Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Bandera' = '%ALLUSERSPROFILE%\rdpclient.exe'
- <Drive name for removable media>:\restore_files.txt
- %ALLUSERSPROFILE%\rdpclient.exe
- %ProgramFiles%\bdsurvey\restore_files.txt
- %ProgramFiles%\bdswitch\restore_files.txt
- %ProgramFiles%\bdwizreg\restore_files.txt
- %ProgramFiles%\blackd\restore_files.txt
- %ProgramFiles%\blackice\restore_files.txt
- %ProgramFiles%\blindman\restore_files.txt
- %ProgramFiles%\btini\restore_files.txt
- %ProgramFiles%\btinint\restore_files.txt
- %ProgramFiles%\avkserv\restore_files.txt
- %ProgramFiles%\cabalmain\restore_files.txt
- %ProgramFiles%\cavapp\restore_files.txt
- %ProgramFiles%\cavasm\restore_files.txt
- %ProgramFiles%\cavaud\restore_files.txt
- %ProgramFiles%\cavemsrv\restore_files.txt
- %ProgramFiles%\cavmr\restore_files.txt
- %ProgramFiles%\cavmud\restore_files.txt
- %ProgramFiles%\cavoar\restore_files.txt
- %ProgramFiles%\cavq\restore_files.txt
- %ProgramFiles%\cavscons\restore_files.txt
- %ProgramFiles%\bdss\restore_files.txt
- %ProgramFiles%\cafix\restore_files.txt
- %ProgramFiles%\bdsubmitwiz\restore_files.txt
- %ProgramFiles%\bdsubmit\restore_files.txt
- %ProgramFiles%\bdoesrv\restore_files.txt
- %ProgramFiles%\bdnews\restore_files.txt
- %ProgramFiles%\avgnpsvc\restore_files.txt
- %ProgramFiles%\avgrssvc\restore_files.txt
- %ProgramFiles%\avgscan\restore_files.txt
- %ProgramFiles%\avgupden\restore_files.txt
- %ProgramFiles%\avgupsvc\restore_files.txt
- %ProgramFiles%\avgvv\restore_files.txt
- %ProgramFiles%\avgw\restore_files.txt
- %ProgramFiles%\avgwizfw\restore_files.txt
- %ProgramFiles%\cavse\restore_files.txt
- %ProgramFiles%\avinitnt\restore_files.txt
- %ProgramFiles%\avgfwsrv\restore_files.txt
- %ProgramFiles%\avkservice\restore_files.txt
- %ProgramFiles%\avnotify\restore_files.txt
- %ProgramFiles%\avpcc\restore_files.txt
- %ProgramFiles%\avpm\restore_files.txt
- %ProgramFiles%\avscan\restore_files.txt
- %ProgramFiles%\avsynmgr\restore_files.txt
- %ProgramFiles%\b2\restore_files.txt
- %ProgramFiles%\backweb-4476822\restore_files.txt
- %ProgramFiles%\bdagent\restore_files.txt
- %ProgramFiles%\avginet\restore_files.txt
- %ProgramFiles%\bdmcon\restore_files.txt
- %ProgramFiles%\avkwctl\restore_files.txt
- %ProgramFiles%\avgnpdln\restore_files.txt
- %ProgramFiles%\cavsn\restore_files.txt
- %ProgramFiles%\cavuserupd\restore_files.txt
- %CommonProgramFiles%\microsoft shared\grphflt\restore_files.txt
- %CommonProgramFiles%\microsoft shared\help\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\ar-sa\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\bg-bg\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\cs-cz\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\da-dk\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\de-de\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\el-gr\restore_files.txt
- %CommonProgramFiles%\microsoft shared\equation\1033\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\en-us\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\et-ee\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fi-fi\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fr-fr\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\auxpad\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\keypad\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\main\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\numbers\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\oskmenu\restore_files.txt
- %CommonProgramFiles%\microsoft shared\euro\restore_files.txt
- %CommonProgramFiles%\microsoft shared\filters\restore_files.txt
- %CommonProgramFiles%\microsoft shared\equation\restore_files.txt
- %CommonProgramFiles%\microsoft shared\dw\restore_files.txt
