Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'McChecker.exe'

malicious

not enough data to reliably determine

McChecker.exe

This report is generated from a file or URL submitted to this webservice on December 23rd 2015 19:17:55 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by Falcon Sandbox v3.10 © Hybrid Analysis

Overview Sample not shared Re-analyze Hash Seen Before Show Similar Samples Report False-Positive

Attention: this analysis ran with the legacy Usermode Monitor. It is highly recommended to use the Kernelmode Monitor.

Request Report Deletion

Incident Response

Risk Assessment

Fingerprint: Contains ability to lookup the windows account name
Reads the cryptographic machine GUID

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

Malicious Indicators 3
External Systems
- Sample was identified as malicious by a large number of Antivirus engines
  
  details
  
  12/55 Antivirus vendors marked sample as malicious (21% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
- Sample was identified as malicious by at least one Antivirus engine
  
  details
  
  12/55 Antivirus vendors marked sample as malicious (21% detection rate)
  
  source
  
  External System
  
  relevance
  
  8/10
Hiding 1 Malicious Indicators
- All indicators are available only in the private webservice or standalone version

Suspicious Indicators 10
Anti-Detection/Stealthyness
- Queries kernel debugger information
  
  details
  
  "<Input Sample>" at 00130625-00002280-76F261F8-270158
  
  source
  
  API Call
  
  relevance
  
  6/10
- Sets the process error mode to suppress error box
  
  details
  
  "<Input Sample>" set its error mode to SEM_NOOPENFILEERRORBOX
  
  source
  
  API Call
  
  relevance
  
  8/10
Anti-Reverse Engineering
- PE file has unusual entropy sections
  
  details
  
  .text with unusual entropies 7.98602603788
  
  source
  
  Static Parser
  
  relevance
  
  10/10
Environment Awareness
- Reads the cryptographic machine GUID
  
  details
  
  "<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\CRYPTOGRAPHY", Key: "MACHINEGUID")
  
  source
  
  Registry Access
  
  relevance
  
  10/10
General
- Reads configuration files
  
  details
  
  "<Input Sample>" read file "C:\Windows\win.ini"
  "<Input Sample>" read file "C:\Users\desktop.ini"
  "<Input Sample>" read file "%APPDATA%\Microsoft\Windows\Libraries\desktop.ini"
  "<Input Sample>" read file "C:\Users\%USERNAME%\Documents\desktop.ini"
  "<Input Sample>" read file "C:\Users\%USERNAME%\desktop.ini"
  "<Input Sample>" read file "C:\Users\%USERNAME%\Documents\desktop.ini"
  "<Input Sample>" read file "C:\Users\%USERNAME%\Desktop\desktop.ini"
  
  source
  
  API Call
  
  relevance
  
  4/10
Installation/Persistance
- Creates/touches files in windows directory
  
  details
  
  "<Input Sample>" created file "C:\Windows\system32\rsaenh.dll"
  "<Input Sample>" created file "C:\Windows\System32\en-US\comdlg32.dll.mui"
  "<Input Sample>" created file "c:\windows\system32\imageres.dll"
  "<Input Sample>" created file "C:\Windows\resources\themes\Aero\Shell\NormalColor\ShellStyle.dll"
  "<Input Sample>" created file "%LOCALAPPDATA%\Microsoft\Windows\Caches"
  "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\cversions.1.db"
  "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db"
  "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini"
  "<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Libraries"
  
  source
  
  API Call
  
  relevance
  
  7/10
System Security
- Contains ability to elevate privileges
  
  details
  
  SetEntriesInAclW@ADVAPI32.DLL at 00130625-00002280-76F4228D-280312
  SetSecurityDescriptorDacl@ADVAPI32.DLL at 00130625-00002280-76F4228D-280376
  
  source
  
  Hybrid Analysis Technology
  
  relevance
  
  10/10
Unusual Characteristics
- Installs hooks/patches the running process
  
  details
  
  "<Input Sample>" wrote bytes "22F31502" to virtual address "0x6A952AFC" (part of module "CLR.DLL")
  
  source
  
  Hook Detection
  
  relevance
  
  10/10
- Reads information about supported languages
  
  details
  
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE", Key: "00000409")
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "EN")
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "EN")
  
  source
  
  Registry Access
  
  relevance
  
  3/10
Hiding 1 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version

Informative 4
General
- Loads modules at runtime
  
  details
  
  "<Input Sample>" loaded module "COMCTL32.DLL" at base 73EF0000
  "<Input Sample>" loaded module "CLBCATQ.DLL" at base 759C0000
  "<Input Sample>" loaded module "%WINDIR%\SYSTEM32\COMDLG32.DLL" at base 76850000
  "<Input Sample>" loaded module "UXTHEME.DLL" at base 73DB0000
  "<Input Sample>" loaded module "ADVAPI32.DLL" at base 76C60000
  "<Input Sample>" loaded module "API-MS-WIN-SECURITY-LSALOOKUP-L1-1-0.DLL" at base 77040000
  "<Input Sample>" loaded module "CRYPTSP.DLL" at base 74AB0000
  "<Input Sample>" loaded module "C:\WINDOWS\SYSTEM32\RSAENH.DLL" at base 74850000
  "<Input Sample>" loaded module "CRYPTBASE.DLL" at base 74F80000
  "<Input Sample>" loaded module "RPCRTREMOTE.DLL" at base 75020000
  "<Input Sample>" loaded module "OLE32.DLL" at base 769D0000
  "<Input Sample>" loaded module "IMM32.DLL" at base 759A0000
  
  source
  
  API Call
  
  relevance
  
  1/10
- Loads the .NET runtime environment
  
  details
  
  "<Input Sample>" loaded module "%WINDIR%\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll" at 69840000
  
  source
  
  Loaded Module
- Looks up procedures from modules (excluding apphelp.dll, kernel32.dll, user32.dll, gdi32.dll, ole32.dll, comctl32.dll, uxtheme.dll, oleaut32.dll, version.dll, msctfime.ime)
  
  details
  
  "GdipCreateMatrix@gdiplus.dll"
  "GdipGetWorldTransform@gdiplus.dll"
  "GdipIsMatrixIdentity@gdiplus.dll"
  "GdipGetMatrixElements@gdiplus.dll"
  "GdipDeleteMatrix@gdiplus.dll"
  "GdipCreateRegion@gdiplus.dll"
  "GdipGetClip@gdiplus.dll"
  "GdipIsInfiniteRegion@gdiplus.dll"
  "GdipSaveGraphics@gdiplus.dll"
  "GdipCombineRegionRegion@gdiplus.dll"
  "GdipGetRegionHRgn@gdiplus.dll"
  "GdipDeleteRegion@gdiplus.dll"
  "GdipGetDC@gdiplus.dll"
  "GdipReleaseDC@gdiplus.dll"
  "GdipRestoreGraphics@gdiplus.dll"
  "GdipGetTextRenderingHint@gdiplus.dll"
  "GdipDrawImageRectI@gdiplus.dll"
  "GdipGetNearestColor@gdiplus.dll"
  "GdipCreateSolidFill@gdiplus.dll"
  "GdipFillRectangleI@gdiplus.dll"
  
  source
  
  API Call
  
  relevance
  
  1/10
Installation/Persistance
- Contains ability to lookup the windows account name
  
  details
  
  LookupAccountNameLocalW@SECHOST.DLL at 00130625-00002280-76F4228D-269970
  
  source
  
  Hybrid Analysis Technology
  
  relevance
  
  5/10

File Details

All Details:

McChecker.exe

Filename: McChecker.exe
Size: 422KiB (431616 bytes)
Type: peexe assembly executable
Description: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Architecture
: WINDOWS
SHA256
: dac2072e7009865b62419265e772e3193d188d37d90001c4371a1e02aef2de70
MD5
: e56035280698bd1e2dfc1e91bdafc7ef
SHA1
: 9dbfbb4162f687dbe36b80db75fe4951e59118db
ssdeep
: 12288:5we3eQXdB4K5iQIUbUhZ9/MBtvxaC7nM/pY2vk:5D4SiQtbUhr6vxaC45c
imphash
: f34d5f2d4577ed6d9ceec516c1f5a744
authentihash
: 645f5d1c77a9fe1120b4df4df3a2be576560deb90da1ef0eb877dceb990bcd02
PDB Pathway

Resources

Language
: NEUTRAL
Icon

Visualization

Input File (PortEx)

Version Info

Translation: 0x0000 0x04b0
LegalCopyright: Copyright 2015
Assembly Version: 1.0.0.0
InternalName: McChecker.exe
FileVersion: 1.0.0.0
CompanyName: Vinyl
LegalTrademarks: -
Comments: -
ProductName: McChecker
ProductVersion: 1.0.0.0
FileDescription: McChecker
OriginalFilename: McChecker.exe

Classification (TrID)

82.9% (.EXE) Generic CIL Executable (.NET, Mono, etc.)
7.4% (.DLL) Win32 Dynamic Link Library (generic)
5.1% (.EXE) Win32 Executable (generic)
2.2% (.EXE) Generic Win/DOS Executable
2.2% (.EXE) DOS Executable Generic

File Sections

Details	Name	Entropy	Virtual Address	Virtual Size	Raw Size	MD5	Characteristics
Name .text Entropy 7.98602603788 Virtual Address 0x2000 Virtual Size 0x3e7f4 Raw Size 0x3e800 MD5 900d44694bccf0cb6b366f756303292e	.text	7.98602603788	0x2000	0x3e7f4	0x3e800	900d44694bccf0cb6b366f756303292e	-
Name .rsrc Entropy 6.57265862731 Virtual Address 0x42000 Virtual Size 0x2a840 Raw Size 0x2aa00 MD5 8801a1d8d26f0f592fbc51deb7a552ee	.rsrc	6.57265862731	0x42000	0x2a840	0x2aa00	8801a1d8d26f0f592fbc51deb7a552ee	-
Name .reloc Entropy 0.0815394123432 Virtual Address 0x6e000 Virtual Size 0xc Raw Size 0x200 MD5 290f8855b868ada745eb477f07ff556c	.reloc	0.0815394123432	0x6e000	0xc	0x200	290f8855b868ada745eb477f07ff556c	-

File Resources

Details	Name	RVA	Size	Type	Language
Name RT_ICON RVA 0x42250 Size 0x81a2 Type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced Language Neutral	RT_ICON	0x42250	0x81a2	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced	Neutral
Name RT_ICON RVA 0x4a3f4 Size 0x10828 Type data Language Neutral	RT_ICON	0x4a3f4	0x10828	data	Neutral
Name RT_ICON RVA 0x5ac1c Size 0x94a8 Type data Language Neutral	RT_ICON	0x5ac1c	0x94a8	data	Neutral
Name RT_ICON RVA 0x640c4 Size 0x4228 Type FoxPro FPT, blocks size 0, next free block index 671088640 Language Neutral	RT_ICON	0x640c4	0x4228	FoxPro FPT, blocks size 0, next free block index 671088640	Neutral
Name RT_ICON RVA 0x682ec Size 0x25a8 Type data Language Neutral	RT_ICON	0x682ec	0x25a8	data	Neutral
Name RT_ICON RVA 0x6a894 Size 0x10a8 Type data Language Neutral	RT_ICON	0x6a894	0x10a8	data	Neutral
Name RT_ICON RVA 0x6b93c Size 0x988 Type data Language Neutral	RT_ICON	0x6b93c	0x988	data	Neutral
Name RT_GROUP_ICON RVA 0x6c2c4 Size 0x68 Type MS Windows icon resource - 7 icons, 256-colors Language Neutral	RT_GROUP_ICON	0x6c2c4	0x68	MS Windows icon resource - 7 icons, 256-colors	Neutral
Name RT_VERSION RVA 0x6c32c Size 0x324 Type data Language Neutral	RT_VERSION	0x6c32c	0x324	data	Neutral
Name RT_MANIFEST RVA 0x6c650 Size 0x1ea Type XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators Language Neutral	RT_MANIFEST	0x6c650	0x1ea	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	Neutral

File Imports

mscoree.dll

_CorExeMain

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 1 process in total (System Resource Monitor).

