nvspscreenshot64.dll

Description: NVIDIA ShadowPlay Screenshot

Authors: (C) NVIDIA Corporation. All rights reserved.

Version: 11.0.5.420

Architecture: 64-bit

Operating System: Windows

SHA256: c1399d183ec071cb28c26d38cf46ab27

File Size: 1.3 MB

Uploaded At: Dec. 1, 2025, 2:54 p.m.

Views: 6

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • NvCreateScreenshotInterface (Ordinal: 1, Address: 0x47dc)

Imported DLLs & Functions

ADVAPI32.dll
  • AllocateAndInitializeSid (Address: 0x180157090)
  • CopySid (Address: 0x180157008)
  • CreateRestrictedToken (Address: 0x180157098)
  • CreateWellKnownSid (Address: 0x1801570a0)
  • FreeSid (Address: 0x180157078)
  • GetLengthSid (Address: 0x180157018)
  • GetSecurityDescriptorDacl (Address: 0x180157070)
  • GetTokenInformation (Address: 0x180157000)
  • GetUserNameA (Address: 0x180157048)
  • GetUserNameW (Address: 0x180157040)
  • ImpersonateSelf (Address: 0x180157068)
  • InitializeSecurityDescriptor (Address: 0x180157060)
  • OpenProcessToken (Address: 0x180157010)
  • OpenThreadToken (Address: 0x180157088)
  • RegCloseKey (Address: 0x180157038)
  • RegOpenKeyExA (Address: 0x180157030)
  • RegQueryValueExA (Address: 0x180157028)
  • RevertToSelf (Address: 0x180157058)
  • SetEntriesInAclA (Address: 0x180157020)
  • SetSecurityDescriptorDacl (Address: 0x180157050)
  • SetThreadToken (Address: 0x180157080)
gdiplus.dll
  • GdipAlloc (Address: 0x1801577c8)
  • GdipCloneImage (Address: 0x1801577e8)
  • GdipCreateBitmapFromScan0 (Address: 0x1801577d8)
  • GdipDisposeImage (Address: 0x1801577e0)
  • GdipFree (Address: 0x180157800)
  • GdipGetImageEncoders (Address: 0x1801577b8)
  • GdipGetImageEncodersSize (Address: 0x1801577c0)
  • GdiplusShutdown (Address: 0x1801577f0)
  • GdiplusStartup (Address: 0x1801577f8)
  • GdipSaveImageToFile (Address: 0x1801577b0)
  • GdipSetPropertyItem (Address: 0x1801577d0)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x1801573c0)
  • CloseHandle (Address: 0x1801571a0)
  • CompareStringEx (Address: 0x1801573a8)
  • CompareStringW (Address: 0x180157518)
  • ConnectNamedPipe (Address: 0x180157310)
  • CopyFileA (Address: 0x1801572a0)
  • CreateDirectoryA (Address: 0x180157220)
  • CreateEventA (Address: 0x1801571c0)
  • CreateFileA (Address: 0x180157228)
  • CreateFileMappingA (Address: 0x180157358)
  • CreateFileW (Address: 0x180157260)
  • CreateMutexA (Address: 0x180157330)
  • CreateNamedPipeA (Address: 0x180157360)
  • CreateThread (Address: 0x1801571d0)
  • DecodePointer (Address: 0x180157388)
  • DeleteCriticalSection (Address: 0x1801571f0)
  • DeleteFileA (Address: 0x180157230)
  • DisconnectNamedPipe (Address: 0x1801572e8)
  • EncodePointer (Address: 0x180157380)
  • EnterCriticalSection (Address: 0x1801571e0)
  • EnumSystemLocalesW (Address: 0x180157540)
  • ExitProcess (Address: 0x1801574b8)
  • FindClose (Address: 0x180157178)
  • FindFirstFileExW (Address: 0x180157120)
  • FindNextFileW (Address: 0x180157128)
  • FlsAlloc (Address: 0x1801574e8)
  • FlsFree (Address: 0x180157500)
  • FlsGetValue (Address: 0x1801574f0)
  • FlsSetValue (Address: 0x1801574f8)
  • FlushFileBuffers (Address: 0x1801572d8)
  • FormatMessageA (Address: 0x180157368)
  • FreeEnvironmentStringsW (Address: 0x180157160)
  • FreeLibrary (Address: 0x180157208)
  • GetACP (Address: 0x180157138)
  • GetCommandLineA (Address: 0x180157148)
  • GetCommandLineW (Address: 0x180157150)
  • GetConsoleMode (Address: 0x180157550)
  • GetConsoleOutputCP (Address: 0x180157548)
  • GetCPInfo (Address: 0x1801573b0)
  • GetCurrentProcess (Address: 0x180157340)
  • GetCurrentProcessId (Address: 0x1801571f8)
  • GetCurrentThread (Address: 0x180157268)
  • GetCurrentThreadId (Address: 0x180157270)
  • GetDateFormatW (Address: 0x180157508)
  • GetEnvironmentStringsW (Address: 0x180157158)
  • GetFileAttributesA (Address: 0x180157238)
  • GetFileSizeEx (Address: 0x180157240)
  • GetFileType (Address: 0x1801574d0)
  • GetFinalPathNameByHandleA (Address: 0x180157248)
