Keylogger.PredatorPain

Keylogger.PredatorPain Description


Keylogger.PredatorPain is a spyware program that collects information from your PC, including account data. Most notably seen being distributed through email-based attacks, Keylogger.PredatorPain may infect further systems through removable hard drives (such as USB thumb drives) and may remain active while trying to hide itself from the user. Malware experts recommend using anti-malware programs to find and remove Keylogger.PredatorPain, which has very few symptoms, but is a multipurpose, multiple-component threat.

The Predator that Preys on Your Accounts

With Trojan Zeus having fallen from its greatest heights of its distribution, cheaper spyware 'products' for the black market appear to be emerging, such as Keylogger.PredatorPain. At a mere thirty-five dollars for ill minded persons to use to attack other PCs, Keylogger.PredatorPain is a far cry from the hundreds of dollars in expenses that would be required for running many competing utilities. However, malware experts have confirmed that Keylogger.PredatorPain boasts numerous features that are easily able to collect information while leaving no signs, other than an occasional, generic pop-up warning.

Keylogger.PredatorPain's 'application failed to initialize' pop-up is sufficiently generic that it would be difficult to associate with threats, but Keylogger.PredatorPain currently is designed to launch this pop-up automatically during the installation process. After its installation, Keylogger.PredatorPain is capable of diverse attacks that encompass:

  • Scanning your hard drive for Minecraft, World of Warcraft and Steam account information, including user names and passwords.
  • Recording any keyboard-typed information (hence Keylogger.PredatorPain's classification of keylogger). Keylogger.PredatorPain may also target information stored in the Windows Clipboard (via the Copy command).
  • Keylogger.PredatorPain may distribute itself through USB devices, similar to a worm. USB devices shared between an uninfected machine and a Keylogger.PredatorPain-infected one may allow Keylogger.PredatorPain to install itself on the uninfected one.
  • Keylogger.PredatorPain may capture automatic screenshots.
  • Keylogger.PredatorPain may also install and exploit two legitimate programs, WebBrowserPassView and Mail Passview, to gather passwords from popular e-mail clients and Web browsers (Outlook, Incredimail, Yahoo Mail, Chrome, Firefox, etc.). Some FTP utilities and instant messaging programs also might be targeted.

Keylogger.PredatorPain shows no significant symptoms besides its generic pop-up message, even while collecting all of the above information, and uses another utility to avoid displaying some of its software on the local hard drive.

Finding the Source of Your PC's Pains When It's Hidden Behind a Windows File

Keylogger.PredatorPain consists of multiple components, all of which are hidden from casual view. In fact, like many predators outside of the Internet, Keylogger.PredatorPain also may exploit camouflage: Keylogger.PredatorPain disguises many of its files as native Windows components, including Winlogon.exe. To safely uninstall Keylogger.PredatorPain in its entirety without affecting your Windows system in undesirable ways, malware experts would not recommend any removal method that does not use advanced, up-to-date anti-malware utilities.

Keylogger.PredatorPain also can be blocked before Keylogger.PredatorPain spreads to your PC at all, assuming you take proper precautions. Isolating known infected machines can prevent Keylogger.PredatorPain from distributing itself through established peripheral device-based methods. Fake IRS-themed e-mail messages also are known distributors for Keylogger.PredatorPain, with some help from a Trojan downloader, Karagany. As is often true, malware experts find the simplest defense one where a simple awareness of the dangers of common misleading tactics will protect your computer almost as much as a real anti-malware defense.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Keylogger.PredatorPain may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



file.exe File name: file.exe
Size: 1.27 MB (1272320 bytes)
MD5: 73c50294f4d07ababbb0084347556916
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: September 21, 2016
pid.txt File name: pid.txt
Mime Type: unknown/txt
Group: Malware file
pidloc.txt File name: pidloc.txt
Mime Type: unknown/txt
Group: Malware file
SWIFTTRANSFERRECEPTS_FDP.EXE File name: SWIFTTRANSFERRECEPTS_FDP.EXE
File type: Executable File
Mime Type: unknown/EXE
Group: Malware file
WINDOWSUPDATE.EXE File name: WINDOWSUPDATE.EXE
File type: Executable File
Mime Type: unknown/EXE
Group: Malware file
WebBrowserPassView.exe File name: WebBrowserPassView.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
mailpv.exe File name: mailpv.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
CMemoryExecute.dll File name: CMemoryExecute.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file

More files

Registry Modifications


The following newly produced Registry Values are:

Regexp file mask%APPDATA%\winlogon.exe
Posted: April 30, 2014
Threat Metric
Threat Level: 8/10
Infected PCs 799
Home Malware Programs Keyloggers Keylogger.PredatorPain

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.