McChecker.exe (PID: 2280)

Logged Script Calls	Logged Stdout	Extracted Streams	Memory Dumps
Reduced Monitoring	Network Activityy	Network Error	Multiscan Match

Network Analysis

DNS Requests

No relevant DNS requests were made.

Contacted Hosts

No relevant hosts were contacted.

HTTP Traffic

No relevant HTTP requests were made.

Extracted Strings

Download All Memory Strings (6.1KiB)

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (McChecker.exe.bin)

$a9f61000-518a-4b75-a6ae-dda9e929e6dc

Ansi based on Memory/File Scan (McChecker.exe.bin)

'__________

Ansi based on Image Processing (screen_4.png)

??0ClassInfoBase@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z

Ansi based on Runtime Data (McChecker.exe )

??1CritSecLock@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

??_?___m_??__?_?___

Ansi based on Image Processing (screen_1.png)

?_____??_e_0_?,__

Ansi based on Image Processing (screen_4.png)

?_____??_e_0_?___

Ansi based on Image Processing (screen_2.png)

?AddRef@ClassInfoBase@DirectUI@@UAEXXZ

Ansi based on Runtime Data (McChecker.exe )

?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z

Ansi based on Runtime Data (McChecker.exe )

?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z

Ansi based on Runtime Data (McChecker.exe )

?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?GetAtomZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolFalse@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolTrue@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@AccessibleButton@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Button@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Element@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@ElementWithHWND@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDElement@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDHost@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetIntZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ

Ansi based on Runtime Data (McChecker.exe )

?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetStringNull@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@ClassInfoBase@DirectUI@@QAEJXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@Movie@DirectUI@@SGJXZ

Ansi based on Runtime Data (McChecker.exe )

?SetPreprocessedXML@DUIXmlParser@DirectUI@@QAEJPBGPAUHINSTANCE__@@1@Z

Ansi based on Runtime Data (McChecker.exe )

_,_,_______

Ansi based on Image Processing (screen_4.png)

_??_?_____

Ansi based on Image Processing (screen_0.png)

__0,_,___,,__0,__,_,__

Ansi based on Image Processing (screen_4.png)

__\0fd_sdt_ty/_v___

Ansi based on Image Processing (screen_0.png)

____/__J___

Ansi based on Image Processing (screen_4.png)

__________

Ansi based on Image Processing (screen_4.png)

__________,

Ansi based on Image Processing (screen_4.png)

_CorExeMain

Ansi based on Memory/File Scan (McChecker.exe.bin)

_MC_r_mlumCh_c__r_1D

Ansi based on Image Processing (screen_0.png)

_mcp_em_umchecke_vla

Ansi based on Image Processing (screen_4.png)

_streamPos

Ansi based on Memory/File Scan (McChecker.exe.bin)

_TrackMouseEvent

Ansi based on Runtime Data (McChecker.exe )

_windowSize

Ansi based on Memory/File Scan (McChecker.exe.bin)

AccListViewV6

Unicode based on Runtime Data (McChecker.exe )

ActivateActCtx

Ansi based on Runtime Data (McChecker.exe )

add_AssemblyResolve

Ansi based on Memory/File Scan (McChecker.exe.bin)

AllocateAndInitializeSid

Ansi based on Runtime Data (McChecker.exe )

Always Use Tab

Unicode based on Runtime Data (McChecker.exe )

AlwaysShowExt

Unicode based on Runtime Data (McChecker.exe )

AppDomain

Ansi based on Memory/File Scan (McChecker.exe.bin)

Append Completion

Unicode based on Runtime Data (McChecker.exe )

ApphelpCheckShellObject

Ansi based on Runtime Data (McChecker.exe )

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyConfigurationAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyCopyrightAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyName

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyProductAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyTitleAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyTrademarkAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

Attribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

Attributes

Unicode based on Runtime Data (McChecker.exe )

AutoCheckSelect

Unicode based on Runtime Data (McChecker.exe )

AutoComplete In File Dialog

Unicode based on Runtime Data (McChecker.exe )

AutoSuggest

Unicode based on Runtime Data (McChecker.exe )

BitDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

BitTreeDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

BlockCopy

Ansi based on Memory/File Scan (McChecker.exe.bin)

BrowseInPlace

Unicode based on Runtime Data (McChecker.exe )

BufferedPaintInit

Ansi based on Runtime Data (McChecker.exe )

C:\Program Files\Common Files\microsoft shared\ink;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\

Unicode based on Runtime Data (McChecker.exe )

%WINDIR%\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089;;C:\Windows\system32;C:\Windows\sys

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\Microsoft.NET\Framework\v4.0.30319;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javap

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

CacheLocation

Unicode based on Runtime Data (McChecker.exe )

CallForAttributes

Unicode based on Runtime Data (McChecker.exe )

CD Burning

Unicode based on Runtime Data (McChecker.exe )

CEIPEnable

Unicode based on Runtime Data (McChecker.exe )

CloseThemeData

Ansi based on Runtime Data (McChecker.exe )

CLSIDFromOle1Class

Ansi based on Runtime Data (McChecker.exe )

CLSIDFromString

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_ExW

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_Size_ExW

Ansi based on Runtime Data (McChecker.exe )

CoCreateFreeThreadedMarshaler

Ansi based on Runtime Data (McChecker.exe )

CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

CoGetApartmentType

Ansi based on Runtime Data (McChecker.exe )

CoGetClassObject

Ansi based on Runtime Data (McChecker.exe )

CoGetInterfaceAndReleaseStream

Ansi based on Runtime Data (McChecker.exe )

CoGetMalloc

Ansi based on Runtime Data (McChecker.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (McChecker.exe )

CoGetObjectContext

Ansi based on Runtime Data (McChecker.exe )

CoGetPSClsid

Ansi based on Runtime Data (McChecker.exe )

CoInitializeEx

Ansi based on Runtime Data (McChecker.exe )

Com+Enabled

Unicode based on Runtime Data (McChecker.exe )

CoMarshalInterface

Ansi based on Runtime Data (McChecker.exe )

CoMarshalInterThreadInterfaceInStream

Ansi based on Runtime Data (McChecker.exe )

Common Desktop

Unicode based on Runtime Data (McChecker.exe )

Common Documents

Unicode based on Runtime Data (McChecker.exe )

Common Start Menu

Unicode based on Runtime Data (McChecker.exe )

CommonFilesDir

Unicode based on Runtime Data (McChecker.exe )

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ConfusedByAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ConfuserEx v0.6.0

Ansi based on Memory/File Scan (McChecker.exe.bin)

Content Type

Unicode based on Runtime Data (McChecker.exe )

ConvertSidToStringSidW

Ansi based on Runtime Data (McChecker.exe )

CopyBlock

Ansi based on Memory/File Scan (McChecker.exe.bin)

CoRegisterInitializeSpy

Ansi based on Runtime Data (McChecker.exe )

CoReleaseMarshalData

Ansi based on Runtime Data (McChecker.exe )

CoRevokeInitializeSpy

Ansi based on Runtime Data (McChecker.exe )

CoTaskMemAlloc

Ansi based on Runtime Data (McChecker.exe )

CoTaskMemFree

Ansi based on Runtime Data (McChecker.exe )

CoUninitialize

Ansi based on Runtime Data (McChecker.exe )

CoUnmarshalInterface

Ansi based on Runtime Data (McChecker.exe )

CPAcquireContext

Ansi based on Runtime Data (McChecker.exe )

CPCreateHash

Ansi based on Runtime Data (McChecker.exe )

CPDecrypt

Ansi based on Runtime Data (McChecker.exe )

CPDeriveKey

Ansi based on Runtime Data (McChecker.exe )

CPDestroyHash

Ansi based on Runtime Data (McChecker.exe )

CPDestroyKey

Ansi based on Runtime Data (McChecker.exe )

CPDuplicateHash

Ansi based on Runtime Data (McChecker.exe )

CPDuplicateKey

Ansi based on Runtime Data (McChecker.exe )

CPEncrypt

Ansi based on Runtime Data (McChecker.exe )

CPExportKey

Ansi based on Runtime Data (McChecker.exe )

CPGenRandom

Ansi based on Runtime Data (McChecker.exe )

CPGetHashParam

Ansi based on Runtime Data (McChecker.exe )

CPGetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CPGetProvParam

Ansi based on Runtime Data (McChecker.exe )

CPGetUserKey

Ansi based on Runtime Data (McChecker.exe )

CPHashData

Ansi based on Runtime Data (McChecker.exe )

CPHashSessionKey

Ansi based on Runtime Data (McChecker.exe )

CPImportKey

Ansi based on Runtime Data (McChecker.exe )

CPReleaseContext

Ansi based on Runtime Data (McChecker.exe )

CPSetHashParam

Ansi based on Runtime Data (McChecker.exe )

CPSetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CPSetProvParam

Ansi based on Runtime Data (McChecker.exe )

CPSignHash

Ansi based on Runtime Data (McChecker.exe )

CPVerifySignature

Ansi based on Runtime Data (McChecker.exe )

CreateBindCtx

Ansi based on Runtime Data (McChecker.exe )

CreateGadget

Ansi based on Runtime Data (McChecker.exe )

CreateRectRgn

Ansi based on Runtime Data (McChecker.exe )

CreateStreamOnHGlobal

Ansi based on Runtime Data (McChecker.exe )

CreateTextServices

Ansi based on Runtime Data (McChecker.exe )

CreateXmlReader

Ansi based on Runtime Data (McChecker.exe )

CreateXmlReaderInputWithEncodingName

Ansi based on Runtime Data (McChecker.exe )

CryptAcquireContextW

Ansi based on Runtime Data (McChecker.exe )

CryptGenRandom

Ansi based on Runtime Data (McChecker.exe )

CscNetApiGetInterface

Ansi based on Runtime Data (McChecker.exe )

CurrentVersion

Unicode based on Runtime Data (McChecker.exe )

DataField

Ansi based on Memory/File Scan (McChecker.exe.bin)

DataFilePath

Unicode based on Runtime Data (McChecker.exe )

DbgJITDebugLaunchSetting

Unicode based on Runtime Data (McChecker.exe )

DbgManagedDebugger

Unicode based on Runtime Data (McChecker.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (McChecker.exe )

DeactivateActCtx

Ansi based on Runtime Data (McChecker.exe )

DebuggableAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

DebuggingModes

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodeDirectBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodeNormal

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodePointer

Ansi based on Runtime Data (McChecker.exe )

DecodeWithMatchByte

Ansi based on Memory/File Scan (McChecker.exe.bin)

Decompress

Ansi based on Memory/File Scan (McChecker.exe.bin)

DefaultAccessPermission

Unicode based on Runtime Data (McChecker.exe )

Description

Unicode based on Runtime Data (McChecker.exe )

DevOverrideEnable

Unicode based on Runtime Data (McChecker.exe )

DisableConfigCache

Unicode based on Runtime Data (McChecker.exe )

DisableMSIPeek

Unicode based on Runtime Data (McChecker.exe )

DisableProcessIsolation

Unicode based on Runtime Data (McChecker.exe )

DllCanUnloadNow

Ansi based on Runtime Data (McChecker.exe )

DllGetClassObject

Ansi based on Runtime Data (McChecker.exe )

DocObject

Unicode based on Runtime Data (McChecker.exe )

Documents

Unicode based on Runtime Data (McChecker.exe )

Documents.library-ms

Unicode based on Runtime Data (McChecker.exe )

DontPrettyPath

Unicode based on Runtime Data (McChecker.exe )

