Categories: PUA

Should I remove “PUP.Optional.VNCPasswordTool”?

The PUP.Optional.VNCPasswordTool is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.VNCPasswordTool virus can do?

  • Unconventionial language used in binary resources: Hebrew
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine PUP.Optional.VNCPasswordTool?



File Info:

crc32: 0A54A3DCmd5: 3b33a134cb7ce76859f25dd246da50d6name: vncpassview.exesha1: 37adb7c54943b338000cefce6d895c05468fa2cesha256: ba5c4766fd2fbf9e0c76444f152b861b9977f1b23c963a9c8b8a6970c43bcde6sha512: acab9d3c862934617ba3ede342681e91e0232cda1b2ad9b7d2595f0cd31f8c41ac911a323d94bf865571a38041293b90bde23a4049c6c90fc911b7d3f26f68bassdeep: 768:qTJP8LHdCut1D473mNVQ4rkyaE9jfhrnOuK:cJUL9LPQ2NVQ4IcxnOuKtype: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: Copyright xa9 2007 - 2009  Nir SoferInternalName: VNCPassViewFileVersion: 1.02CompanyName: NirSoftProductName: VNCPassViewProductVersion: 1.02FileDescription: VNCPassViewOriginalFilename: VNCPassView.exeTranslation: 0x0409 0x04b0

PUP.Optional.VNCPasswordTool also known as:

MicroWorld-eScan Gen:Application.Heur.bmKfkeUQ7KfO
FireEye Gen:Application.Heur.bmKfkeUQ7KfO
McAfee Tool-PassView
Cylance Unsafe
VIPRE Nirsoft Password Recovery (not malicious)
Alibaba HackTool:Win32/Passview.5408c4cb
Cyren W32/PWS.RICR-8044
ESET-NOD32 Win32/PSWTool.VNCPassView.102 potentially unsafe
ClamAV Win.Tool.VncDump-1
GData Gen:Application.Heur.bmKfkeUQ7KfO
Kaspersky not-a-virus:PSWTool.Win32.VNCPwdump.b
BitDefender Gen:Application.Heur.bmKfkeUQ7KfO
Ad-Aware Gen:Application.Heur.bmKfkeUQ7KfO
Emsisoft Gen:Application.Heur.bmKfkeUQ7KfO (B)
Comodo ApplicUnwnt@#13k6ji047om49
DrWeb Tool.PassView.358
Zillya Tool.NetPass.Win32.173
McAfee-GW-Edition Tool-PassView
CMC PSWTool.Win32.VNCPwdump!O
F-Prot W32/Pwstool.E
Jiangmin Adware/InternetAntivirus.an
Webroot W32.Hacktool.Gen
MAX malware (ai score=99)
Antiy-AVL Trojan[PSWTool]/Win32.VNCPwdump
Arcabit Application.Heur.bmKfkeUQ7KfO
ViRobot PSWTool.NetPass.30720.C
ZoneAlarm not-a-virus:PSWTool.Win32.VNCPwdump.b
Microsoft HackTool:Win32/Passview
AhnLab-V3 Win-Trojan/Agent.30720.AVW
Malwarebytes PUP.Optional.VNCPasswordTool
eGambit Generic.Malware
Fortinet Riskware/VNCPwdump
MaxSecure Trojan.Malware.2883272.susgen
AVG FileRepMalware [PUP]
Cybereason malicious.4cb7ce
Avast FileRepMalware [PUP]

How to remove PUP.Optional.VNCPasswordTool?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzPUP.Optional.VNCPasswordToolVNCPassViewz.whorecord.xyz
4 years ago

Recent Posts

Generic.Malware.SF!dld!.D800E25F information

The Generic.Malware.SF!dld!.D800E25F is considered dangerous by lots of security experts. When this infection is active,…

5 mins ago

Trojan.Generic.35441245 (file analysis)

The Trojan.Generic.35441245 is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

Generic.Dialer.3F709677 removal instruction

The Generic.Dialer.3F709677 is considered dangerous by lots of security experts. When this infection is active,…

16 mins ago

How to remove “Win32/Klez.H”?

The Win32/Klez.H is considered dangerous by lots of security experts. When this infection is active,…

25 mins ago

Trojan.VBCrypt.MF.139 malicious file

The Trojan.VBCrypt.MF.139 is considered dangerous by lots of security experts. When this infection is active,…

25 mins ago

Malware.AI.1558347307 information

The Malware.AI.1558347307 is considered dangerous by lots of security experts. When this infection is active,…

41 mins ago