  • GetLastError (Address: 0x180157448)
  • GetLocaleInfoEx (Address: 0x180157370)
  • GetLocaleInfoW (Address: 0x180157528)
  • GetLocalTime (Address: 0x180157278)
  • GetModuleFileNameW (Address: 0x180157280)
  • GetModuleHandleExW (Address: 0x1801574c0)
  • GetModuleHandleW (Address: 0x180157288)
  • GetOEMCP (Address: 0x180157140)
  • GetProcAddress (Address: 0x180157210)
  • GetProcessHeap (Address: 0x180157328)
  • GetStartupInfoW (Address: 0x180157418)
  • GetStdHandle (Address: 0x1801574c8)
  • GetStringTypeW (Address: 0x1801573a0)
  • GetSystemDirectoryW (Address: 0x1801572d0)
  • GetSystemInfo (Address: 0x1801572c8)
  • GetSystemTimeAsFileTime (Address: 0x180157420)
  • GetTempPathW (Address: 0x1801574e0)
  • GetTimeFormatW (Address: 0x180157510)
  • GetTimeZoneInformation (Address: 0x180157180)
  • GetUserDefaultLCID (Address: 0x180157538)
  • HeapAlloc (Address: 0x180157318)
  • HeapFree (Address: 0x180157320)
  • HeapReAlloc (Address: 0x180157188)
  • HeapSize (Address: 0x180157438)
  • InitializeCriticalSection (Address: 0x1801571d8)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180157488)
  • InitializeCriticalSectionEx (Address: 0x180157378)
  • InitializeSListHead (Address: 0x180157428)
  • InterlockedFlushSList (Address: 0x180157478)
  • InterlockedPushEntrySList (Address: 0x180157470)
  • IsDebuggerPresent (Address: 0x180157410)
  • IsProcessorFeaturePresent (Address: 0x180157408)
  • IsValidCodePage (Address: 0x180157130)
  • IsValidLocale (Address: 0x180157530)
  • LCMapStringEx (Address: 0x180157398)
  • LCMapStringW (Address: 0x180157520)
  • LeaveCriticalSection (Address: 0x1801571e8)
  • LoadLibraryA (Address: 0x180157218)
  • LoadLibraryExW (Address: 0x1801574b0)
  • LocalAlloc (Address: 0x180157290)
  • LocalFree (Address: 0x180157298)
  • MapViewOfFile (Address: 0x180157348)
  • MoveFileExA (Address: 0x1801572a8)
  • MultiByteToWideChar (Address: 0x180157390)
  • OpenEventA (Address: 0x180157450)
  • OpenFileMappingA (Address: 0x180157308)
  • OpenMutexA (Address: 0x180157350)
  • OpenProcess (Address: 0x180157200)
  • OutputDebugStringA (Address: 0x180157258)
  • OutputDebugStringW (Address: 0x180157198)
  • QueryPerformanceCounter (Address: 0x1801572b8)
  • QueryPerformanceFrequency (Address: 0x1801572c0)
  • RaiseException (Address: 0x180157460)
  • ReadConsoleW (Address: 0x180157430)
  • ReadFile (Address: 0x1801572e0)
  • ReleaseMutex (Address: 0x1801572f0)
  • ReleaseSRWLockExclusive (Address: 0x1801573b8)
  • ResetEvent (Address: 0x1801571b0)
  • RtlCaptureContext (Address: 0x1801573d8)
  • RtlLookupFunctionEntry (Address: 0x1801573e0)
  • RtlPcToFileHeader (Address: 0x180157458)
  • RtlUnwind (Address: 0x180157338)
  • RtlUnwindEx (Address: 0x180157468)
  • RtlVirtualUnwind (Address: 0x1801573e8)
  • SetConsoleCtrlHandler (Address: 0x180157190)
  • SetEndOfFile (Address: 0x180157440)
  • SetEnvironmentVariableW (Address: 0x180157168)
  • SetEvent (Address: 0x1801571a8)
  • SetFilePointerEx (Address: 0x180157558)
  • SetLastError (Address: 0x180157480)
  • SetStdHandle (Address: 0x180157170)
  • SetUnhandledExceptionFilter (Address: 0x1801573f8)
  • Sleep (Address: 0x1801571c8)
  • SleepConditionVariableSRW (Address: 0x1801573d0)
  • TerminateProcess (Address: 0x180157400)
  • TlsAlloc (Address: 0x180157490)
  • TlsFree (Address: 0x1801574a8)
  • TlsGetValue (Address: 0x180157498)
  • TlsSetValue (Address: 0x1801574a0)
  • UnhandledExceptionFilter (Address: 0x1801573f0)
  • UnmapViewOfFile (Address: 0x180157300)
  • WaitForMultipleObjects (Address: 0x1801572f8)
  • WaitForSingleObject (Address: 0x1801571b8)
  • WakeAllConditionVariable (Address: 0x1801573c8)
  • WideCharToMultiByte (Address: 0x1801572b0)
  • WriteConsoleW (Address: 0x1801574d8)
  • WriteFile (Address: 0x180157250)
ole32.dll
  • CoCreateInstance (Address: 0x180157870)
OLEAUT32.dll
  • VariantInit (Address: 0x180157690)
SHELL32.dll
  • SHGetFolderPathA (Address: 0x1801576f0)
USER32.dll
  • wsprintfW (Address: 0x180157750)