DownloadCacheQuotaInKB

Unicode based on Runtime Data (McChecker.exe )

DragDelay

Unicode based on Runtime Data (McChecker.exe )

DragMinDist

Unicode based on Runtime Data (McChecker.exe )

DrawThemeBackground

Ansi based on Runtime Data (McChecker.exe )

DrawThemeBackgroundW

Ansi based on Runtime Data (McChecker.exe )

DrawThemeParentBackground

Ansi based on Runtime Data (McChecker.exe )

DrawThemeParentBackgroundW

Ansi based on Runtime Data (McChecker.exe )

DriveMask

Unicode based on Runtime Data (McChecker.exe )

DwmIsCompositionEnabled

Ansi based on Runtime Data (McChecker.exe )

EnableAnchorContext

Unicode based on Runtime Data (McChecker.exe )

EnableBalloonTips

Unicode based on Runtime Data (McChecker.exe )

EnableLog

Unicode based on Runtime Data (McChecker.exe )

EnableShareDenyNone

Unicode based on Runtime Data (McChecker.exe )

EnableWindow

Ansi based on Runtime Data (McChecker.exe )

EncodePointer

Ansi based on Runtime Data (McChecker.exe )

EnumThreadWindows

Ansi based on Runtime Data (McChecker.exe )

ersion="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo></assembly>

Ansi based on Memory/File Scan (McChecker.exe.bin)

FileDescription

Unicode based on Memory/File Scan (McChecker.exe.bin)

FileInUseMillisecondsBetweenRetries

Unicode based on Runtime Data (McChecker.exe )

FileInUseRetryAttempts

Unicode based on Runtime Data (McChecker.exe )

FileVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

FindActCtxSectionStringW

Ansi based on Runtime Data (McChecker.exe )

FindStdColor

Ansi based on Runtime Data (McChecker.exe )

FolderTypeID

Unicode based on Runtime Data (McChecker.exe )

FontCachePath

Unicode based on Runtime Data (McChecker.exe )

GCHandleType

Ansi based on Memory/File Scan (McChecker.exe.bin)

GdipCombineRegionRegion

Ansi based on Runtime Data (McChecker.exe )

GdipCreateMatrix

Ansi based on Runtime Data (McChecker.exe )

GdipCreateRegion

Ansi based on Runtime Data (McChecker.exe )

GdipCreateSolidFill

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteBrush

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteMatrix

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipDrawImageRectI

Ansi based on Runtime Data (McChecker.exe )

GdipFillRectangleI

Ansi based on Runtime Data (McChecker.exe )

GdipGetClip

Ansi based on Runtime Data (McChecker.exe )

GdipGetDC

Ansi based on Runtime Data (McChecker.exe )

GdipGetMatrixElements

Ansi based on Runtime Data (McChecker.exe )

GdipGetNearestColor

Ansi based on Runtime Data (McChecker.exe )

GdipGetRegionHRgn

Ansi based on Runtime Data (McChecker.exe )

GdipGetTextRenderingHint

Ansi based on Runtime Data (McChecker.exe )

GdipGetWorldTransform

Ansi based on Runtime Data (McChecker.exe )

GdipIsInfiniteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipIsMatrixIdentity

Ansi based on Runtime Data (McChecker.exe )

GdipReleaseDC

Ansi based on Runtime Data (McChecker.exe )

GdipRestoreGraphics

Ansi based on Runtime Data (McChecker.exe )

GdipSaveGraphics

Ansi based on Runtime Data (McChecker.exe )

GdipSetPageUnit

Ansi based on Runtime Data (McChecker.exe )

Generation

Unicode based on Runtime Data (McChecker.exe )

get_CurrentDomain

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_FullName

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Length

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Target

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetActiveWindow

Ansi based on Runtime Data (McChecker.exe )

GetBkMode

Ansi based on Runtime Data (McChecker.exe )

GetCapture

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject2

Ansi based on Runtime Data (McChecker.exe )

GetClipRgn

Ansi based on Runtime Data (McChecker.exe )

GetCurrentThemeName

Ansi based on Runtime Data (McChecker.exe )

GetEntryAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetFileVersionInfoSizeW

Ansi based on Runtime Data (McChecker.exe )

GetFileVersionInfoW

Ansi based on Runtime Data (McChecker.exe )

GetGadgetTicket

Ansi based on Runtime Data (McChecker.exe )

GetKeyState

Ansi based on Runtime Data (McChecker.exe )

GetLenToPosState

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetMartaExtensionInterface

Ansi based on Runtime Data (McChecker.exe )

GetParameters

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetProcessWindowStation

Ansi based on Runtime Data (McChecker.exe )

GetTextAlign

Ansi based on Runtime Data (McChecker.exe )

GetTextColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppProperties

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppPropertiesW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRect

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRectW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeBool

Ansi based on Runtime Data (McChecker.exe )

GetThemeColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeColorW

Ansi based on Runtime Data (McChecker.exe )

GetThemeFont

Ansi based on Runtime Data (McChecker.exe )

GetThemeMargins

Ansi based on Runtime Data (McChecker.exe )

GetThemePartSize

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextMetrics

Ansi based on Runtime Data (McChecker.exe )

GetTokenInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformationA

Ansi based on Runtime Data (McChecker.exe )

GlobalSession

Unicode based on Runtime Data (McChecker.exe )

GuidAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

HasNavigationEnum

Unicode based on Runtime Data (McChecker.exe )

HideFileExt

Unicode based on Runtime Data (McChecker.exe )

HideFolderVerbs

Unicode based on Runtime Data (McChecker.exe )

HideIcons

Unicode based on Runtime Data (McChecker.exe )

HideInWebView

Unicode based on Runtime Data (McChecker.exe )

HideOnDesktopPerUser

Unicode based on Runtime Data (McChecker.exe )

I_RpcExtInitializeExtensionPoint

Ansi based on Runtime Data (McChecker.exe )

IconsOnly

Unicode based on Runtime Data (McChecker.exe )

IIDFromString

Ansi based on Runtime Data (McChecker.exe )

Image Path

Unicode based on Runtime Data (McChecker.exe )

ImageList_CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

ImageList_LoadImageW

Ansi based on Runtime Data (McChecker.exe )

ImmGetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

ImmGetContext

Ansi based on Runtime Data (McChecker.exe )

ImmLockIMC

Ansi based on Runtime Data (McChecker.exe )

ImmReleaseContext

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionFontW

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

ImmUnlockIMC

Ansi based on Runtime Data (McChecker.exe )

Impa_0mbal_

Ansi based on Image Processing (screen_0.png)

Impa_0mbal__

Ansi based on Image Processing (screen_4.png)

InitCommonControls

Ansi based on Runtime Data (McChecker.exe )

InitCommonControlsEx

Ansi based on Runtime Data (McChecker.exe )

InitFolderHandler

Unicode based on Runtime Data (McChecker.exe )

InitGadgets

Ansi based on Runtime Data (McChecker.exe )

InitializeArray

Ansi based on Memory/File Scan (McChecker.exe.bin)

InitializeSecurityDescriptor

Ansi based on Runtime Data (McChecker.exe )

InitProcessPriv

Ansi based on Runtime Data (McChecker.exe )

InitThread

Ansi based on Runtime Data (McChecker.exe )

InitVariantFromBuffer

Ansi based on Runtime Data (McChecker.exe )

InprocServer32

Unicode based on Runtime Data (McChecker.exe )

InstallRoot

Unicode based on Runtime Data (McChecker.exe )

InternalName

Unicode based on Memory/File Scan (McChecker.exe.bin)

InvalidateGadget

Ansi based on Runtime Data (McChecker.exe )

InvalidateRect

Ansi based on Runtime Data (McChecker.exe )

IsAppThemed

Ansi based on Runtime Data (McChecker.exe )

IsCharState

Ansi based on Memory/File Scan (McChecker.exe.bin)

IsCompositionActive

Ansi based on Runtime Data (McChecker.exe )

IsProcessDPIAware

Ansi based on Runtime Data (McChecker.exe )

IsShortcut

Unicode based on Runtime Data (McChecker.exe )

IsTabletPC

Unicode based on Runtime Data (McChecker.exe )

IsTextUnicode

Ansi based on Runtime Data (McChecker.exe )

IsThemeBackgroundPartiallyTransparent

Ansi based on Runtime Data (McChecker.exe )

IsThemeBackgroundPartiallyTransparentW

Ansi based on Runtime Data (McChecker.exe )

IsThemePartDefined

Ansi based on Runtime Data (McChecker.exe )

IsThemePartDefinedW

Ansi based on Runtime Data (McChecker.exe )

IsValidLinkInfo

Ansi based on Runtime Data (McChecker.exe )

IsWindowEnabled

Ansi based on Runtime Data (McChecker.exe )

IsWindowVisible

Ansi based on Runtime Data (McChecker.exe )

LegacyPolicyTimeStamp

Unicode based on Runtime Data (McChecker.exe )

LegalCopyright

Unicode based on Memory/File Scan (McChecker.exe.bin)

LegalTrademarks

Unicode based on Memory/File Scan (McChecker.exe.bin)

LenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

Libraries

Unicode based on Runtime Data (McChecker.exe )

ListviewAlphaSelect

Unicode based on Runtime Data (McChecker.exe )

ListviewShadow

Unicode based on Runtime Data (McChecker.exe )

LiteralDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

LoadCursor

Ansi based on Runtime Data (McChecker.exe )

LoadCursorW

Ansi based on Runtime Data (McChecker.exe )

LoadIconWithScaleDown

Ansi based on Runtime Data (McChecker.exe )

LoadModule

Ansi based on Memory/File Scan (McChecker.exe.bin)

LoadWithoutCOM

Unicode based on Runtime Data (McChecker.exe )

Local AppData

Unicode based on Runtime Data (McChecker.exe )

LocalizedName

Unicode based on Runtime Data (McChecker.exe )

LocalRedirectOnly

Unicode based on Runtime Data (McChecker.exe )

LogFailures

Unicode based on Runtime Data (McChecker.exe )

LoggingLevel

Unicode based on Runtime Data (McChecker.exe )

LogResourceBinds

Unicode based on Runtime Data (McChecker.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidW

Ansi based on Runtime Data (McChecker.exe )

LzmaDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_Choice2

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_DictionarySize

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_DictionarySizeCheck

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_HighCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsMatchDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRep0LongDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG0Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG1Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG2Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LiteralDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LowCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_MidCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPosBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPosStates

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPrevBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_OutWindow

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosAlignDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosMask

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosSlotDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosStateMask

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_RangeDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_RepLenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

MachineGuid

Unicode based on Runtime Data (McChecker.exe )

MachineThrottling

Unicode based on Runtime Data (McChecker.exe )

MapNetDriveVerbs

Unicode based on Runtime Data (McChecker.exe )

MapNetDrvBtn

Unicode based on Runtime Data (McChecker.exe )

MartaExtension

Unicode based on Runtime Data (McChecker.exe )

Max Cached Icons

Unicode based on Runtime Data (McChecker.exe )

MaxSxSHashCount

Unicode based on Runtime Data (McChecker.exe )

McChecker

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.exe

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.Form1.resources

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.Properties.Resources.resources

Ansi based on Memory/File Scan (McChecker.exe.bin)

MemoryStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

MethodBase

Ansi based on Memory/File Scan (McChecker.exe.bin)

Microsoft

Unicode based on Runtime Data (McChecker.exe )

mpanyName

Unicode based on Memory/File Scan (McChecker.exe.bin)

MRUListEx

Unicode based on Runtime Data (McChecker.exe )

mscoree.dll

Ansi based on Memory/File Scan (McChecker.exe.bin)

My Pictures

Unicode based on Runtime Data (McChecker.exe )

NdrOleExtDLL

Unicode based on Runtime Data (McChecker.exe )

NdrOleInitializeExtension

Ansi based on Runtime Data (McChecker.exe )

