ppt_detect.dll

Description: TODO: <文件说明>

Authors: TODO: (C) <公司名>。 保留所有权利。

Version: 1.0.0.1

Architecture: 64-bit

Operating System: Windows NT

SHA256: 59a94a6415d66cba2f671aadd5d51c6d

File Size: 54.4 KB

Uploaded At: Dec. 2, 2025, 2:42 p.m.

Views: 4

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • ??0PPTDetect@@QEAA@$$QEAV0@@Z (Ordinal: 1, Address: 0x10a0)
  • ??0PPTDetect@@QEAA@AEBV0@@Z (Ordinal: 2, Address: 0x10a0)
  • ??0PPTDetect@@QEAA@XZ (Ordinal: 3, Address: 0x10a0)
  • ??4PPTDetect@@QEAAAEAV0@$$QEAV0@@Z (Ordinal: 4, Address: 0x10b0)
  • ??4PPTDetect@@QEAAAEAV0@AEBV0@@Z (Ordinal: 5, Address: 0x10b0)
  • ??_7PPTDetect@@6B@ (Ordinal: 6, Address: 0x5810)
  • ?GetPresentSlideCount@PPTDetect@@UEAAJXZ (Ordinal: 7, Address: 0x1280)
  • ?GetPresentingCount@PPTDetect@@UEAAJXZ (Ordinal: 8, Address: 0x1260)
  • ?IsPPTShowing@PPTDetect@@UEAA_NXZ (Ordinal: 9, Address: 0x12a0)
  • ?SetWPSDetectFix@PPTDetect@@UEAAX_N@Z (Ordinal: 10, Address: 0x12c0)
  • ?StartPPTDetect@PPTDetect@@QEAA_NH@Z (Ordinal: 11, Address: 0x1140)
  • ?StopPPTDetect@PPTDetect@@QEAA_NXZ (Ordinal: 12, Address: 0x1250)
  • getInstance (Ordinal: 13, Address: 0x10c0)