- %ProgramFiles%\amsn\restore_files.txt
- %ProgramFiles%\cavvl\restore_files.txt
- %ProgramFiles%\ccapp\restore_files.txt
- %ProgramFiles%\ccevtmgr\restore_files.txt
- %ProgramFiles%\ccleaner\restore_files.txt
- %ProgramFiles%\ccproxy\restore_files.txt
- %ProgramFiles%\ccsetmgr\restore_files.txt
- %ProgramFiles%\cemrep\restore_files.txt
- %ProgramFiles%\chrome\restore_files.txt
- %ProgramFiles%\cavsub\restore_files.txt
- %ProgramFiles%\cavumas\restore_files.txt
- %ProgramFiles%\cavsubmit\restore_files.txt
- %ProgramFiles%\clamscan\restore_files.txt
- %ProgramFiles%\claw95cf\restore_files.txt
- %ProgramFiles%\cleaner\restore_files.txt
- %ProgramFiles%\cleaner3\restore_files.txt
- %ProgramFiles%\clisvc\restore_files.txt
- %ProgramFiles%\clrcche\restore_files.txt
- %ProgramFiles%\cmain\restore_files.txt
- %ProgramFiles%\cmgrdian\restore_files.txt
- %CommonProgramFiles%\designer\restore_files.txt
- %ProgramFiles%\clamtray\restore_files.txt
- %ProgramFiles%\clamwin\restore_files.txt
- %ProgramFiles%\claw95\restore_files.txt
- %ProgramFiles%\avgemc\restore_files.txt
- %ProgramFiles%\avgdiag\restore_files.txt
- %ProgramFiles%\avgcc\restore_files.txt
- C:\far2\plugins\filecase\restore_files.txt
- C:\far2\plugins\ftp\restore_files.txt
- C:\far2\plugins\ftp\lib\restore_files.txt
- C:\far2\plugins\hlfviewer\restore_files.txt
- C:\far2\plugins\macroview\restore_files.txt
- C:\far2\plugins\network\restore_files.txt
- C:\far2\plugins\proclist\restore_files.txt
- C:\far2\plugins\tmppanel\restore_files.txt
- C:\far2\pluginsdk\headers.c\restore_files.txt
- %ProgramFiles%\a2wizard\restore_files.txt
- C:\far2\pluginsdk\headers.pas\restore_files.txt
- C:\restore_files.txt
- %ProgramFiles%\360tray\restore_files.txt
- %ProgramFiles%\a2cmd\restore_files.txt
- %ProgramFiles%\a2guard\restore_files.txt
- %ProgramFiles%\a2hijackfree\restore_files.txt
- %ProgramFiles%\a2scan\restore_files.txt
- %ProgramFiles%\a2service\restore_files.txt
- %ProgramFiles%\a2start\restore_files.txt
- C:\far2\plugins\editcase\restore_files.txt
- C:\far2\plugins\drawline\restore_files.txt
- C:\far2\plugins\farcmds\restore_files.txt
- C:\far2\plugins\compare\restore_files.txt
- C:\far2\plugins\brackets\restore_files.txt
- %TEMP%\hsperfdata_user\1048
- D:\restore_files.txt
- C:\$recycle.bin\s-1-5-21-1960123792-2022915161-3775307078-1001\restore_files.txt
- C:\far2\addons\colors\custom_highlighting\restore_files.txt
- C:\far2\addons\colors\default_highlighting\restore_files.txt
- C:\far2\addons\colors\restore_files.txt
- C:\far2\addons\restore_files.txt
- C:\far2\addons\macros\restore_files.txt
- C:\far2\addons\setup\restore_files.txt
- %ProgramFiles%\a2upd\restore_files.txt
- C:\far2\addons\shell\restore_files.txt
- <Current directory>\restore_files.txt
- C:\far2\addons\xlat\russian\restore_files.txt
- C:\far2\documentation\eng\restore_files.txt
- C:\far2\documentation\rus\restore_files.txt
- C:\far2\encyclopedia\restore_files.txt
- C:\far2\encyclopedia\tap\restore_files.txt
- C:\far2\fexcept\restore_files.txt
- C:\far2\plugins\align\restore_files.txt
- C:\far2\plugins\arclite\restore_files.txt
- C:\far2\plugins\autowrap\restore_files.txt
- C:\far2\addons\xlat\restore_files.txt
- D:\$recycle.bin\s-1-5-21-1960123792-2022915161-3775307078-1001\restore_files.txt
- C:\far2\restore_files.txt
- C:\far2\plugins\emenu\restore_files.txt
- %ProgramFiles%\aavshield\restore_files.txt
- %ProgramFiles%\ashpopwz\restore_files.txt
- %ProgramFiles%\ashserv\restore_files.txt
- %ProgramFiles%\ashsimp2\restore_files.txt
- %ProgramFiles%\ashsimpl\restore_files.txt
- %ProgramFiles%\ashskpcc\restore_files.txt
- %ProgramFiles%\ashskpck\restore_files.txt
- %ProgramFiles%\ashupd\restore_files.txt
- %ProgramFiles%\ashwebsv\restore_files.txt
- %ProgramFiles%\ash_updatemediator\restore_files.txt