NetShareEnum

Ansi based on Runtime Data (McChecker.exe )

NeverShowExt

Unicode based on Runtime Data (McChecker.exe )

NoClientChecks

Unicode based on Runtime Data (McChecker.exe )

NoFileFolderJunction

Unicode based on Runtime Data (McChecker.exe )

NoNetCrawling

Unicode based on Runtime Data (McChecker.exe )

Normalize

Ansi based on Memory/File Scan (McChecker.exe.bin)

NotifyWinEvent

Ansi based on Runtime Data (McChecker.exe )

NumBitLevels

Ansi based on Memory/File Scan (McChecker.exe.bin)

oductName

Unicode based on Memory/File Scan (McChecker.exe.bin)

OffsetViewportOrgEx

Ansi based on Runtime Data (McChecker.exe )

OleInitialize

Ansi based on Runtime Data (McChecker.exe )

OleUninitialize

Ansi based on Runtime Data (McChecker.exe )

OnlyUseLatestCLR

Unicode based on Runtime Data (McChecker.exe )

OpenProcessToken

Ansi based on Runtime Data (McChecker.exe )

OpenThemeData

Ansi based on Runtime Data (McChecker.exe )

OpenThemeDataW

Ansi based on Runtime Data (McChecker.exe )

OpenThreadToken

Ansi based on Runtime Data (McChecker.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (McChecker.exe )

OutWindow

Ansi based on Memory/File Scan (McChecker.exe.bin)

p__um_0___

Ansi based on Image Processing (screen_4.png)

p_mum_0__

Ansi based on Image Processing (screen_0.png)

ParameterInfo

Ansi based on Memory/File Scan (McChecker.exe.bin)

ParentFolder

Unicode based on Runtime Data (McChecker.exe )

ParsingName

Unicode based on Runtime Data (McChecker.exe )

PerceivedType

Unicode based on Runtime Data (McChecker.exe )

PinToNameSpaceTree

Unicode based on Runtime Data (McChecker.exe )

PreCreate

Unicode based on Runtime Data (McChecker.exe )

PreferExternalManifest

Unicode based on Runtime Data (McChecker.exe )

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (McChecker.exe )

ProductVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

ProfileImagePath

Unicode based on Runtime Data (McChecker.exe )

PropVariantClear

Ansi based on Runtime Data (McChecker.exe )

PropVariantCopy

Ansi based on Runtime Data (McChecker.exe )

PropVariantToGUID

Ansi based on Runtime Data (McChecker.exe )

PropVariantToStringAlloc

Ansi based on Runtime Data (McChecker.exe )

PSCreateMemoryPropertyStore

Ansi based on Runtime Data (McChecker.exe )

PSGetNameFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

PSGetPropertyDescription

Ansi based on Runtime Data (McChecker.exe )

PSStringFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

PublishExpandedPath

Unicode based on Runtime Data (McChecker.exe )

QueryActCtxW

Ansi based on Runtime Data (McChecker.exe )

QueryForInfoTip

Unicode based on Runtime Data (McChecker.exe )

QueryForOverlay

Unicode based on Runtime Data (McChecker.exe )

RaiseDefaultAuthnLevel

Unicode based on Runtime Data (McChecker.exe )

RegEnumKeyW

Ansi based on Runtime Data (McChecker.exe )

RegisterClassNameW

Ansi based on Runtime Data (McChecker.exe )

RegisterMessagePumpHook

Ansi based on Runtime Data (McChecker.exe )

RegQueryValueW

Ansi based on Runtime Data (McChecker.exe )

RelativePath

Unicode based on Runtime Data (McChecker.exe )

ReleaseStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

RemoteRpcDll

Unicode based on Runtime Data (McChecker.exe )

ResolveEventArgs

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveEventHandler

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveMethod

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveSignature

Ansi based on Memory/File Scan (McChecker.exe.bin)

RestrictedAttributes

Unicode based on Runtime Data (McChecker.exe )

ReverseDecode

Ansi based on Memory/File Scan (McChecker.exe.bin)

RtlDllShutdownInProgress

Ansi based on Runtime Data (McChecker.exe )

RtlInitUnicodeString

Ansi based on Runtime Data (McChecker.exe )

RtlRunDecodeUnicodeString

Ansi based on Runtime Data (McChecker.exe )

RtlRunEncodeUnicodeString

Ansi based on Runtime Data (McChecker.exe )

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeFieldHandle

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeHelpers

Ansi based on Memory/File Scan (McChecker.exe.bin)

SafeProcessSearchMode

Unicode based on Runtime Data (McChecker.exe )

ScrollDelay

Unicode based on Runtime Data (McChecker.exe )

ScrollInset

Unicode based on Runtime Data (McChecker.exe )

ScrollInterval

Unicode based on Runtime Data (McChecker.exe )

SelectClipRgn

Ansi based on Runtime Data (McChecker.exe )

sembly Version

Unicode based on Memory/File Scan (McChecker.exe.bin)

SeparateProcess

Unicode based on Runtime Data (McChecker.exe )

SetBkMode

Ansi based on Runtime Data (McChecker.exe )

SetCursor

Ansi based on Runtime Data (McChecker.exe )

SetDecoderProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetDictionarySize

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetEntriesInAclW

Ansi based on Runtime Data (McChecker.exe )

SetGadgetMessageFilter

Ansi based on Runtime Data (McChecker.exe )

SetGadgetParent

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRect

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRootInfo

Ansi based on Runtime Data (McChecker.exe )

SetGadgetStyle

Ansi based on Runtime Data (McChecker.exe )

SetLiteralProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetPosBitsProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetSecurityDescriptorDacl

Ansi based on Runtime Data (McChecker.exe )

SetWindowTheme

Ansi based on Runtime Data (McChecker.exe )

ShellState

Unicode based on Runtime Data (McChecker.exe )

ShowCompColor

Unicode based on Runtime Data (McChecker.exe )

ShowInfoTip

Unicode based on Runtime Data (McChecker.exe )

ShowSuperHidden

Unicode based on Runtime Data (McChecker.exe )

ShowTypeOverlay

Unicode based on Runtime Data (McChecker.exe )

SLGetWindowsInformationDWORD

Ansi based on Runtime Data (McChecker.exe )

SmoothScroll

Unicode based on Runtime Data (McChecker.exe )

SortOrderIndex

Unicode based on Runtime Data (McChecker.exe )

STAThreadAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

StreamResource

Unicode based on Runtime Data (McChecker.exe )

StreamResourceType

Unicode based on Runtime Data (McChecker.exe )

StringFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

StringFromGUID2

Ansi based on Runtime Data (McChecker.exe )

StringFromIID

Ansi based on Runtime Data (McChecker.exe )

SuppressionPolicy

Unicode based on Runtime Data (McChecker.exe )

System.Diagnostics

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.IO

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.NamespaceCLSID

Unicode based on Runtime Data (McChecker.exe )

System.Reflection

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Text

Ansi based on Memory/File Scan (McChecker.exe.bin)

SystemFunction036

Ansi based on Runtime Data (McChecker.exe )

SystemParametersInfo

Ansi based on Runtime Data (McChecker.exe )

SystemParametersInfoW

Ansi based on Runtime Data (McChecker.exe )

TargetFrameworkAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ThreadingModel

Unicode based on Runtime Data (McChecker.exe )

ToBase64String

Ansi based on Memory/File Scan (McChecker.exe.bin)

ToUpperInvariant

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateChar

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateMatch

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateRep

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateShortRep

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateWindow

Ansi based on Runtime Data (McChecker.exe )

UseDoubleClickTimer

Unicode based on Runtime Data (McChecker.exe )

UseDropHandler

Unicode based on Runtime Data (McChecker.exe )

UseInProcHandlerCache

Unicode based on Runtime Data (McChecker.exe )

UseLegacyIdentityFormat

Unicode based on Runtime Data (McChecker.exe )

UseLegacyV2RuntimeActivationPolicyDefaultValue

Unicode based on Runtime Data (McChecker.exe )

UseOutOfProcHandlerCache

Unicode based on Runtime Data (McChecker.exe )

v4.0.30319

Ansi based on Memory/File Scan (McChecker.exe.bin)

ValueType

Ansi based on Memory/File Scan (McChecker.exe.bin)

VarFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

VerQueryValueW

Ansi based on Runtime Data (McChecker.exe )

VS_VERSION_INFO

Unicode based on Memory/File Scan (McChecker.exe.bin)

WaitMessage

Ansi based on Runtime Data (McChecker.exe )

WantsAliasedNotifications

Unicode based on Runtime Data (McChecker.exe )

WantsFORDISPLAY

Unicode based on Runtime Data (McChecker.exe )

WantsFORPARSING

Unicode based on Runtime Data (McChecker.exe )

WantsParseDisplayName

Unicode based on Runtime Data (McChecker.exe )

WantsUniversalDelegate

Unicode based on Runtime Data (McChecker.exe )

WICCreateImagingFactory_Proxy

Ansi based on Runtime Data (McChecker.exe )

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (McChecker.exe )

{031E4825-7B94-4DC3-B131-E946B44C8DD5}

Unicode based on Runtime Data (McChecker.exe )

{08244EE6-92F0-47F2-9FC9-929BAA2E7235} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}

Unicode based on Runtime Data (McChecker.exe )

{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Unicode based on Runtime Data (McChecker.exe )

{2112AB0A-C86A-4FFE-A368-0DE96E47012E}

Unicode based on Runtime Data (McChecker.exe )

{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6

Unicode based on Runtime Data (McChecker.exe )

{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}

Unicode based on Runtime Data (McChecker.exe )

{491E922F-5643-4AF4-A7EB-4E7A138D8174}

Unicode based on Runtime Data (McChecker.exe )

{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}

Unicode based on Runtime Data (McChecker.exe )

{59031A47-3F72-44A7-89C5-5595FE6B30EE}

Unicode based on Runtime Data (McChecker.exe )

{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}

Unicode based on Runtime Data (McChecker.exe )

{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}

Unicode based on Runtime Data (McChecker.exe )

{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}

Unicode based on Runtime Data (McChecker.exe )

{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

$a9f61000-518a-4b75-a6ae-dda9e929e6dc

Ansi based on Memory/File Scan (McChecker.exe.bin)

??0ClassInfoBase@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z

Ansi based on Runtime Data (McChecker.exe )

??1CritSecLock@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

?AddRef@ClassInfoBase@DirectUI@@UAEXXZ

Ansi based on Runtime Data (McChecker.exe )

?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z

Ansi based on Runtime Data (McChecker.exe )

?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z

Ansi based on Runtime Data (McChecker.exe )

?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?GetAtomZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolFalse@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolTrue@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@AccessibleButton@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Button@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Element@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@ElementWithHWND@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDElement@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDHost@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetIntZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ

Ansi based on Runtime Data (McChecker.exe )

?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetStringNull@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@ClassInfoBase@DirectUI@@QAEJXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@Movie@DirectUI@@SGJXZ

Ansi based on Runtime Data (McChecker.exe )

?SetPreprocessedXML@DUIXmlParser@DirectUI@@QAEJPBGPAUHINSTANCE__@@1@Z

Ansi based on Runtime Data (McChecker.exe )

_CorExeMain

Ansi based on Memory/File Scan (McChecker.exe.bin)

Append Completion

Unicode based on Runtime Data (McChecker.exe )

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AutoComplete In File Dialog

Unicode based on Runtime Data (McChecker.exe )

C:\Program Files\Common Files\microsoft shared\ink;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\

Unicode based on Runtime Data (McChecker.exe )

%WINDIR%\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089;;C:\Windows\system32;C:\Windows\sys

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\Microsoft.NET\Framework\v4.0.30319;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javap

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

CLSIDFromString

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_ExW

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_Size_ExW

Ansi based on Runtime Data (McChecker.exe )

CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

CoGetApartmentType

Ansi based on Runtime Data (McChecker.exe )

CoGetClassObject

Ansi based on Runtime Data (McChecker.exe )

CoGetInterfaceAndReleaseStream

Ansi based on Runtime Data (McChecker.exe )

CoGetMalloc

Ansi based on Runtime Data (McChecker.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (McChecker.exe )

CoGetObjectContext

Ansi based on Runtime Data (McChecker.exe )

CoGetPSClsid

Ansi based on Runtime Data (McChecker.exe )

Com+Enabled

Unicode based on Runtime Data (McChecker.exe )

CoMarshalInterface

Ansi based on Runtime Data (McChecker.exe )

CoMarshalInterThreadInterfaceInStream

Ansi based on Runtime Data (McChecker.exe )

Common Desktop

Unicode based on Runtime Data (McChecker.exe )

Common Documents

Unicode based on Runtime Data (McChecker.exe )

Common Start Menu

Unicode based on Runtime Data (McChecker.exe )

CommonFilesDir

Unicode based on Runtime Data (McChecker.exe )

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

CoRegisterInitializeSpy

Ansi based on Runtime Data (McChecker.exe )

CPDeriveKey

Ansi based on Runtime Data (McChecker.exe )

CPDestroyKey

Ansi based on Runtime Data (McChecker.exe )

CPDuplicateKey

Ansi based on Runtime Data (McChecker.exe )

CPExportKey

Ansi based on Runtime Data (McChecker.exe )

CPGetHashParam

Ansi based on Runtime Data (McChecker.exe )

CPGetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CPGetProvParam

Ansi based on Runtime Data (McChecker.exe )

CPGetUserKey

Ansi based on Runtime Data (McChecker.exe )

CPHashSessionKey

Ansi based on Runtime Data (McChecker.exe )

CPImportKey

Ansi based on Runtime Data (McChecker.exe )

CPSetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CreateBindCtx

Ansi based on Runtime Data (McChecker.exe )

CreateGadget

Ansi based on Runtime Data (McChecker.exe )

CreateTextServices

Ansi based on Runtime Data (McChecker.exe )

CscNetApiGetInterface

Ansi based on Runtime Data (McChecker.exe )

CurrentVersion

Unicode based on Runtime Data (McChecker.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (McChecker.exe )

Decompress

Ansi based on Memory/File Scan (McChecker.exe.bin)

Description

Unicode based on Runtime Data (McChecker.exe )

DisableMSIPeek

Unicode based on Runtime Data (McChecker.exe )

DisableProcessIsolation

Unicode based on Runtime Data (McChecker.exe )

DllGetClassObject

Ansi based on Runtime Data (McChecker.exe )

DwmIsCompositionEnabled

Ansi based on Runtime Data (McChecker.exe )

Ansi based on Memory/File Scan (McChecker.exe.bin)

FileDescription

Unicode based on Memory/File Scan (McChecker.exe.bin)

FileVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

GdipCombineRegionRegion

Ansi based on Runtime Data (McChecker.exe )

GdipCreateRegion

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipGetClip

Ansi based on Runtime Data (McChecker.exe )

GdipGetDC

Ansi based on Runtime Data (McChecker.exe )

GdipGetMatrixElements

Ansi based on Runtime Data (McChecker.exe )

GdipGetNearestColor

Ansi based on Runtime Data (McChecker.exe )

GdipGetRegionHRgn

Ansi based on Runtime Data (McChecker.exe )

GdipGetTextRenderingHint

Ansi based on Runtime Data (McChecker.exe )

GdipGetWorldTransform

Ansi based on Runtime Data (McChecker.exe )

GdipIsInfiniteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipRestoreGraphics

Ansi based on Runtime Data (McChecker.exe )

get_CurrentDomain

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_FullName

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Length

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Target

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetActiveWindow

Ansi based on Runtime Data (McChecker.exe )

GetBkMode

Ansi based on Runtime Data (McChecker.exe )

GetCapture

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject2

Ansi based on Runtime Data (McChecker.exe )

GetClipRgn

Ansi based on Runtime Data (McChecker.exe )

GetCurrentThemeName

Ansi based on Runtime Data (McChecker.exe )

GetEntryAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetFileVersionInfoSizeW

Ansi based on Runtime Data (McChecker.exe )

GetFileVersionInfoW

Ansi based on Runtime Data (McChecker.exe )

GetGadgetTicket

Ansi based on Runtime Data (McChecker.exe )

GetKeyState

Ansi based on Runtime Data (McChecker.exe )

GetLenToPosState

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetMartaExtensionInterface

Ansi based on Runtime Data (McChecker.exe )

GetParameters

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetProcessWindowStation

Ansi based on Runtime Data (McChecker.exe )

GetTextAlign

Ansi based on Runtime Data (McChecker.exe )

GetTextColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppProperties

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppPropertiesW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRect

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRectW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeBool

Ansi based on Runtime Data (McChecker.exe )

GetThemeColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeColorW

Ansi based on Runtime Data (McChecker.exe )

GetThemeFont

Ansi based on Runtime Data (McChecker.exe )

GetThemeMargins

Ansi based on Runtime Data (McChecker.exe )

GetThemePartSize

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextMetrics

Ansi based on Runtime Data (McChecker.exe )

GetTokenInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformationA

Ansi based on Runtime Data (McChecker.exe )

IIDFromString

Ansi based on Runtime Data (McChecker.exe )

ImageList_CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

ImmGetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

ImmGetContext

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionFontW

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

InitCommonControls

Ansi based on Runtime Data (McChecker.exe )

InitCommonControlsEx

Ansi based on Runtime Data (McChecker.exe )

InitGadgets

Ansi based on Runtime Data (McChecker.exe )

InitializeSecurityDescriptor

Ansi based on Runtime Data (McChecker.exe )

InitProcessPriv

Ansi based on Runtime Data (McChecker.exe )

InstallRoot

Unicode based on Runtime Data (McChecker.exe )

InvalidateGadget

Ansi based on Runtime Data (McChecker.exe )

IsCompositionActive

Ansi based on Runtime Data (McChecker.exe )

IsProcessDPIAware

Ansi based on Runtime Data (McChecker.exe )

IsValidLinkInfo

Ansi based on Runtime Data (McChecker.exe )

LoadWithoutCOM

Unicode based on Runtime Data (McChecker.exe )

Local AppData

Unicode based on Runtime Data (McChecker.exe )

LocalizedName

Unicode based on Runtime Data (McChecker.exe )

LocalRedirectOnly

Unicode based on Runtime Data (McChecker.exe )

LogFailures

Unicode based on Runtime Data (McChecker.exe )

LogResourceBinds

Unicode based on Runtime Data (McChecker.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidW

Ansi based on Runtime Data (McChecker.exe )

McChecker.exe

Ansi based on Memory/File Scan (McChecker.exe.bin)

mscoree.dll

Ansi based on Memory/File Scan (McChecker.exe.bin)

OffsetViewportOrgEx

Ansi based on Runtime Data (McChecker.exe )

OpenProcessToken

Ansi based on Runtime Data (McChecker.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (McChecker.exe )

ParameterInfo

Ansi based on Memory/File Scan (McChecker.exe.bin)

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (McChecker.exe )

ProductVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

PSCreateMemoryPropertyStore

Ansi based on Runtime Data (McChecker.exe )

PSGetNameFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

PSGetPropertyDescription

Ansi based on Runtime Data (McChecker.exe )

PSStringFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

QueryForInfoTip

Unicode based on Runtime Data (McChecker.exe )

RegEnumKeyW

Ansi based on Runtime Data (McChecker.exe )

RegisterClassNameW

Ansi based on Runtime Data (McChecker.exe )

RegisterMessagePumpHook

Ansi based on Runtime Data (McChecker.exe )

RegQueryValueW

Ansi based on Runtime Data (McChecker.exe )

RemoteRpcDll

Unicode based on Runtime Data (McChecker.exe )

ResolveEventArgs

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

SafeProcessSearchMode

Unicode based on Runtime Data (McChecker.exe )

ScrollDelay

Unicode based on Runtime Data (McChecker.exe )

ScrollInset

Unicode based on Runtime Data (McChecker.exe )

ScrollInterval

Unicode based on Runtime Data (McChecker.exe )

sembly Version

Unicode based on Memory/File Scan (McChecker.exe.bin)

SeparateProcess

Unicode based on Runtime Data (McChecker.exe )

SetGadgetMessageFilter

Ansi based on Runtime Data (McChecker.exe )

SetGadgetParent

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRect

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRootInfo

Ansi based on Runtime Data (McChecker.exe )

SetGadgetStyle

Ansi based on Runtime Data (McChecker.exe )

SetSecurityDescriptorDacl

Ansi based on Runtime Data (McChecker.exe )

ShowCompColor

Unicode based on Runtime Data (McChecker.exe )

ShowInfoTip

Unicode based on Runtime Data (McChecker.exe )

SLGetWindowsInformationDWORD

Ansi based on Runtime Data (McChecker.exe )

SmoothScroll

Unicode based on Runtime Data (McChecker.exe )

StringFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (McChecker.exe.bin)

SystemParametersInfo

Ansi based on Runtime Data (McChecker.exe )

SystemParametersInfoW

Ansi based on Runtime Data (McChecker.exe )

TargetFrameworkAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

VarFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

VS_VERSION_INFO

Unicode based on Memory/File Scan (McChecker.exe.bin)

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (McChecker.exe )

{031E4825-7B94-4DC3-B131-E946B44C8DD5}

Unicode based on Runtime Data (McChecker.exe )

{08244EE6-92F0-47F2-9FC9-929BAA2E7235} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}

Unicode based on Runtime Data (McChecker.exe )

{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Unicode based on Runtime Data (McChecker.exe )

{2112AB0A-C86A-4FFE-A368-0DE96E47012E}

Unicode based on Runtime Data (McChecker.exe )

{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6

Unicode based on Runtime Data (McChecker.exe )

{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}

Unicode based on Runtime Data (McChecker.exe )

{491E922F-5643-4AF4-A7EB-4E7A138D8174}

Unicode based on Runtime Data (McChecker.exe )

{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}

Unicode based on Runtime Data (McChecker.exe )

{59031A47-3F72-44A7-89C5-5595FE6B30EE}

Unicode based on Runtime Data (McChecker.exe )

{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}

Unicode based on Runtime Data (McChecker.exe )

{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}

Unicode based on Runtime Data (McChecker.exe )

{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}

Unicode based on Runtime Data (McChecker.exe )

{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (McChecker.exe.bin)

$a9f61000-518a-4b75-a6ae-dda9e929e6dc

Ansi based on Memory/File Scan (McChecker.exe.bin)

_CorExeMain

Ansi based on Memory/File Scan (McChecker.exe.bin)

_streamPos

Ansi based on Memory/File Scan (McChecker.exe.bin)

_windowSize

Ansi based on Memory/File Scan (McChecker.exe.bin)

add_AssemblyResolve

Ansi based on Memory/File Scan (McChecker.exe.bin)

AppDomain

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyConfigurationAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyCopyrightAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyName

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyProductAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyTitleAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

AssemblyTrademarkAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

Attribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

BitDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

BitTreeDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

BlockCopy

Ansi based on Memory/File Scan (McChecker.exe.bin)

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ConfusedByAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ConfuserEx v0.6.0

Ansi based on Memory/File Scan (McChecker.exe.bin)

CopyBlock

Ansi based on Memory/File Scan (McChecker.exe.bin)

DataField

Ansi based on Memory/File Scan (McChecker.exe.bin)

DebuggableAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

DebuggingModes

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodeDirectBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodeNormal

Ansi based on Memory/File Scan (McChecker.exe.bin)

DecodeWithMatchByte

Ansi based on Memory/File Scan (McChecker.exe.bin)

