VsGraphicsHelper.dll
Description: Microsoft Visual Studio Graphics Helper DLL
Authors: © Microsoft Corporation. All rights reserved.
Version: 17.0.36015.10
Architecture: 32-bit
Operating System: Windows
SHA256: 3d5499967c42028ea3ee94c7aec6bc8c
File Size: 1.4 MB
Uploaded At: Dec. 1, 2025, 8:06 a.m.
Views: 16
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: WriteProcessMemory, VirtualAllocEx
Exported Functions
- DisableD3DSpy (Ordinal: 1, Address: 0xd74f0)
- _VsgDbgAddHUDMessage@4 (Ordinal: 2, Address: 0xa2fe0)
- _VsgDbgBeginCapture@0 (Ordinal: 3, Address: 0xa2f40)
- _VsgDbgCaptureCurrentFrame@0 (Ordinal: 4, Address: 0xa2f00)
- _VsgDbgCopy@4 (Ordinal: 5, Address: 0xa2f90)
- _VsgDbgEndCapture@0 (Ordinal: 6, Address: 0xa2f70)
- _VsgDbgInit@4 (Ordinal: 7, Address: 0xa2e70)
- _VsgDbgInitDelayed@40 (Ordinal: 8, Address: 0xa2db0)
- _VsgDbgToggleHUD@0 (Ordinal: 9, Address: 0xa2ee0)
- _VsgDbgUnInit@0 (Ordinal: 10, Address: 0xa2ec0)
Imported DLLs & Functions
ADVAPI32.dll
- CreateProcessAsUserA (Address: 0x10154000)
- CreateProcessAsUserW (Address: 0x10154004)
- RegCloseKey (Address: 0x10154008)
- RegCreateKeyExW (Address: 0x1015401c)
- RegDeleteKeyExW (Address: 0x10154020)
- RegDeleteValueW (Address: 0x10154024)
- RegGetValueW (Address: 0x10154014)
- RegOpenKeyExW (Address: 0x1015400c)
- RegQueryValueExW (Address: 0x10154010)
- RegSetValueExW (Address: 0x10154018)
d2d1.dll
- (Address: 0x101542a0)
d3d11.dll
- D3D11CreateDevice (Address: 0x101542a8)
dbghelp.dll
- StackWalk64 (Address: 0x101542b4)
- SymFunctionTableAccess64 (Address: 0x101542b0)
- SymGetModuleBase64 (Address: 0x101542b8)
DWrite.dll
- DWriteCreateFactory (Address: 0x1015402c)
dxgi.dll
- CreateDXGIFactory1 (Address: 0x101542c0)
GDI32.dll
- GetDeviceCaps (Address: 0x10154034)
imagehlp.dll
- UnMapAndLoad (Address: 0x101542c8)
KERNEL32.dll
- CloseHandle (Address: 0x1015407c)
- CopyFileExW (Address: 0x1015411c)
- CreateEventW (Address: 0x1015406c)
- CreateFileMappingW (Address: 0x101540c4)
- CreateFileW (Address: 0x10154074)
- CreateProcessA (Address: 0x101541c8)
- CreateProcessW (Address: 0x101541c4)
- CreateThread (Address: 0x10154114)
- CreateToolhelp32Snapshot (Address: 0x10154150)
- DecodePointer (Address: 0x101541a4)
- DeleteCriticalSection (Address: 0x101540a4)
- DeleteFileW (Address: 0x101540ec)
- EncodePointer (Address: 0x10154240)
- EnterCriticalSection (Address: 0x101540f0)
- ExitProcess (Address: 0x10154120)
- FileTimeToSystemTime (Address: 0x10154170)
- FindClose (Address: 0x10154168)
- FindFirstFileExW (Address: 0x10154208)
- FindFirstFileW (Address: 0x10154164)
- FindNextFileW (Address: 0x10154204)
- FindResourceExW (Address: 0x101540d8)
- FindResourceW (Address: 0x10154058)
- FlushFileBuffers (Address: 0x1015420c)
- FlushInstructionCache (Address: 0x101541d0)
- FormatMessageW (Address: 0x101541a0)
- FreeEnvironmentStringsW (Address: 0x101541e4)
- FreeLibrary (Address: 0x10154044)
- GetACP (Address: 0x101541fc)
- GetCommandLineA (Address: 0x101541f0)
- GetCommandLineW (Address: 0x101541ec)
- GetConsoleMode (Address: 0x10154210)
- GetConsoleOutputCP (Address: 0x10154268)
- GetCPInfo (Address: 0x101541f4)
- GetCurrentProcess (Address: 0x101540ac)
- GetCurrentProcessId (Address: 0x10154104)
- GetCurrentThread (Address: 0x101540b8)
- GetCurrentThreadId (Address: 0x10154108)
- GetEnvironmentStringsW (Address: 0x101541e8)
- GetExitCodeProcess (Address: 0x10154090)
- GetFileSizeEx (Address: 0x10154138)
- GetFileTime (Address: 0x1015416c)
- GetFileType (Address: 0x10154260)
- GetLastError (Address: 0x10154084)
- GetModuleFileNameA (Address: 0x10154194)
- GetModuleFileNameW (Address: 0x10154040)
- GetModuleHandleA (Address: 0x101540e0)
- GetModuleHandleExW (Address: 0x10154188)
- GetModuleHandleW (Address: 0x101540fc)
- GetOEMCP (Address: 0x101541f8)
- GetOverlappedResult (Address: 0x10154088)
- GetProcAddress (Address: 0x101540dc)
- GetProcessHeap (Address: 0x101540f8)
- GetStartupInfoW (Address: 0x10154228)
- GetStdHandle (Address: 0x1015425c)
- GetStringTypeW (Address: 0x101541e0)
