Files

%Desktop%\Defense Center.lnk
%Desktop%\Defense Center Support.lnk 

%ProgramFiles%\Defense Center\defcnt.exe

%Temp%\esentutl64.exe

%Temp%\wscsv32.exe

Folders

%ProgramFiles%\Defense Center
%StartMenu%\Programs\Defense Center

RegistryEntries

Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
Value: DisableTaskMgr
Data: 01, 00, 00, 00
Key: HKEY_CURRENT_USER\Software\Secure Computing
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Program Groups
Key: HKEY_CURRENT_USER\Software\Malware Defense
Key: HKEY_CURRENT_USER\Software\Paladin Antivirus
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Defense Center
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Defense Center
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Value: Defense Center
Data: "C:\Program Files\Defense Center\defcnt.exe" -noscan