Decompress

Ansi based on Memory/File Scan (McChecker.exe.bin)

FileDescription

Unicode based on Memory/File Scan (McChecker.exe.bin)

FileVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

GCHandleType

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_CurrentDomain

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_FullName

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Length

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (McChecker.exe.bin)

get_Target

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetEntryAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetLenToPosState

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

GetParameters

Ansi based on Memory/File Scan (McChecker.exe.bin)

GuidAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

InitializeArray

Ansi based on Memory/File Scan (McChecker.exe.bin)

InternalName

Unicode based on Memory/File Scan (McChecker.exe.bin)

IsCharState

Ansi based on Memory/File Scan (McChecker.exe.bin)

LegalCopyright

Unicode based on Memory/File Scan (McChecker.exe.bin)

LegalTrademarks

Unicode based on Memory/File Scan (McChecker.exe.bin)

LenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

LiteralDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

LoadModule

Ansi based on Memory/File Scan (McChecker.exe.bin)

LzmaDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_Choice2

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_DictionarySize

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_DictionarySizeCheck

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_HighCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsMatchDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRep0LongDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG0Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG1Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_IsRepG2Decoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LiteralDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_LowCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_MidCoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPosBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPosStates

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_NumPrevBits

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_OutWindow

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosAlignDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosDecoders

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosMask

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosSlotDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_PosStateMask

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_RangeDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

m_RepLenDecoder

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.exe

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.Form1.resources

Ansi based on Memory/File Scan (McChecker.exe.bin)

McChecker.Properties.Resources.resources

Ansi based on Memory/File Scan (McChecker.exe.bin)

MemoryStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

MethodBase

Ansi based on Memory/File Scan (McChecker.exe.bin)

mpanyName

Unicode based on Memory/File Scan (McChecker.exe.bin)

mscoree.dll

Ansi based on Memory/File Scan (McChecker.exe.bin)

Normalize

Ansi based on Memory/File Scan (McChecker.exe.bin)

NumBitLevels

Ansi based on Memory/File Scan (McChecker.exe.bin)

oductName

Unicode based on Memory/File Scan (McChecker.exe.bin)

OutWindow

Ansi based on Memory/File Scan (McChecker.exe.bin)

ParameterInfo

Ansi based on Memory/File Scan (McChecker.exe.bin)

ProductVersion

Unicode based on Memory/File Scan (McChecker.exe.bin)

ReleaseStream

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveEventArgs

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveEventHandler

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveMethod

Ansi based on Memory/File Scan (McChecker.exe.bin)

ResolveSignature

Ansi based on Memory/File Scan (McChecker.exe.bin)

ReverseDecode

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeFieldHandle

Ansi based on Memory/File Scan (McChecker.exe.bin)

RuntimeHelpers

Ansi based on Memory/File Scan (McChecker.exe.bin)

sembly Version

Unicode based on Memory/File Scan (McChecker.exe.bin)

SetDecoderProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetDictionarySize

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetLiteralProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

SetPosBitsProperties

Ansi based on Memory/File Scan (McChecker.exe.bin)

STAThreadAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

StringFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

System.Diagnostics

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.IO

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Reflection

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (McChecker.exe.bin)

System.Text

Ansi based on Memory/File Scan (McChecker.exe.bin)

TargetFrameworkAttribute

Ansi based on Memory/File Scan (McChecker.exe.bin)

ToBase64String

Ansi based on Memory/File Scan (McChecker.exe.bin)

ToUpperInvariant

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateChar

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateMatch

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateRep

Ansi based on Memory/File Scan (McChecker.exe.bin)

UpdateShortRep

Ansi based on Memory/File Scan (McChecker.exe.bin)

v4.0.30319

Ansi based on Memory/File Scan (McChecker.exe.bin)

ValueType

Ansi based on Memory/File Scan (McChecker.exe.bin)

VarFileInfo

Unicode based on Memory/File Scan (McChecker.exe.bin)

VS_VERSION_INFO

Unicode based on Memory/File Scan (McChecker.exe.bin)

'__________

Ansi based on Image Processing (screen_4.png)

?_____??_e_0_?,__

Ansi based on Image Processing (screen_4.png)

_,_,_______

Ansi based on Image Processing (screen_4.png)

__0,_,___,,__0,__,_,__

Ansi based on Image Processing (screen_4.png)

____/__J___

Ansi based on Image Processing (screen_4.png)

__________

Ansi based on Image Processing (screen_4.png)

__________,

Ansi based on Image Processing (screen_4.png)

_mcp_em_umchecke_vla

Ansi based on Image Processing (screen_4.png)

Impa_0mbal__

Ansi based on Image Processing (screen_4.png)

p__um_0___

Ansi based on Image Processing (screen_4.png)

??0ClassInfoBase@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z

Ansi based on Runtime Data (McChecker.exe )

??1CritSecLock@DirectUI@@QAE@XZ

Ansi based on Runtime Data (McChecker.exe )

?AddRef@ClassInfoBase@DirectUI@@UAEXXZ

Ansi based on Runtime Data (McChecker.exe )

?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z

Ansi based on Runtime Data (McChecker.exe )

?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z

Ansi based on Runtime Data (McChecker.exe )

?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?GetAtomZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolFalse@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetBoolTrue@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@AccessibleButton@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Button@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@Element@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@ElementWithHWND@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDElement@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetClassInfoPtr@HWNDHost@DirectUI@@SGPAUIClassInfo@2@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetIntZero@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ

Ansi based on Runtime Data (McChecker.exe )

?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ

Ansi based on Runtime Data (McChecker.exe )

?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ

Ansi based on Runtime Data (McChecker.exe )

?GetStringNull@Value@DirectUI@@SGPAV12@XZ

Ansi based on Runtime Data (McChecker.exe )

?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z

Ansi based on Runtime Data (McChecker.exe )

?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@ClassInfoBase@DirectUI@@QAEJXZ

Ansi based on Runtime Data (McChecker.exe )

?Register@Movie@DirectUI@@SGJXZ

Ansi based on Runtime Data (McChecker.exe )

?SetPreprocessedXML@DUIXmlParser@DirectUI@@QAEJPBGPAUHINSTANCE__@@1@Z

Ansi based on Runtime Data (McChecker.exe )

_TrackMouseEvent

Ansi based on Runtime Data (McChecker.exe )

AccListViewV6

Unicode based on Runtime Data (McChecker.exe )

ActivateActCtx

Ansi based on Runtime Data (McChecker.exe )

AllocateAndInitializeSid

Ansi based on Runtime Data (McChecker.exe )

Always Use Tab

Unicode based on Runtime Data (McChecker.exe )

AlwaysShowExt

Unicode based on Runtime Data (McChecker.exe )

Append Completion

Unicode based on Runtime Data (McChecker.exe )

ApphelpCheckShellObject

Ansi based on Runtime Data (McChecker.exe )

Attributes

Unicode based on Runtime Data (McChecker.exe )

AutoCheckSelect

Unicode based on Runtime Data (McChecker.exe )

AutoComplete In File Dialog

Unicode based on Runtime Data (McChecker.exe )

AutoSuggest

Unicode based on Runtime Data (McChecker.exe )

BrowseInPlace

Unicode based on Runtime Data (McChecker.exe )

BufferedPaintInit

Ansi based on Runtime Data (McChecker.exe )

C:\Program Files\Common Files\microsoft shared\ink;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\

Unicode based on Runtime Data (McChecker.exe )

%WINDIR%\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089;;C:\Windows\system32;C:\Windows\sys

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\Microsoft.NET\Framework\v4.0.30319;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javap

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\System32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

C:\Windows\system32;;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:

Unicode based on Runtime Data (McChecker.exe )

CacheLocation

Unicode based on Runtime Data (McChecker.exe )

CallForAttributes

Unicode based on Runtime Data (McChecker.exe )

CD Burning

Unicode based on Runtime Data (McChecker.exe )

CEIPEnable

Unicode based on Runtime Data (McChecker.exe )

CloseThemeData

Ansi based on Runtime Data (McChecker.exe )

CLSIDFromOle1Class

Ansi based on Runtime Data (McChecker.exe )

CLSIDFromString

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_ExW

Ansi based on Runtime Data (McChecker.exe )

CM_Get_Device_Interface_List_Size_ExW

Ansi based on Runtime Data (McChecker.exe )

CoCreateFreeThreadedMarshaler

Ansi based on Runtime Data (McChecker.exe )

CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

CoGetApartmentType

Ansi based on Runtime Data (McChecker.exe )

CoGetClassObject

Ansi based on Runtime Data (McChecker.exe )

CoGetInterfaceAndReleaseStream

Ansi based on Runtime Data (McChecker.exe )

CoGetMalloc

Ansi based on Runtime Data (McChecker.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (McChecker.exe )

CoGetObjectContext

Ansi based on Runtime Data (McChecker.exe )

CoGetPSClsid

Ansi based on Runtime Data (McChecker.exe )

CoInitializeEx

Ansi based on Runtime Data (McChecker.exe )

Com+Enabled

Unicode based on Runtime Data (McChecker.exe )

CoMarshalInterface

Ansi based on Runtime Data (McChecker.exe )

CoMarshalInterThreadInterfaceInStream

Ansi based on Runtime Data (McChecker.exe )

Common Desktop

Unicode based on Runtime Data (McChecker.exe )

Common Documents

Unicode based on Runtime Data (McChecker.exe )

Common Start Menu

Unicode based on Runtime Data (McChecker.exe )

CommonFilesDir

Unicode based on Runtime Data (McChecker.exe )

Content Type

Unicode based on Runtime Data (McChecker.exe )

ConvertSidToStringSidW

Ansi based on Runtime Data (McChecker.exe )

CoRegisterInitializeSpy

Ansi based on Runtime Data (McChecker.exe )

CoReleaseMarshalData

Ansi based on Runtime Data (McChecker.exe )

CoRevokeInitializeSpy

Ansi based on Runtime Data (McChecker.exe )

CoTaskMemAlloc

Ansi based on Runtime Data (McChecker.exe )

CoTaskMemFree

Ansi based on Runtime Data (McChecker.exe )

CoUninitialize

Ansi based on Runtime Data (McChecker.exe )

CoUnmarshalInterface

Ansi based on Runtime Data (McChecker.exe )

CPAcquireContext

Ansi based on Runtime Data (McChecker.exe )

CPCreateHash

Ansi based on Runtime Data (McChecker.exe )

CPDecrypt

Ansi based on Runtime Data (McChecker.exe )

CPDeriveKey

Ansi based on Runtime Data (McChecker.exe )

CPDestroyHash

Ansi based on Runtime Data (McChecker.exe )

CPDestroyKey

Ansi based on Runtime Data (McChecker.exe )

CPDuplicateHash

Ansi based on Runtime Data (McChecker.exe )

CPDuplicateKey

Ansi based on Runtime Data (McChecker.exe )

CPEncrypt

Ansi based on Runtime Data (McChecker.exe )

CPExportKey

Ansi based on Runtime Data (McChecker.exe )

CPGenRandom

Ansi based on Runtime Data (McChecker.exe )

CPGetHashParam

Ansi based on Runtime Data (McChecker.exe )

CPGetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CPGetProvParam

Ansi based on Runtime Data (McChecker.exe )

CPGetUserKey

Ansi based on Runtime Data (McChecker.exe )

CPHashData

Ansi based on Runtime Data (McChecker.exe )

CPHashSessionKey

Ansi based on Runtime Data (McChecker.exe )

CPImportKey

Ansi based on Runtime Data (McChecker.exe )

CPReleaseContext

Ansi based on Runtime Data (McChecker.exe )

CPSetHashParam

Ansi based on Runtime Data (McChecker.exe )

CPSetKeyParam

Ansi based on Runtime Data (McChecker.exe )

CPSetProvParam

Ansi based on Runtime Data (McChecker.exe )