- GetSystemDirectoryW (Address: 0x10154128)
- GetSystemInfo (Address: 0x10154254)
- GetSystemTimeAsFileTime (Address: 0x10154110)
- GetTempFileNameW (Address: 0x101540e8)
- GetTempPathW (Address: 0x101540e4)
- GetThreadContext (Address: 0x101541a8)
- GetThreadLocale (Address: 0x10154048)
- GetTickCount (Address: 0x10154148)
- GetVersionExW (Address: 0x1015410c)
- HeapAlloc (Address: 0x10154068)
- HeapDestroy (Address: 0x1015405c)
- HeapFree (Address: 0x101541b0)
- HeapReAlloc (Address: 0x10154064)
- HeapSize (Address: 0x10154060)
- InitializeCriticalSection (Address: 0x1015412c)
- InitializeCriticalSectionAndSpinCount (Address: 0x101541ac)
- InitializeCriticalSectionEx (Address: 0x101540d0)
- InitializeSListHead (Address: 0x1015422c)
- InterlockedFlushSList (Address: 0x10154238)
- InterlockedPopEntrySList (Address: 0x101541d4)
- InterlockedPushEntrySList (Address: 0x10154234)
- IsDebuggerPresent (Address: 0x10154224)
- IsProcessorFeaturePresent (Address: 0x10154220)
- IsValidCodePage (Address: 0x10154200)
- IsWow64Process (Address: 0x101541b4)
- K32EnumProcessModules (Address: 0x101540bc)
- K32GetModuleFileNameExW (Address: 0x101540c0)
- K32GetModuleInformation (Address: 0x101540a8)
- LCMapStringW (Address: 0x10154264)
- LeaveCriticalSection (Address: 0x101540f4)
- LoadLibraryExA (Address: 0x101541cc)
- LoadLibraryExW (Address: 0x1015403c)
- LoadLibraryW (Address: 0x10154124)
- LoadResource (Address: 0x10154054)
- LocalFree (Address: 0x10154070)
- LockResource (Address: 0x10154050)
- lstrcmpiW (Address: 0x1015414c)
- lstrlenA (Address: 0x10154134)
- lstrlenW (Address: 0x101540d4)
- MapViewOfFile (Address: 0x101540c8)
- Module32FirstW (Address: 0x10154154)
- Module32NextW (Address: 0x10154158)
- MultiByteToWideChar (Address: 0x101540b0)
- OutputDebugStringA (Address: 0x1015418c)
- OutputDebugStringW (Address: 0x10154118)
- PeekNamedPipe (Address: 0x101540a0)
- QueryPerformanceCounter (Address: 0x10154144)
- QueryPerformanceFrequency (Address: 0x10154140)
- RaiseException (Address: 0x1015423c)
- ReadFile (Address: 0x10154094)
- ReadProcessMemory (Address: 0x1015409c)
- ResumeThread (Address: 0x10154100)
- RtlCaptureContext (Address: 0x101540b4)
- RtlCaptureStackBackTrace (Address: 0x10154190)
- RtlUnwind (Address: 0x10154230)
- SetFilePointerEx (Address: 0x10154130)
- SetLastError (Address: 0x1015419c)
- SetNamedPipeHandleState (Address: 0x10154078)
- SetStdHandle (Address: 0x101541dc)
- SetThreadContext (Address: 0x1015426c)
- SetUnhandledExceptionFilter (Address: 0x10154218)
- SizeofResource (Address: 0x1015404c)
- Sleep (Address: 0x10154098)
- SystemTimeToTzSpecificLocalTime (Address: 0x10154174)
- TerminateProcess (Address: 0x10154214)
- TerminateThread (Address: 0x1015413c)
- TlsAlloc (Address: 0x10154244)
- TlsFree (Address: 0x10154250)
- TlsGetValue (Address: 0x10154248)
- TlsSetValue (Address: 0x1015424c)
- UnhandledExceptionFilter (Address: 0x1015421c)
- UnmapViewOfFile (Address: 0x101540cc)
- VirtualAlloc (Address: 0x10154178)
- VirtualAllocEx (Address: 0x101541c0)
- VirtualFree (Address: 0x1015417c)
- VirtualProtect (Address: 0x10154198)
- VirtualProtectEx (Address: 0x101541bc)
- VirtualQuery (Address: 0x10154258)
- VirtualQueryEx (Address: 0x101541b8)
- WaitForSingleObject (Address: 0x1015408c)
- WideCharToMultiByte (Address: 0x10154180)
- Wow64DisableWow64FsRedirection (Address: 0x1015415c)
- Wow64RevertWow64FsRedirection (Address: 0x10154160)
- WriteConsoleW (Address: 0x101541d8)
- WriteFile (Address: 0x10154080)
- WriteProcessMemory (Address: 0x10154184)
ole32.dll
- CoCreateInstance (Address: 0x101542d0)
- CoInitializeEx (Address: 0x101542d4)
- CoUninitialize (Address: 0x101542d8)
OLEAUT32.dll
- SysAllocString (Address: 0x10154280)
- SysFreeString (Address: 0x10154274)
- VariantClear (Address: 0x1015427c)
- VariantInit (Address: 0x10154278)
SHLWAPI.dll
- PathAppendW (Address: 0x10154288)
VERSION.dll
- GetFileVersionInfoExW (Address: 0x10154294)
- GetFileVersionInfoSizeExW (Address: 0x10154290)
- VerQueryValueW (Address: 0x10154298)