- %ProgramFiles%\ashmaisv\restore_files.txt
- %ProgramFiles%\about\restore_files.txt
- %ProgramFiles%\ashquick\restore_files.txt
- %ProgramFiles%\aswregsvr\restore_files.txt
- %ProgramFiles%\autotrace\restore_files.txt
- %ProgramFiles%\avadmin\restore_files.txt
- %ProgramFiles%\avcenter\restore_files.txt
- %ProgramFiles%\avciman\restore_files.txt
- %ProgramFiles%\avcmd\restore_files.txt
- %ProgramFiles%\avconfig\restore_files.txt
- %ProgramFiles%\avconsol\restore_files.txt
- %ProgramFiles%\avgamsvr\restore_files.txt
- %ProgramFiles%\aswupdsv\restore_files.txt
- %ProgramFiles%\autodown\restore_files.txt
- %ProgramFiles%\autostartexplorer\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\es-es\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\osknumpad\restore_files.txt
- %ProgramFiles%\ashdug\restore_files.txt
- %ProgramFiles%\admunch\restore_files.txt
- %ProgramFiles%\agb5\restore_files.txt
- %ProgramFiles%\ageofconan\restore_files.txt
- %ProgramFiles%\ahnsd\restore_files.txt
- %ProgramFiles%\aim6\restore_files.txt
- %ProgramFiles%\aimpro\restore_files.txt
- %ProgramFiles%\airdefense\restore_files.txt
- %ProgramFiles%\almon\restore_files.txt
- %ProgramFiles%\alsvc\restore_files.txt
- %ProgramFiles%\ashenhcd\restore_files.txt
- %ProgramFiles%\ashlogv\restore_files.txt
- %ProgramFiles%\amon\restore_files.txt
- %ProgramFiles%\antivirus\restore_files.txt
- %ProgramFiles%\aoltbserver\restore_files.txt
- %ProgramFiles%\armor2net\restore_files.txt
- %ProgramFiles%\armorsurf\restore_files.txt
- %ProgramFiles%\ash\restore_files.txt
- %ProgramFiles%\ashavast\restore_files.txt
- %ProgramFiles%\ashavsrv\restore_files.txt
- %ProgramFiles%\ashchest\restore_files.txt
- %ProgramFiles%\ashdisp\restore_files.txt
- %ProgramFiles%\ackwin32\restore_files.txt
- %ProgramFiles%\anti-trojan\restore_files.txt
- %CommonProgramFiles%\microsoft shared\ink\fsdefinitions\oskpred\restore_files.txt
- D:\install.log
- C:\far2\addons\colors\default_highlighting\hell.reg
- C:\far2\addons\colors\default_highlighting\greenmile.reg
- C:\far2\addons\colors\default_highlighting\farcolors242.reg
- C:\far2\addons\colors\default_highlighting\dn_like.reg
- C:\far2\addons\colors\default_highlighting\descript.ion
- C:\far2\addons\colors\default_highlighting\colors_from_sadovoj.reg
- C:\far2\addons\colors\default_highlighting\colors_from_gernichenko.reg
- C:\far2\addons\colors\default_highlighting\colors_from_admin_essp_ru.reg
- C:\far2\addons\colors\default_highlighting\black_from_myodov.reg
- C:\far2\addons\colors\default_highlighting\black_from_july.reg
- C:\far2\addons\colors\default_highlighting\black_from_fonarev.reg
- C:\far2\addons\colors\custom_highlighting\vaxcolors.reg
- C:\far2\addons\colors\custom_highlighting\rodion_doroshkevich.reg
- C:\far2\addons\colors\custom_highlighting\nc5pal2.reg
- C:\far2\addons\colors\custom_highlighting\import_colors.bat
- C:\far2\addons\colors\custom_highlighting\hell.reg
- C:\far2\addons\colors\custom_highlighting\greenmile.reg
- C:\far2\addons\colors\custom_highlighting\farcolors242.reg
- C:\far2\addons\colors\custom_highlighting\dn_like.reg
- C:\far2\addons\colors\custom_highlighting\descript.ion
- C:\far2\addons\colors\custom_highlighting\colors_from_sadovoj.reg
- C:\far2\addons\colors\custom_highlighting\colors_from_gernichenko.reg
- C:\far2\addons\colors\custom_highlighting\colors_from_admin_essp_ru.reg
- C:\far2\addons\colors\custom_highlighting\black_from_myodov.reg
- C:\far2\addons\colors\custom_highlighting\black_from_july.reg
- C:\far2\addons\colors\custom_highlighting\black_from_fonarev.reg
- <Drive name for removable media>:\correct.avi
- C:\far2\addons\colors\default_highlighting\import_colors.bat
- C:\far2\addons\colors\default_highlighting\nc5pal2.reg