CPSignHash

Ansi based on Runtime Data (McChecker.exe )

CPVerifySignature

Ansi based on Runtime Data (McChecker.exe )

CreateBindCtx

Ansi based on Runtime Data (McChecker.exe )

CreateGadget

Ansi based on Runtime Data (McChecker.exe )

CreateRectRgn

Ansi based on Runtime Data (McChecker.exe )

CreateStreamOnHGlobal

Ansi based on Runtime Data (McChecker.exe )

CreateTextServices

Ansi based on Runtime Data (McChecker.exe )

CreateXmlReader

Ansi based on Runtime Data (McChecker.exe )

CreateXmlReaderInputWithEncodingName

Ansi based on Runtime Data (McChecker.exe )

CryptAcquireContextW

Ansi based on Runtime Data (McChecker.exe )

CryptGenRandom

Ansi based on Runtime Data (McChecker.exe )

CscNetApiGetInterface

Ansi based on Runtime Data (McChecker.exe )

CurrentVersion

Unicode based on Runtime Data (McChecker.exe )

DataFilePath

Unicode based on Runtime Data (McChecker.exe )

DbgJITDebugLaunchSetting

Unicode based on Runtime Data (McChecker.exe )

DbgManagedDebugger

Unicode based on Runtime Data (McChecker.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (McChecker.exe )

DeactivateActCtx

Ansi based on Runtime Data (McChecker.exe )

DecodePointer

Ansi based on Runtime Data (McChecker.exe )

DefaultAccessPermission

Unicode based on Runtime Data (McChecker.exe )

Description

Unicode based on Runtime Data (McChecker.exe )

DevOverrideEnable

Unicode based on Runtime Data (McChecker.exe )

DisableConfigCache

Unicode based on Runtime Data (McChecker.exe )

DisableMSIPeek

Unicode based on Runtime Data (McChecker.exe )

DisableProcessIsolation

Unicode based on Runtime Data (McChecker.exe )

DllCanUnloadNow

Ansi based on Runtime Data (McChecker.exe )

DllGetClassObject

Ansi based on Runtime Data (McChecker.exe )

DocObject

Unicode based on Runtime Data (McChecker.exe )

Documents

Unicode based on Runtime Data (McChecker.exe )

Documents.library-ms

Unicode based on Runtime Data (McChecker.exe )

DontPrettyPath

Unicode based on Runtime Data (McChecker.exe )

DownloadCacheQuotaInKB

Unicode based on Runtime Data (McChecker.exe )

DragDelay

Unicode based on Runtime Data (McChecker.exe )

DragMinDist

Unicode based on Runtime Data (McChecker.exe )

DrawThemeBackground

Ansi based on Runtime Data (McChecker.exe )

DrawThemeBackgroundW

Ansi based on Runtime Data (McChecker.exe )

DrawThemeParentBackground

Ansi based on Runtime Data (McChecker.exe )

DrawThemeParentBackgroundW

Ansi based on Runtime Data (McChecker.exe )

DriveMask

Unicode based on Runtime Data (McChecker.exe )

DwmIsCompositionEnabled

Ansi based on Runtime Data (McChecker.exe )

EnableAnchorContext

Unicode based on Runtime Data (McChecker.exe )

EnableBalloonTips

Unicode based on Runtime Data (McChecker.exe )

EnableLog

Unicode based on Runtime Data (McChecker.exe )

EnableShareDenyNone

Unicode based on Runtime Data (McChecker.exe )

EnableWindow

Ansi based on Runtime Data (McChecker.exe )

EncodePointer

Ansi based on Runtime Data (McChecker.exe )

EnumThreadWindows

Ansi based on Runtime Data (McChecker.exe )

FileInUseMillisecondsBetweenRetries

Unicode based on Runtime Data (McChecker.exe )

FileInUseRetryAttempts

Unicode based on Runtime Data (McChecker.exe )

FindActCtxSectionStringW

Ansi based on Runtime Data (McChecker.exe )

FindStdColor

Ansi based on Runtime Data (McChecker.exe )

FolderTypeID

Unicode based on Runtime Data (McChecker.exe )

FontCachePath

Unicode based on Runtime Data (McChecker.exe )

GdipCombineRegionRegion

Ansi based on Runtime Data (McChecker.exe )

GdipCreateMatrix

Ansi based on Runtime Data (McChecker.exe )

GdipCreateRegion

Ansi based on Runtime Data (McChecker.exe )

GdipCreateSolidFill

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteBrush

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteMatrix

Ansi based on Runtime Data (McChecker.exe )

GdipDeleteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipDrawImageRectI

Ansi based on Runtime Data (McChecker.exe )

GdipFillRectangleI

Ansi based on Runtime Data (McChecker.exe )

GdipGetClip

Ansi based on Runtime Data (McChecker.exe )

GdipGetDC

Ansi based on Runtime Data (McChecker.exe )

GdipGetMatrixElements

Ansi based on Runtime Data (McChecker.exe )

GdipGetNearestColor

Ansi based on Runtime Data (McChecker.exe )

GdipGetRegionHRgn

Ansi based on Runtime Data (McChecker.exe )

GdipGetTextRenderingHint

Ansi based on Runtime Data (McChecker.exe )

GdipGetWorldTransform

Ansi based on Runtime Data (McChecker.exe )

GdipIsInfiniteRegion

Ansi based on Runtime Data (McChecker.exe )

GdipIsMatrixIdentity

Ansi based on Runtime Data (McChecker.exe )

GdipReleaseDC

Ansi based on Runtime Data (McChecker.exe )

GdipRestoreGraphics

Ansi based on Runtime Data (McChecker.exe )

GdipSaveGraphics

Ansi based on Runtime Data (McChecker.exe )

GdipSetPageUnit

Ansi based on Runtime Data (McChecker.exe )

Generation

Unicode based on Runtime Data (McChecker.exe )

GetActiveWindow

Ansi based on Runtime Data (McChecker.exe )

GetBkMode

Ansi based on Runtime Data (McChecker.exe )

GetCapture

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject

Ansi based on Runtime Data (McChecker.exe )

GetCatalogObject2

Ansi based on Runtime Data (McChecker.exe )

GetClipRgn

Ansi based on Runtime Data (McChecker.exe )

GetCurrentThemeName

Ansi based on Runtime Data (McChecker.exe )

GetFileVersionInfoSizeW

Ansi based on Runtime Data (McChecker.exe )

GetFileVersionInfoW

Ansi based on Runtime Data (McChecker.exe )

GetGadgetTicket

Ansi based on Runtime Data (McChecker.exe )

GetKeyState

Ansi based on Runtime Data (McChecker.exe )

GetMartaExtensionInterface

Ansi based on Runtime Data (McChecker.exe )

GetProcessWindowStation

Ansi based on Runtime Data (McChecker.exe )

GetTextAlign

Ansi based on Runtime Data (McChecker.exe )

GetTextColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppProperties

Ansi based on Runtime Data (McChecker.exe )

GetThemeAppPropertiesW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRect

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundContentRectW

Ansi based on Runtime Data (McChecker.exe )

GetThemeBackgroundExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeBool

Ansi based on Runtime Data (McChecker.exe )

GetThemeColor

Ansi based on Runtime Data (McChecker.exe )

GetThemeColorW

Ansi based on Runtime Data (McChecker.exe )

GetThemeFont

Ansi based on Runtime Data (McChecker.exe )

GetThemeMargins

Ansi based on Runtime Data (McChecker.exe )

GetThemePartSize

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextExtent

Ansi based on Runtime Data (McChecker.exe )

GetThemeTextMetrics

Ansi based on Runtime Data (McChecker.exe )

GetTokenInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformation

Ansi based on Runtime Data (McChecker.exe )

GetUserObjectInformationA

Ansi based on Runtime Data (McChecker.exe )

GlobalSession

Unicode based on Runtime Data (McChecker.exe )

HasNavigationEnum

Unicode based on Runtime Data (McChecker.exe )

HideFileExt

Unicode based on Runtime Data (McChecker.exe )

HideFolderVerbs

Unicode based on Runtime Data (McChecker.exe )

HideIcons

Unicode based on Runtime Data (McChecker.exe )

HideInWebView

Unicode based on Runtime Data (McChecker.exe )

HideOnDesktopPerUser

Unicode based on Runtime Data (McChecker.exe )

I_RpcExtInitializeExtensionPoint

Ansi based on Runtime Data (McChecker.exe )

IconsOnly

Unicode based on Runtime Data (McChecker.exe )

IIDFromString

Ansi based on Runtime Data (McChecker.exe )

Image Path

Unicode based on Runtime Data (McChecker.exe )

ImageList_CoCreateInstance

Ansi based on Runtime Data (McChecker.exe )

ImageList_LoadImageW

Ansi based on Runtime Data (McChecker.exe )

ImmGetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

ImmGetContext

Ansi based on Runtime Data (McChecker.exe )

ImmLockIMC

Ansi based on Runtime Data (McChecker.exe )

ImmReleaseContext

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionFontW

Ansi based on Runtime Data (McChecker.exe )

ImmSetCompositionWindow

Ansi based on Runtime Data (McChecker.exe )

ImmUnlockIMC

Ansi based on Runtime Data (McChecker.exe )

InitCommonControls

Ansi based on Runtime Data (McChecker.exe )

InitCommonControlsEx

Ansi based on Runtime Data (McChecker.exe )

InitFolderHandler

Unicode based on Runtime Data (McChecker.exe )

InitGadgets

Ansi based on Runtime Data (McChecker.exe )

InitializeSecurityDescriptor

Ansi based on Runtime Data (McChecker.exe )

InitProcessPriv

Ansi based on Runtime Data (McChecker.exe )

InitThread

Ansi based on Runtime Data (McChecker.exe )

InitVariantFromBuffer

Ansi based on Runtime Data (McChecker.exe )

InprocServer32

Unicode based on Runtime Data (McChecker.exe )

InstallRoot

Unicode based on Runtime Data (McChecker.exe )

InvalidateGadget

Ansi based on Runtime Data (McChecker.exe )

InvalidateRect

Ansi based on Runtime Data (McChecker.exe )

IsAppThemed

Ansi based on Runtime Data (McChecker.exe )

IsCompositionActive

Ansi based on Runtime Data (McChecker.exe )

IsProcessDPIAware

Ansi based on Runtime Data (McChecker.exe )

IsShortcut

Unicode based on Runtime Data (McChecker.exe )

IsTabletPC

Unicode based on Runtime Data (McChecker.exe )

IsTextUnicode

Ansi based on Runtime Data (McChecker.exe )

IsThemeBackgroundPartiallyTransparent

Ansi based on Runtime Data (McChecker.exe )

IsThemeBackgroundPartiallyTransparentW

Ansi based on Runtime Data (McChecker.exe )

IsThemePartDefined

Ansi based on Runtime Data (McChecker.exe )

IsThemePartDefinedW

Ansi based on Runtime Data (McChecker.exe )

IsValidLinkInfo

Ansi based on Runtime Data (McChecker.exe )

IsWindowEnabled

Ansi based on Runtime Data (McChecker.exe )

IsWindowVisible

Ansi based on Runtime Data (McChecker.exe )

LegacyPolicyTimeStamp

Unicode based on Runtime Data (McChecker.exe )

Libraries

Unicode based on Runtime Data (McChecker.exe )

ListviewAlphaSelect

Unicode based on Runtime Data (McChecker.exe )

ListviewShadow

Unicode based on Runtime Data (McChecker.exe )

LoadCursor

Ansi based on Runtime Data (McChecker.exe )

LoadCursorW

Ansi based on Runtime Data (McChecker.exe )

LoadIconWithScaleDown

Ansi based on Runtime Data (McChecker.exe )

LoadWithoutCOM

Unicode based on Runtime Data (McChecker.exe )

