How to remove Windows Tool in 5mn

Written by Administrator | Sunday, 27 February 2011 16:05

Windows Tool is a bogus software that pretends to help you optimizing you computer. In fact Windows Tool is a rogue Antispyware from the Wini family of rogues, it's a malware that pretends to be an Antivirus. It is a wolf in sheep's clothing. It conducts a fake scan of your system; you are warned by a fake alarm that there are more malwares on your system. It’s true indeed, there is really a malware in your system but I think the only malware on your system is Windows Tool. It invites you to purchase a license to remove malware, do not, it's a scam, you need a license for a malware? This so-called Antivirus tries to scam you. Uninstall Windows Tool immediately from your system.

Windows Tool

To remove Windows Tool (Uninstall Windows Tool)

Restart your computer and as soon as your computer turns on hit the F8 key (repeatedly) until a screen comes up
Choose Start computer in SAFE MODE with network support
Open Internet Explorer
Go to Tools => Internet Options => Connections Tab => LAN Settings
Uncheck "Use a proxy server"
Recheck "Automatically detect settings"
Download this free removal tool for Windows Tool
Extract it
Launch
Click on the delete button

Windows Tool will be removed from your system in 10s. Restart your computer when it’s finished.

Processes :

[Random].exe

Files :

%CommonAppData%\~[Random]
%CommonAppData%\[Random].dll
%CommonAppData%\[Random].exe
%CommonAppData%\[Random]
%CommonAppData%\[Random].exe
%Desktop%\Windows Tool.lnk
%Programs%\Windows Tool
%Programs%\Windows Tool\Uninstall Windows Tool.lnk
%Programs%\Windows Tool\Windows Tool.lnk

Registry

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- [Random].exe = %CommonAppData%\[Random].exe
- [Random] = %CommonAppData%\[Random].exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
- LowRiskFileTypes = /hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
- SaveZoneInformation = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
- CheckExeSignatures = "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- Use FormSuggest = "yes"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- WarnonBadCertRecving = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
- DisableTaskMgr = "1"

Remove Windows Tool manually :

Restart your computer in safe mode :
- Restart your computer and as soon as your computer turns on hit the F8 key (repeatedly) until a screen comes up
- Choose Start computer in SAFE MODE
Open the infected account
Open explorer, paste into the address bar %Temp% then press enter, it will open C:\Documents and Settings\Christian\Local Settings\Temp on my computer
Remove all .exe files and all random folders under this path
Open explorer, paste into the address bar %AppData% then press enter, it will open C:\Documents and Settings\Christian\Local Settings\Application Data on my computer
Remove all .exe files and all random folders under this path
Remove Windows Tool.lnk from your desktop
Remove the Windows Tool folder from your start menu
Remove Windows Tool.lnk from your start menu
Click on the start menu button then click on run
Type msconfig and press enter
Go to the Startup tab
Uncheck any random character keys in it and click on OK
Restart your computer in normal mode