Severity scale:  

Windows Functionality Checker. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as WindowsFunctionalityChecker | Type: Rogue Antispyware

Recently we noticed a new threat called Windows Functionality Checker virus. Apparently, this virus has done much damage to PC users, just like Windows Protection Master or Home Safety Essentials, so we can only imagine how malicious this new virus is. Nevertheless, there’s always a way to remove viruses from computers and Windows Functionality Checker is not an exception. This article will show you detailed information about this virus and will show you a step-by-step guide on how to remove Windows Functionality Checker from your computer.

At the the first glance, Windows Functionality Checker virus may look like a good anti-virus program which will help you to protect your computer from malicious software. However, it is a virus that should belong to the category of rogue anti-spywares. In most of the cases, this sneaky malware gets inside the system without any permission of a user asked. That's because you should be very careful when visiting the web pages and downloading the files from external sources. If you have noticed Windows Functionality Checker on your PC, you must keep in mind that it must be eliminated as soon as it gets into your PC.

When Windows Functionality Checker rogue enters your PC, it starts to act as a anti-malware software. It runs fake system scans in order to show you fake reports about viruses and spyware that lives in PC. It doesn’t even care that you don’t want to see those reports. It automatically starts when computer is turned on and gets in front of your desktop to scare you with messages that your PC is infected. However, it doesn’t offer a free removal of the viruses that it “found” – it asks you to buy a full, commercial, registered version of Windows Functionality Checker. Without any doubt, you have to ignore every message that asks you to upgrade or buy this software – because it’s a fake and dangerous program. You won’t get anything when you buy it – you will just send money and your personal bank information to cyber criminals and it won’t take long for them to steal even more from your bank accounts.

In order to trich you into buying its license, Windows Functionality Checker claims:

Warning! Virus Detected
Threat detected: FTP Server
Infected file: C:\Windows\System32\dllcache\wmploc.dll

Firewall has blocked a program from accessing the Internet.
Windows Media Player Resources
C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.

Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.

Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Potential malware detected.
It is recommended to activate protection and perform a thorough system scan to remove the malware.

So, basically you should always avoid installing unidentified software that infects your PC with more malware and ignore the fake messages that Windows Functionality Checker virus sends you. It’s recommended to remove Windows Functionality Checker ASAP because it is a dangerous threat that will continue its malicious activity on your computer. We recommend using reputable anti-malware programs, Malwarebytes MalwarebytesCombo Cleaner, Reimage or other that will help you to find all infected files and remove them.

The latest parasite names used by FakeVimes:

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Malwarebytes.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.
Windows Functionality Checker snapshot
Windows Functionality Checker

Windows Functionality Checker manual removal:

Kill processes:

Delete registry values:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "Inspector"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe

Unregister DLLs:

Delete files:


%desktopdir%Windows Functionality Checker.lnk


About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions