1 of 5
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Blocks internet connection
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Normal system programs crash immediatelly
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Infection Video Windows Functionality Checker

Windows Functionality Checker

Windows Functionality Checker is the newest addition to the highly active Rogue.VirusDoctor family, with such infamous clones as Windows Protection Master, Windows Performance Catalyst, Smart Security, etc. Like all of its predecessors, the rogue antispyware can be very dangerous to your personal data and can cause grave financial loss. Therefore, you need to remove Windows Functionality Checker from your PC as soon as possible. Here is a list of a few elements that will help you identify Windows Functionality Checker in your computer:

• The same interface as of its previous clones
• Windows Security Center imitation
• Computer’s slow-down
• Probable networking restriction
• Restricted access to Task Manager, Windows Registry, other Windows components
• Identical fake notifications (see examples)

Error
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.

Error
Potential malware detected.
It is recommended to activate protection and perform a thorough system scan to remove the malware.

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Warning
Firewall has blocked a program from accessing the Internet.
Windows Media Player Resources
C:\Windows\system32\dllcache\wmploc.dll
C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.

Warning! Virus Detected
Threat detected: FTP Server
Infected file: C:\Windows\System32\dllcache\wmploc.dll

Windows Functionality Checker can install itself without permission, or can trick YOU into installing it yourself. Ultimately, there are many online paths for the malware to infect the system, so you have to be careful when browsing or opening files, sent by unfamiliar sources. Once installed, malware performs a bogus threat scan. This is when all the fake notifications, mentioned above, start coming up.

Windows Functionality Checker will also alert you with this bogus warning, imitating Windows Security:

Security Essentails
Advanced Security Center helps you manage your Windows security settings. To protect your computer, the three security essentials are On. If the settings are not On, follow our recommendations.

The rogue then reports that FireWall, Automatic updates and Antivirus Protection are set OFF, threatening you further with a non-existent system’s security. It even lists Server-Telnet, Trojan-Dropper, Trojan-Malifinder, Trojan-Proxy and other malware as fake threats active in your computer. Do not be alarmed, and do not trust numerous pop-ups and warnings, as they are all fake, and are there to trick you into believing that your computer does have a valid infection.

Windows Functionality Checker will recommend buying its full version antispyware program, but you need to ignore this too. If you buy the product, it will NOT protect your computer from real threats, on the contrary, it will collect your banking details! This information will allow hijackers to use your details and your assets in their convenience! So be careful how you handle this rogue, and we recommend you remove Windows Functionality Checker instantly. Using legitimate antispyware is the best solution in this case. It will not only help you resume to normal Windows running, but will protect you from other malware in the future. However, if you are experienced with Windows, you can remove the rogue manually. Just make sure you delete ALL infected files, so that the infection does not regenerate and make more damage.

Download Spyware Removal Tool to Remove* Windows Functionality Checker
  • Quick & tested solution for Windows Functionality Checker removal.
  • 100% Free Scan for Windows

How to renew your internet connection:

This rogue antispyware blocks your Internet connection to prevent you from removing the rogue application. To enable the Internet connection, please follow these instructions:
  1. Open Internet Explorer and go to >Tools< select >Internet Options<

  2. Select >Connections<

  3. Select >LAN Settings<

  4. Now you need to uncheck the checkbox labeled >Use a proxy server for your LAN< in Proxy Server section. Then press the >OK< button to close this screen and press the >OK< button to close the Internet Options screen.

  5. Now you can download the SpyHunter scanner and remove the infection.

Download Spyware Removal Tool to Remove* Windows Functionality Checker
  • Quick & tested solution for Windows Functionality Checker removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Functionality Checker

Files associated with Windows Functionality Checker infection:

%AppData%\result.db
%AppData%\Protector-hox.exe
%AppData%\NPSWF32.dll
%StartMenu%\Programs\Windows Functionality Checker.lnk

Windows Functionality Checker DLL's to remove:

%AppData%\NPSWF32.dll

Windows Functionality Checker processes to kill:

%AppData%\Protector-hox.exe

Remove Windows Functionality Checker registry entries:

... and many more Image File Execution Options entries.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.