visit, what search queries you make, which links you follow. The Incognito mode can’t hide you. The hijacker knows everything. And if you are out of luck, some pieces of data, your search queries, for example, may leak confidential details. Do not risk it! Protect yourself and your privacy, remove the hijacker ASAP!

How to Remove Utilitool virus

The Utilitool infection is specifically designed to make money to its creators one way or another. The specialists from various antivirus companies like Bitdefender, Kaspersky, Norton, Avast, ESET, etc. advise that there is no harmless virus.

If you perform exactly the steps below you should be able to remove the Utilitool infection. Please, follow the procedures in the exact order. Please, consider to print this guide or have another computer at your disposal. You will NOT need any USB sticks or CDs.

STEP 1: Track down Utilitool related processes in the computer memory

STEP 2: Locate Utilitool startup location

STEP 3: Delete Utilitool traces from Chrome, Firefox and Internet Explorer

STEP 4: Undo the damage done by the virus

STEP 1: Track down Utilitool related processes in the computer memory

• Open your Task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
• Carefully review all processes and stop the suspicious ones.

• Write down the file location for later reference.

Step 2: Locate Utilitool startup location

Reveal Hidden Files

• Open any folder
• Click on “Organize” button
  
• Choose “Folder and Search Options”
• Select the “View” tab
• Select “Show hidden files and folders” option
• Uncheck “Hide protected operating system files”
• Click “Apply” and “OK” button

Clean Utilitool virus from the windows registry

• Once the operating system loads press simultaneously the Windows Logo Button and the R key.

• A dialog box should open. Type “Regedit”

• WARNING! be very careful when editing the Microsoft Windows Registry as this may render the system broken.

Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

• and delete the display Name: [RANDOM]

• Then open your explorer and navigate to: %appdata% folder and delete the malicious executable.

Clean your HOSTS file to avoid unwanted browser redirection

Navigate to %windir%/system32/Drivers/etc/host

If you are hacked, there will be foreign IPs addresses connected to you at the bottom. Take a look below:

STEP 3 : Clean Utilitool traces from Chrome, Firefox and Internet Explorer

• Open Google Chrome

• In the Main Menu, select Tools then Extensions
• Remove the Utilitool by clicking on the little recycle bin
• Reset Google Chrome by Deleting the current user to make sure nothing is left behind

• Open Mozilla Firefox

• Press simultaneously Ctrl+Shift+A
• Disable the unwanted Extension
• Go to Help
• Then Troubleshoot information
• Click on Reset Firefox

• Open Internet Explorer

• On the Upper Right Corner Click on the Gear Icon
• Click on Internet options
• go to Toolbars and Extensions and disable the unknown extensions
• Select the Advanced tab and click on Reset

• Restart Internet Explorer

Step 4: Undo the damage done by Utilitool

This particular Virus may alter your DNS settings.

Attention! this can break your internet connection. Before you change your DNS settings to use Google Public DNS for Utilitool, be sure to write down the current server addresses on a piece of paper.

To fix the damage done by the virus you need to do the following.

• Click the Windows Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results displayed above.
• go to Network and Internet
• then Network and Sharing Center
• then Change Adapter Settings
• Right-click on your active internet connection and click properties. Under the Networking tab, find Internet Protocol Version 4 (TCP/IPv4). Left click on it and then click on properties. Both options should be automatic! By default it should be set to “Obtain an IP address automatically” and the second one to “Obtain DNS server address automatically!” If they are not just change them, however if you are part of a domain network you should contact your Domain Administrator to set these settings, otherwise the internet connection will break!!!

You must clean all your browser shortcuts as well. To do that you need to

• Right click on the shortcut of your favorite browser and then select properties.

• in the target field remove Utilitool argument and then apply the changes.
• Repeat that with the shortcuts of your other browsers.
• Check your scheduled tasks to make sure the virus will not download itself again.

How to Permanently Remove Utilitool Virus (automatic) Removal Guide

Please, have in mind that once you are infected with a single virus, it compromises your whole system or network and let all doors wide open for many other infections. To make sure manual removal is successful, we recommend to use a free scanner of any professional antimalware program to identify possible registry leftovers or temporary files.