Description of Master Utilities and consequences of its residing on your PC’s

Master Utilities is a wording used to title refreshed GUI of fake HDD or fake defragmenter malware. Besides the changes into graphic user’s interface of the adware there are many modifications which seem to be cosmetic into the scripts of the program.
These changes are not quite ornamental though. Quite in contrary, the new scripts enable the counterfeit to escape prosecution by programs capable of removing Master Utilities and the likes.
The adware remains not less harmful than previously released counterfeits of its category as it readily blocks any executables classified as hostile in line with its internal algorithm.

Technical Details and screenshots:

  • Full name: Master Utilities, Master-Utilities
  • Type: Rogue anti-spyware
  • Origin: Russian Federation

Signs of being infected with Master Utilities

The fake optimizer for computer system belongs to the group of malicious programs that share many graphical elements. PC Repair is the nearest forerunner for the adware in question, but windows that impersonate program menu are quite distinguishable for these two counterfeits despite these programs are the closest relatives.
Main window of the adware in question emphasizes the fact that it is a trialware as it contains a caption prompting users to activate full-functional version. The menu is simplified compared to previous counterfeits.

Master Utilities automatical removal:

Few tools are available for Master Utilities removal, for the adware is extremely aggressive and removes or isolates most of its potential removers using process blocking and immediate files destructing approaches. It normally works even in normal mode, but sometimes Safe Mode with Networking is to be set via boot menu available by pressing F8 continuously during system loading preparation.

Master Utilities Removal Tool

Manual Removal of Master Utilities:

Manual steps for the adware extermination will not target any other infections save the counterfeited HDD optimizer. In the meantime, the malicious utility makes computer system exposed to hostile network threats. Especially in case you have been putting up with the adware for a long period, you definitely need complex computer treatment – such as available with the tool above.

Remove Master Utilities files and dll’s:

%StartMenu%\Programs\Master Utilities\
%StartMenu%\Programs\Master Utilities\Master Utilities.lnk
%StartMenu%\Programs\Master Utilities\Uninstall Master Utilities.lnk
%UserProfile%\Desktop\Master Utilities.lnk

Unregister Master Utilities registry values:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main “Use FormSuggest” = ‘Yes’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” = ‘0’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = ‘0’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop “NoChangingWallPaper” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = ‘/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer “NoDesktop” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “DisableTaskMgr” = ‘1’
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “Hidden” = ‘0’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = ‘0’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU “MRUList”

