Spyware.PasswordDumper removal guide

The Spyware.PasswordDumper is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Spyware.PasswordDumper virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Spyware.PasswordDumper?


File Info:
name: 589F8D0630C3BBA51B85.mlw
path: /opt/CAPEv2/storage/binaries/58c9294ece0b6651a26c7ad78096b53da6522702b59246d90f5aa94ee060fd48
crc32: B04A44AA
md5: 589f8d0630c3bba51b855c99eba7af03
sha1: 6a061bf10112a5b1d8b8933387a82c0bb079e38c
sha256: 58c9294ece0b6651a26c7ad78096b53da6522702b59246d90f5aa94ee060fd48
sha512: 89df14fe3dde75eb09f51b28b0391186ea92b8e5a3a0202c6099d104fd8c6f19c27122f66095dd77da33ffd29c40f707992d89c0f8b328579ac219a411f4b9c3
ssdeep: 3072:jbYCRd+ntWXqH2cJylhpUfGrcD4HX8GaWX43IwMPiO7LN7kDoXSXQf2BuZ+eDavt:vYsgnC0EPoWf2vvUlYmkMWPl4HJC
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T17014F808039C5923C66E4778A0AB374897F1D16B930FE78B5C8264F7AD4BB97D9120B7
sha3_384: bf70f9fe1369552db671d24b2c7115f18c2d73303113e9ccc6ac5091115ea73b2474fcfd13d34836ba155e991e6bd93d
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-12-08 14:57:11

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Checker
FileVersion: 1.0.0.0
InternalName: 2023Checker.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: 2023Checker.exe
ProductName: Checker
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Spyware.PasswordDumper also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Lazy.275140
ALYac	Gen:Variant.Lazy.275140
Malwarebytes	Spyware.PasswordDumper
Sangfor	Trojan.Win32.Lazy.Vnqu
BitDefenderTheta	Gen:NN.ZemsilF.36196.mm0@a0Ilc5b
VirIT	Trojan.Win32.MSIL_Heur.A
Cyren	W32/ABRisk.IBTK-6280
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Paloalto	generic.ml
BitDefender	Gen:Variant.Lazy.275140
Avast	Win32:Malware-gen
Emsisoft	Gen:Variant.Lazy.275140 (B)
VIPRE	Gen:Variant.Lazy.275140
McAfee-GW-Edition	RDN/Real Protect-LS
FireEye	Gen:Variant.Lazy.275140
Sophos	Mal/Generic-R
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Lazy.275140
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Win32.Sabsik
Arcabit	Trojan.Lazy.D432C4
Google	Detected
AhnLab-V3	Trojan/Win.RealProtect-LS.C5333479
McAfee	RDN/Real Protect-LS
VBA32	OScope.Malware-Cryptor.MSIL.Agent
Cylance	unsafe
Panda	Trj/Chgt.AD
MaxSecure	Trojan.Malware.195921950.susgen
Fortinet	MSIL/Kryptik.TDO!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/grayware_confidence_60% (D)

How to remove Spyware.PasswordDumper?

Spyware.PasswordDumper removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X