About “HackTool:Win32/Passview” infection

Malware Removal

The HackTool:Win32/Passview is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Review

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What HackTool:Win32/Passview virus can do?

  • Unconventionial language used in binary resources: Hebrew
  • Network activity detected but not expressed in API logs
  • Harvests information related to installed instant messenger clients
  • Harvests information related to installed mail clients

How to determine HackTool:Win32/Passview?


File Info:

crc32: 6277A2B0
md5: a3a23429a8cfbd1f472414992c69b616
name: mailpv.exe
sha1: 5a451dab3c943dbe8eaff99b1a4ba5861bd190da
sha256: 0c2ed32fa05e3bfbd79967cd957bb9f003b440e006ff9e3229d44e2b15f4390c
sha512: 16dc76854053176a479bd1a84bffa7c89b085304dbca3dc7fa0bb4d3817b9c31506268d02abd2587a47acacba92cc30fe2d7b6fed320629e655896785fa4bd65
ssdeep: 6144:+v+4oCXGvhgjKNDvcJTZZ9hAcgI6sXqaY5mb5KDHrOEY7Od0k9W:0HoxhgCDvcB5hAwh6aY5EWHrOGZ9W
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright xa9 2003 - 2019 Nir Sofer
FileVersion: 1.90
CompanyName: NirSoft
ProductName: Mail PassView
ProductVersion: 1.90
FileDescription: Email Password-Recovery
Translation: 0x0409 0x04b0

HackTool:Win32/Passview also known as:

DrWebTool.MailPassView.417
MicroWorld-eScanTrojan.GenericKD.32763889
FireEyeGeneric.mg.a3a23429a8cfbd1f
CAT-QuickHealHacktool.Refosrin.PS4
Qihoo-360Win32/Virus.PSW.8fa
McAfeeHTool-PassView
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
BitDefenderTrojan.GenericKD.32763889
Invinceaheuristic
CyrenW32/Trojan.SFHC-7339
APEXMalicious
AvastWin32:GenMaliciousA-HRF [PUP]
GDataTrojan.GenericKD.32763889
Kasperskynot-a-virus:HEUR:PSWTool.Win32.PassView.b
AlibabaHackTool:Win32/Passview.e8f05b5c
AegisLabRiskware.Win32.PassView.1!c
Endgamemalicious (high confidence)
SophosGeneric PUA FK (PUA)
ComodoApplicUnwnt@#pb7cskf0f3zz
ZillyaTool.PassView.Win32.787
TrendMicroTROJ_GEN.R011C0WKU19
McAfee-GW-EditionHTool-PassView
EmsisoftTrojan.GenericKD.32763889 (B)
Ikarusnot-a-virus:PSWTool.PassView
JiangminPSWTool.PassView.bt
WebrootW32.Hacktool.Mailpassview
MicrosoftHackTool:Win32/Passview
ArcabitApplication.Nirsoft
ZoneAlarmnot-a-virus:HEUR:PSWTool.Win32.PassView.b
ALYacTrojan.GenericKD.32763889
MAXmalware (ai score=99)
Ad-AwareTrojan.GenericKD.32763889
TrendMicro-HouseCallTROJ_GEN.R011C0WKU19
RisingTrojan.Azden!8.F0E3 (CLOUD)
eGambitUnsafe.AI_Score_92%
FortinetRiskware/PassView
AVGFileRepMalware [PUP]
Paloaltogeneric.ml
MaxSecureTrojan.Malware.74419034.susgen

How to remove HackTool:Win32/Passview?

HackTool:Win32/Passview removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment