Disagree with this determination?
PAVARK.EXE
Currently being reviewedThe most common objects with the name of PAVARK.EXE have yet to be classified as safe by our research department.
If you are concerned that your PC might be infected why not try our Free Prevx 3.0 Scanner. It will thoroughly check your PC for millions of active Spyware and malware infections and takes less than 2 minutes. Don't put your confidential data, or your identity at risk, check your PC now with Prevx 3.0.
File Behavior
PAVARK.EXE has been seen to perform the following behavior:
- This process creates other processes on disk
- This Process Deletes Other Processes From Disk
- Can communicate with other computer systems using HTTP protocols
- Creates a new Background Service on the machine
- Executes a Process
- Writes to another Process's Virtual Memory (Process Hijacking)
- Registers a Dynamic Link Library File
- This Process sends MIME Email
- Adds a Registry Key (RUN) to auto start Programs on system start up
- Terminates Processes
- Adds a Registry Key (SESS) to auto start Programs on system start up
- Adds a Registry Key (RUNONCE) to auto start Programs on system start up
- The process hooks code into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents
- Creates new file extentions so that Internet Explorer will automatically open and potentially execute additional file types
- Makes outbound connections to other computers using NETBIOSOUT protocols
- Enables the system to use a Communications Proxy Server
- Uses hidden browser windows to connect to web sites without telling you
- Creates system tray popups, messages, errors and security warnings
- Opens browser pop ups
- Runs Javascript code
PAVARK.EXE has been the subject of the following behavior:
- Executed as a Process
- Created as a process on disk
- Deleted as a process from disk
- Executed from Temporary Folders
- Has code inserted into its Virtual Memory space by other programs
- Terminated as a Process
- Added as a Registry auto start to load Program on Boot up
- Added as a Registry Key (RUNONCE) to auto start Programs on system start up
- Registered as a Dynamic Link Library File
Country Of Origin
The filename PAVARK.EXE was first seen on Jul 24 2007 in the following geographical regions of the Prevx community:
- Europe on Jul 24 2007
- Canada on Jul 24 2007
File Name Aliases
PAVARK.EXE can also use the following file names:
- PANDA ANTI-ROOTKIT V1.08.EXE
- 34826471.EXE
- 56307741.EX_
- PAVARK ANTIROOT KITT.EXE
- PANDA ANTI-ROOKIT.EXE
- DE3.EXE
- 38589598.EXE
- PANDA ANTI-ROOTKIT.EXE
- 24045886.EXE
- 33080817.EXE
- 76339412.EXE
- PAVARK.EX
- 19889997.EXE
- 52801128.EXE
- 22133694.EXE
- 48289962.EXE
- DE21.EXE
- PANDANTIROOT.EXE
- 24897295.EXE
Filesizes
This file has been seen with the following file size:
- 744,853 bytes
Vendor, Product and Version Information
A file with the name PAVARK.EXE have been seen to have the following Vendor, Product and Version Information in the file header:
- ; Pavark.exe; 1, 0, 8, 0
- ; Pavark.exe; 5, 0, 0, 4
File Type
The filename PAVARK.EXE refers to an executable program.
File Activity
One or more files with the name PAVARK.EXE creates, deletes, copies or moves the following files and folders:
- Deletes c:\windows\system32\drivers\phooks.sys
- Creates c:\documents and settings\user\local settings\temporary internet files\content.ie5\n30oyv4w\2003[1]
- Creates c:\documents and settings\user\local settings\temporary internet files\content.ie5\08abwx9z\CSS[1]
- Creates c:\documents and settings\user\local settings\temporary internet files\content.ie5\n30oyv4w\JPG[1]
- Creates c:\documents and settings\user\local settings\temporary internet files\content.ie5\08abwx9z\JPG[1]
- Creates c:\documents and settings\user\local settings\temporary internet files\content.ie5\31xyf0sa\GIF[1]