Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • Slow Computer

PWSteal.Fignotok.A

PWSteal.Fignotok.A is a Trojan that has been designed to steal usernames and passwords from various applications. Based on the security research it usually targets Instant Messaging programs. It can be implied that PWSteal.Fignotok.A is related to other malicious programs, and by stealing the usernames and passwords it can get access to user accounts, and then another malicious application (or even the same Trojan) can send out spam messages to all the contacts that are saved in the account. The sent out spam usually contains an infected link, and once another user clicks on it, he gets infected with different types of malware. So it could be said that PWSteal.Fignotok.A is the first link in a chain of malicious infections.

This password stealing Trojan can enter your computer via a drive-by download, or come bundled with another infection. When it is installed, it drops a copy of the malware in the Windows Temporary Files folder that is not checked by any user frequently. Also, this Trojan does not have an interface, so you can never know exactly when or how you get infected. And it takes time before you actually notice that some is wrong with your computer. PWSteal.Fignotok.A also hacks various processes trying to conceal its presence. For example, the svchost.exe that runs in your Windows Task Manager is a genuine Windows process, but if the process is located anywhere else than at C:\Windows\System32 folder than it belongs to a malware.

Also, keeping in mind that such malicious processes as crack.exe are also related with PWSteal.Fignotok.A (you can find it running in the Task Manager if you are infected), it can be said that aside from password stealing, PWSteal.Fignotok.A can also open a backdoor to your system, “inviting” various other computer threats, and totally damaging your system. What is more, crack.exe is also classified as a worm, so it can slow down your computer to the point that you can no longer operate it.

According the research carried by security specialists, PWSteal.Fignotok.A is known to steal passwords and usernames from these applications: Firefox, Internet Explorer, Google Talk, Pidgin Instant Messenger, Trillian, Steam and others. Once it is successful in its task, PWSteal.Fignotok.A sends the collected data to one of the following servers: cummander.blackapplehost.com, quakeon.ueuo.com, mob.netau.net.

Needless to say, that this Trojan is a serious threat to your overall security, so you must remove PWSteal.Fignotok.A from your computer as soon as you notice the infection. Since there are many files related to the Trojan, you can use a reliable computer security program to terminate PWSteal.Fignotok.A and all of its components automatically.

Download Spyware Removal Tool to Remove* PWSteal.Fignotok.A
  • Quick & tested solution for PWSteal.Fignotok.A removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove PWSteal.Fignotok.A

Files associated with PWSteal.Fignotok.A infection:

3fexy2875FE.exe
MsEss.exe
383explorer.exe
ThrMaNzawvYGXJNmNYSkhE.exe
windows.exe
Win7 Activator V2.exe
svchost.exe
sahil.exe
s.exe
Rsbotsèauth_free.exe
Protected.exe
lZiHBegNhmukQZZYdz.exe
intel.exe
fRKRvWIXbeWuYDmiXr.exe
Explorer32DLL.exe
explored.exe
crack.exe
CCleaner.exe
BimboMs.exe
9250.exe

PWSteal.Fignotok.A processes to kill:

3fexy2875FE.exe
MsEss.exe
383explorer.exe
ThrMaNzawvYGXJNmNYSkhE.exe
windows.exe
Win7 Activator V2.exe
svchost.exe
sahil.exe
s.exe
Rsbotsèauth_free.exe
Protected.exe
lZiHBegNhmukQZZYdz.exe
intel.exe
fRKRvWIXbeWuYDmiXr.exe
Explorer32DLL.exe
explored.exe
crack.exe
CCleaner.exe
BimboMs.exe
9250.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.