pareto_av.exe
ParetoLogic Anti-Virus PLUS by ParetoLogic Inc. (Signed)
| Version: | 7.0.1.0 |
| MD5: | 7b0e3b1408a1558d0be200c280791339 |
| SHA1: | 30ecd37b762845dd04432856a31edcf658f14f8b |
| SHA256: | 8687a0cbfb0d3723bbd44a4c4df4eb7d8ea8e1a09935e5a80696688ff5e08f86 |
About pareto_av.exe (from ParetoLogic Inc.)
“ParetoLogic Anti-Virus Plus protects against viruses, malware, spyware. Will scan, clean and completely remove even the most deeply rooted viruses, spyware, adware, and even rootkits, which attempt to”
Overview
pareto_av.exe executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program ParetoLogic Anti-Virus PLUS published by ParetoLogic Inc.. The file is digitally signed by ParetoLogic Inc. which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).
Details
| File name: | pareto_av.exe |
| Publisher: | ParetoLogic Inc. |
| Product name: | ParetoLogic Anti-Virus PLUS |
| Typical file path: | C:\Program Files\paretologic\plav\pareto_av.exe |
| File version: | 7.0.1.0 |
| Product version: | 7.0.1.4 |
| Size: | 4.34 MB (4,550,960 bytes) |
| Certificate |
| Issued to: | ParetoLogic Inc. |
| Authority (CA): | VeriSign |
| Effective date: | Wednesday, February 23, 2011 |
| Expiration date: | Saturday, February 23, 2013 |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
ParetoLogic Anti-Virus uses the Kaspersky antivirus engine as the base scanner of the product.
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'ParetoLogic Anti-Virus PLUS' → "C:\Program Files\ParetoLogic\PLAV\Pareto_AV.exe" -NM -hidesplash
Network connections
[UDP] listens on port 61468
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00023035% | |
| Kernel CPU: | 0.00004646% | |
| User CPU: | 0.00018388% | |
| Kernel CPU time: | 101,167 ms/min | |
| CPU cycles: | 24,137,407/sec | |
| Memory |
| Private memory: | 14.44 MB | |
| Private (maximum): | 26.62 MB | |
| Private (minimum): | 7.82 MB | |
| Non-paged memory: | 14.44 MB | |
| Virtual memory: | 145.98 MB | |
| Virtual memory (peak): | 337.75 MB | |
| Working set: | 7.82 MB | |
| Working set (peak): | 42.27 MB | |
| Page faults: | 6,108,758/min | |
| I/O |
| I/O read transfer: | 1.01 KB/sec | |
| I/O read operations: | 1/sec | |
| I/O write transfer: | 1020 Bytes/sec | |
| I/O write operations: | 1/sec | |
| I/O other transfer: | 96 Bytes/sec | |
| I/O other operations: | 6/sec | |
| Resource allocations |
| Threads: | 7 | |
| Handles: | 429 | |
| GUI GDI count: | 287 | |
| GUI GDI peak: | 298 | |
| GUI USER count: | 303 | |
| GUI USER peak: | 315 | |
Process properties
| Tray notification: | Yes |
| Integrety level: | Medium |
| Platform: | 64-bit |
| Command line: | "C:\Program Files\paretologic\plav\pareto_av.exe" -nm -hidesplash |
| Owner: | User |
Threads
Averages
| Pareto_AV.exe (main module) |
| Total CPU: | 0.08715232% | |
| Kernel CPU: | 0.02778048% | |
| User CPU: | 0.05937183% | |
| CPU cycles: | 11,904,864/sec | |
| Memory: | 4.37 MB | |
| ntdll.dll |
| Total CPU: | 0.00002619% | |
| Kernel CPU: | 0.00001746% | |
| User CPU: | 0.00000873% | |
| CPU cycles: | 305/sec | |
| Memory: | 1.66 MB | |
| wow64.dll |
| Total CPU: | 0.00000876% | |
| Kernel CPU: | 0.00000876% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 6,722/sec | |
| Memory: | 252 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
100.00% |
|
