Encyclopedia entry
Updated:
Apr 17, 2011
| Published:
May 28, 2010
Aliases
Tool.PassView
(Dr.Web)
-
not-a-virus:PSWTool.Win32.Passview
(Kaspersky)
-
PWCrack-PassView
(McAfee)
-
Trojan.PSW.IcqSmiley.c
(Rising AV)
-
NirPassView
(Sophos)
-
Hacktool.PStorRevealer
(Symantec)
-
HKTL_PASSVW.A
(Trend Micro)
Alert Level
(?)
Moderate
Antimalware protection details
Microsoft recommends that you download the
latest definitions
to get protected.
Detection last updated:
Definition: 1.149.884.0
Released: Apr 30, 2013
|
|
Detection initially created:
Definition: 1.45.287.0
Released: Oct 07, 2008
|
Summary
HackTool:Win32/Passview is the detection of a tool named "Protected Storage PassView". The tool is used to display the passwords which may be stored in Windows Protected Storage (Pstore).
Symptoms
HackTool:Win32/Passview is a tool used to display the passwords which may be stored in Windows Protected Storage (Pstore).
Technical Information (Analysis)
HackTool:Win32/Passview is the detection of a tool named "Protected Storage PassView". The tool is used to display the passwords which may be stored in Windows Protected Storage (Pstore).
HackTool:Win32/Passview can function as a command-line tool or GUI to show the passwords in Pstore. Some examples of passwords stored within Windows Protected Storage are:
-
Microsoft Outlook Express account credentials
-
Internet Explorer auto-complete passwords
-
passwords saved for password-protected sites
-
MSN Explorer passwords
An image of the tool is shown below:
Analysis by Shawn Wang
Prevention
Recovery