Imported DLLs & Functions

ADVAPI32.dll
  • RegCloseKey (Address: 0x180005010)
  • RegEnumKeyExW (Address: 0x180005018)
  • RegOpenKeyExW (Address: 0x180005000)
  • RegQueryValueExW (Address: 0x180005008)
api-ms-win-crt-heap-l1-1-0.dll
  • free (Address: 0x180005208)
api-ms-win-crt-runtime-l1-1-0.dll
  • _cexit (Address: 0x180005228)
  • _configure_narrow_argv (Address: 0x180005258)
  • _crt_atexit (Address: 0x180005230)
  • _execute_onexit_table (Address: 0x180005238)
  • _initialize_narrow_environment (Address: 0x180005250)
  • _initialize_onexit_table (Address: 0x180005248)
  • _initterm (Address: 0x180005220)
  • _initterm_e (Address: 0x180005218)
  • _invalid_parameter_noinfo_noreturn (Address: 0x180005268)
  • _register_onexit_function (Address: 0x180005240)
  • _seh_filter_dll (Address: 0x180005260)
api-ms-win-crt-stdio-l1-1-0.dll
  • __stdio_common_vswprintf_s (Address: 0x180005278)
api-ms-win-crt-string-l1-1-0.dll
  • _wcsicmp (Address: 0x180005288)
KERNEL32.dll
  • CloseHandle (Address: 0x180005030)
  • CreateEventW (Address: 0x180005090)
  • DeleteCriticalSection (Address: 0x180005048)
  • EnterCriticalSection (Address: 0x180005068)
  • GetCurrentProcess (Address: 0x180005120)
  • GetCurrentProcessId (Address: 0x1800050f8)
  • GetCurrentThreadId (Address: 0x1800050f0)
  • GetLastError (Address: 0x180005050)
  • GetModuleHandleW (Address: 0x180005098)
  • GetProcAddress (Address: 0x1800050a0)
  • GetSystemTimeAsFileTime (Address: 0x1800050e8)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180005028)
  • InitializeCriticalSectionEx (Address: 0x1800050b8)
  • InitializeSListHead (Address: 0x1800050e0)
  • IsDebuggerPresent (Address: 0x180005108)
  • IsProcessorFeaturePresent (Address: 0x180005110)
  • K32GetModuleFileNameExW (Address: 0x180005038)
  • LeaveCriticalSection (Address: 0x180005070)
  • LocalAlloc (Address: 0x180005058)
  • LocalFree (Address: 0x180005060)
  • OpenProcess (Address: 0x180005040)
  • OutputDebugStringW (Address: 0x1800050b0)
  • QueryPerformanceCounter (Address: 0x180005100)
  • ResetEvent (Address: 0x180005080)
  • RtlCaptureContext (Address: 0x1800050c0)
  • RtlLookupFunctionEntry (Address: 0x1800050a8)
  • RtlVirtualUnwind (Address: 0x1800050c8)
  • SetEvent (Address: 0x180005078)
  • SetUnhandledExceptionFilter (Address: 0x1800050d8)
  • TerminateProcess (Address: 0x180005118)
  • UnhandledExceptionFilter (Address: 0x1800050d0)
  • WaitForSingleObjectEx (Address: 0x180005088)
mfc140u.dll
  • (Address: 0x180005298)
  • (Address: 0x1800052a0)
  • (Address: 0x1800052a8)
  • (Address: 0x1800052b0)
  • (Address: 0x1800052b8)
  • (Address: 0x1800052c0)
  • (Address: 0x1800052c8)
  • (Address: 0x1800052d0)
  • (Address: 0x1800052d8)
  • (Address: 0x1800052e0)
  • (Address: 0x1800052e8)
  • (Address: 0x1800052f0)
  • (Address: 0x1800052f8)
  • (Address: 0x180005300)
  • (Address: 0x180005308)
  • (Address: 0x180005310)
  • (Address: 0x180005318)
  • (Address: 0x180005320)
  • (Address: 0x180005328)
  • (Address: 0x180005330)
  • (Address: 0x180005338)
  • (Address: 0x180005340)
  • (Address: 0x180005348)
  • (Address: 0x180005350)
  • (Address: 0x180005358)
  • (Address: 0x180005360)
  • (Address: 0x180005368)
  • (Address: 0x180005370)
  • (Address: 0x180005378)
  • (Address: 0x180005380)
  • (Address: 0x180005388)
  • (Address: 0x180005390)
  • (Address: 0x180005398)
  • (Address: 0x1800053a0)
  • (Address: 0x1800053a8)
  • (Address: 0x1800053b0)
  • (Address: 0x1800053b8)
  • (Address: 0x1800053c0)
  • (Address: 0x1800053c8)
  • (Address: 0x1800053d0)
  • (Address: 0x1800053d8)
  • (Address: 0x1800053e0)
  • (Address: 0x1800053e8)
  • (Address: 0x1800053f0)
  • (Address: 0x1800053f8)
  • (Address: 0x180005400)
  • (Address: 0x180005408)
  • (Address: 0x180005410)
  • (Address: 0x180005418)
  • (Address: 0x180005420)
  • (Address: 0x180005428)
  • (Address: 0x180005430)
  • (Address: 0x180005438)
  • (Address: 0x180005440)
  • (Address: 0x180005448)
  • (Address: 0x180005450)
  • (Address: 0x180005458)
  • (Address: 0x180005460)
  • (Address: 0x180005468)
  • (Address: 0x180005470)
  • (Address: 0x180005478)
  • (Address: 0x180005480)
  • (Address: 0x180005488)
  • (Address: 0x180005490)
  • (Address: 0x180005498)
  • (Address: 0x1800054a0)
  • (Address: 0x1800054a8)
  • (Address: 0x1800054b0)
  • (Address: 0x1800054b8)
  • (Address: 0x1800054c0)
  • (Address: 0x1800054c8)
  • (Address: 0x1800054d0)
  • (Address: 0x1800054d8)
  • (Address: 0x1800054e0)
  • (Address: 0x1800054e8)
  • (Address: 0x1800054f0)
  • (Address: 0x1800054f8)
  • (Address: 0x180005500)
  • (Address: 0x180005508)
  • (Address: 0x180005510)
  • (Address: 0x180005518)
  • (Address: 0x180005520)
  • (Address: 0x180005528)
  • (Address: 0x180005530)
  • (Address: 0x180005538)
  • (Address: 0x180005540)
  • (Address: 0x180005548)
  • (Address: 0x180005550)
  • (Address: 0x180005558)
  • (Address: 0x180005560)
  • (Address: 0x180005568)
MSVCP140.dll
  • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ (Address: 0x180005170)
  • ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x180005138)
  • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z (Address: 0x180005188)
  • ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z (Address: 0x180005130)
  • ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A (Address: 0x180005140)
  • ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ (Address: 0x180005178)
  • ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z (Address: 0x180005160)
  • ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z (Address: 0x180005180)
  • ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z (Address: 0x180005168)
  • ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z (Address: 0x180005150)
  • ?uncaught_exception@std@@YA_NXZ (Address: 0x180005148)
  • ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z (Address: 0x180005158)
ole32.dll
  • CLSIDFromProgID (Address: 0x180005590)
  • CLSIDFromString (Address: 0x180005580)
  • CoInitialize (Address: 0x180005578)
  • CoUninitialize (Address: 0x180005588)
OLEAUT32.dll
  • GetActiveObject (Address: 0x180005198)
VCRUNTIME140_1.dll
  • __CxxFrameHandler4 (Address: 0x1800051f8)
VCRUNTIME140.dll
  • __C_specific_handler (Address: 0x1800051c8)
  • __std_exception_copy (Address: 0x1800051b0)
  • __std_exception_destroy (Address: 0x1800051e8)
  • __std_terminate (Address: 0x1800051a8)
  • __std_type_info_destroy_list (Address: 0x1800051d0)
  • _CxxThrowException (Address: 0x1800051e0)
  • memcpy (Address: 0x1800051b8)
  • memmove (Address: 0x1800051d8)
  • memset (Address: 0x1800051c0)