Local AppData

Unicode based on Runtime Data (McChecker.exe )

LocalizedName

Unicode based on Runtime Data (McChecker.exe )

LocalRedirectOnly

Unicode based on Runtime Data (McChecker.exe )

LogFailures

Unicode based on Runtime Data (McChecker.exe )

LoggingLevel

Unicode based on Runtime Data (McChecker.exe )

LogResourceBinds

Unicode based on Runtime Data (McChecker.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (McChecker.exe )

LookupAccountSidW

Ansi based on Runtime Data (McChecker.exe )

MachineGuid

Unicode based on Runtime Data (McChecker.exe )

MachineThrottling

Unicode based on Runtime Data (McChecker.exe )

MapNetDriveVerbs

Unicode based on Runtime Data (McChecker.exe )

MapNetDrvBtn

Unicode based on Runtime Data (McChecker.exe )

MartaExtension

Unicode based on Runtime Data (McChecker.exe )

Max Cached Icons

Unicode based on Runtime Data (McChecker.exe )

MaxSxSHashCount

Unicode based on Runtime Data (McChecker.exe )

Microsoft

Unicode based on Runtime Data (McChecker.exe )

MRUListEx

Unicode based on Runtime Data (McChecker.exe )

My Pictures

Unicode based on Runtime Data (McChecker.exe )

NdrOleExtDLL

Unicode based on Runtime Data (McChecker.exe )

NdrOleInitializeExtension

Ansi based on Runtime Data (McChecker.exe )

NetShareEnum

Ansi based on Runtime Data (McChecker.exe )

NeverShowExt

Unicode based on Runtime Data (McChecker.exe )

NoClientChecks

Unicode based on Runtime Data (McChecker.exe )

NoFileFolderJunction

Unicode based on Runtime Data (McChecker.exe )

NoNetCrawling

Unicode based on Runtime Data (McChecker.exe )

NotifyWinEvent

Ansi based on Runtime Data (McChecker.exe )

OffsetViewportOrgEx

Ansi based on Runtime Data (McChecker.exe )

OleInitialize

Ansi based on Runtime Data (McChecker.exe )

OleUninitialize

Ansi based on Runtime Data (McChecker.exe )

OnlyUseLatestCLR

Unicode based on Runtime Data (McChecker.exe )

OpenProcessToken

Ansi based on Runtime Data (McChecker.exe )

OpenThemeData

Ansi based on Runtime Data (McChecker.exe )

OpenThemeDataW

Ansi based on Runtime Data (McChecker.exe )

OpenThreadToken

Ansi based on Runtime Data (McChecker.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (McChecker.exe )

ParentFolder

Unicode based on Runtime Data (McChecker.exe )

ParsingName

Unicode based on Runtime Data (McChecker.exe )

PerceivedType

Unicode based on Runtime Data (McChecker.exe )

PinToNameSpaceTree

Unicode based on Runtime Data (McChecker.exe )

PreCreate

Unicode based on Runtime Data (McChecker.exe )

PreferExternalManifest

Unicode based on Runtime Data (McChecker.exe )

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (McChecker.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (McChecker.exe )

ProfileImagePath

Unicode based on Runtime Data (McChecker.exe )

PropVariantClear

Ansi based on Runtime Data (McChecker.exe )

PropVariantCopy

Ansi based on Runtime Data (McChecker.exe )

PropVariantToGUID

Ansi based on Runtime Data (McChecker.exe )

PropVariantToStringAlloc

Ansi based on Runtime Data (McChecker.exe )

PSCreateMemoryPropertyStore

Ansi based on Runtime Data (McChecker.exe )

PSGetNameFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

PSGetPropertyDescription

Ansi based on Runtime Data (McChecker.exe )

PSStringFromPropertyKey

Ansi based on Runtime Data (McChecker.exe )

PublishExpandedPath

Unicode based on Runtime Data (McChecker.exe )

QueryActCtxW

Ansi based on Runtime Data (McChecker.exe )

QueryForInfoTip

Unicode based on Runtime Data (McChecker.exe )

QueryForOverlay

Unicode based on Runtime Data (McChecker.exe )

RaiseDefaultAuthnLevel

Unicode based on Runtime Data (McChecker.exe )

RegEnumKeyW

Ansi based on Runtime Data (McChecker.exe )

RegisterClassNameW

Ansi based on Runtime Data (McChecker.exe )

RegisterMessagePumpHook

Ansi based on Runtime Data (McChecker.exe )

RegQueryValueW

Ansi based on Runtime Data (McChecker.exe )

RelativePath

Unicode based on Runtime Data (McChecker.exe )

RemoteRpcDll

Unicode based on Runtime Data (McChecker.exe )

RestrictedAttributes

Unicode based on Runtime Data (McChecker.exe )

RtlDllShutdownInProgress

Ansi based on Runtime Data (McChecker.exe )

RtlInitUnicodeString

Ansi based on Runtime Data (McChecker.exe )

RtlRunDecodeUnicodeString

Ansi based on Runtime Data (McChecker.exe )

RtlRunEncodeUnicodeString

Ansi based on Runtime Data (McChecker.exe )

SafeProcessSearchMode

Unicode based on Runtime Data (McChecker.exe )

ScrollDelay

Unicode based on Runtime Data (McChecker.exe )

ScrollInset

Unicode based on Runtime Data (McChecker.exe )

ScrollInterval

Unicode based on Runtime Data (McChecker.exe )

SelectClipRgn

Ansi based on Runtime Data (McChecker.exe )

SeparateProcess

Unicode based on Runtime Data (McChecker.exe )

SetBkMode

Ansi based on Runtime Data (McChecker.exe )

SetCursor

Ansi based on Runtime Data (McChecker.exe )

SetEntriesInAclW

Ansi based on Runtime Data (McChecker.exe )

SetGadgetMessageFilter

Ansi based on Runtime Data (McChecker.exe )

SetGadgetParent

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRect

Ansi based on Runtime Data (McChecker.exe )

SetGadgetRootInfo

Ansi based on Runtime Data (McChecker.exe )

SetGadgetStyle

Ansi based on Runtime Data (McChecker.exe )

SetSecurityDescriptorDacl

Ansi based on Runtime Data (McChecker.exe )

SetWindowTheme

Ansi based on Runtime Data (McChecker.exe )

ShellState

Unicode based on Runtime Data (McChecker.exe )

ShowCompColor

Unicode based on Runtime Data (McChecker.exe )

ShowInfoTip

Unicode based on Runtime Data (McChecker.exe )

ShowSuperHidden

Unicode based on Runtime Data (McChecker.exe )

ShowTypeOverlay

Unicode based on Runtime Data (McChecker.exe )

SLGetWindowsInformationDWORD

Ansi based on Runtime Data (McChecker.exe )

SmoothScroll

Unicode based on Runtime Data (McChecker.exe )

SortOrderIndex

Unicode based on Runtime Data (McChecker.exe )

StreamResource

Unicode based on Runtime Data (McChecker.exe )

StreamResourceType

Unicode based on Runtime Data (McChecker.exe )

StringFromGUID2

Ansi based on Runtime Data (McChecker.exe )

StringFromIID

Ansi based on Runtime Data (McChecker.exe )

SuppressionPolicy

Unicode based on Runtime Data (McChecker.exe )

System.NamespaceCLSID

Unicode based on Runtime Data (McChecker.exe )

SystemFunction036

Ansi based on Runtime Data (McChecker.exe )

SystemParametersInfo

Ansi based on Runtime Data (McChecker.exe )

SystemParametersInfoW

Ansi based on Runtime Data (McChecker.exe )

ThreadingModel

Unicode based on Runtime Data (McChecker.exe )

UpdateWindow

Ansi based on Runtime Data (McChecker.exe )

UseDoubleClickTimer

Unicode based on Runtime Data (McChecker.exe )

UseDropHandler

Unicode based on Runtime Data (McChecker.exe )

UseInProcHandlerCache

Unicode based on Runtime Data (McChecker.exe )

UseLegacyIdentityFormat

Unicode based on Runtime Data (McChecker.exe )

UseLegacyV2RuntimeActivationPolicyDefaultValue

Unicode based on Runtime Data (McChecker.exe )

UseOutOfProcHandlerCache

Unicode based on Runtime Data (McChecker.exe )

VerQueryValueW

Ansi based on Runtime Data (McChecker.exe )

WaitMessage

Ansi based on Runtime Data (McChecker.exe )

WantsAliasedNotifications

Unicode based on Runtime Data (McChecker.exe )

WantsFORDISPLAY

Unicode based on Runtime Data (McChecker.exe )

WantsFORPARSING

Unicode based on Runtime Data (McChecker.exe )

WantsParseDisplayName

Unicode based on Runtime Data (McChecker.exe )

WantsUniversalDelegate

Unicode based on Runtime Data (McChecker.exe )

WICCreateImagingFactory_Proxy

Ansi based on Runtime Data (McChecker.exe )

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (McChecker.exe )

{031E4825-7B94-4DC3-B131-E946B44C8DD5}

Unicode based on Runtime Data (McChecker.exe )

{08244EE6-92F0-47F2-9FC9-929BAA2E7235} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}

Unicode based on Runtime Data (McChecker.exe )

{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Unicode based on Runtime Data (McChecker.exe )

{2112AB0A-C86A-4FFE-A368-0DE96E47012E}

Unicode based on Runtime Data (McChecker.exe )

{28636AA6-953D-11D2-B5D6-00C04FD918D0} 6

Unicode based on Runtime Data (McChecker.exe )

{48DAF80B-E6CF-4F4E-B800-0E69D84EE384}

Unicode based on Runtime Data (McChecker.exe )

{491E922F-5643-4AF4-A7EB-4E7A138D8174}

Unicode based on Runtime Data (McChecker.exe )

{52A4F021-7B75-48A9-9F6B-4B87A210BC8F}

Unicode based on Runtime Data (McChecker.exe )

{59031A47-3F72-44A7-89C5-5595FE6B30EE}

Unicode based on Runtime Data (McChecker.exe )

{7B0DB17D-9CD2-4A93-9733-46CC89022E7C}

Unicode based on Runtime Data (McChecker.exe )

{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}

Unicode based on Runtime Data (McChecker.exe )

{A75D362E-50FC-4FB7-AC2C-A8BEAA314493}

Unicode based on Runtime Data (McChecker.exe )

{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF

Unicode based on Runtime Data (McChecker.exe )

??_?___m_??__?_?___

Ansi based on Image Processing (screen_1.png)

?_____??_e_0_?___

Ansi based on Image Processing (screen_2.png)

_??_?_____

Ansi based on Image Processing (screen_0.png)

__\0fd_sdt_ty/_v___

Ansi based on Image Processing (screen_0.png)

_MC_r_mlumCh_c__r_1D

Ansi based on Image Processing (screen_0.png)

Impa_0mbal_

Ansi based on Image Processing (screen_0.png)

p_mum_0__

Ansi based on Image Processing (screen_0.png)

Extracted Files

No significant files were extracted.

Notifications

Runtime

A process crash was detected during the runtime analysis

Not all sources for signature ID "api-55" are available in the report

Not all sources for signature ID "api-7" are available in the report

Not all sources for signature ID "api-8" are available in the report

Environment 1

Sample was not shared with the community

Community

There are no community comments.

You must be logged in to submit a comment.

McChecker.exe

Incident Response

Risk Assessment

Indicators

Malicious Indicators 3

Suspicious Indicators 10

Informative 4

File Details

McChecker.exe

Resources

Visualization

Version Info

Classification (TrID)

File Sections

File Resources

File Imports

Screenshots

System Resource Monitor

Hybrid Analysis

Network Analysis

DNS Requests

Contacted Hosts

HTTP Traffic

Extracted Strings

Extracted Files

Notifications

Runtime

Environment 1

Community

Latest News

Vetting required

Request Report Deletion

Link