Spyware SoftActivity Keylogger
SoftActivity Keylogger has the same features as other spyware. But its ability to hide and protect itself from deletion caused our interest and we want to show how to find such programs in memory of your computer and to delete them.
We use special functions of COVERT to find spyware. Open “system processes” window. In the list of processes we don’t see anything suspicious. All running applications are either system or legitimate. But spyware hides itself from operating system. Open “Display hidden processes” window and you will find program that hides itself. In the list of processes, it is highlighted in red. It is alsys.exe.
If we stop this process using context menu, after a few seconds we see it’s working again. This suggests that the system has a redundant process that restarts spyware. Go to the Driver Monitor window and find the file system driver sagendrv-64.sys, which installed spyware SoftActivity Keylogger. It is highlighted in yellow.
In the context menu select “Delete driver” and confirm the deletion. Go to the “System Services” and find “alsvc.exe” which highlighted in red. This service also was installed by Keylogger. Stop this service using context menu.
Check system status in other monitors. There is no trace of Keylogger. Enter in the secure platform and open “System processes”.
In platform this monitor displays all hidden processes. Click the big button “Login to the secure platform” in the main window of the program, then click “system processes.” In this window we can see a few more processes of spyware SoftActivity Keylogger. They are highlighted in red. To the processes that we have seen is the platform, were added several new, which could be seen only in a secure environment: alsvc.exe, alsys_hh.exe, alsys.exe, alimpl.exe, alimpl64.exe, alogcfg.exe.
Using the context menu we stop of all the processes of spyware SoftActivity Keylogger. After exiting the platform, open the folder with its files at C:\Windows\syspkgwk\. Run uninstaller – spyware will be removed.
If you do not do all these actions described above, but immediately start uninstaller of spyware, the protection will activates and a message appears asking you to enter your password, which knows only one who installed this spyware.
Now we understand how to detect and remove spyware SoftActivity Keylogger. If you can’t remove spy for some reasons, but you need to protect yourself, then go to the secure platform when spy is operating, and carry out all the actions that need to be done, but in the protected environment. Spyware can’t see and store your information in its logs. All user actions are safely hidden.
In the screenshot below you can see the report of spyware after your work inside of secure platform.
In this video tutorial, you can see step by step instructions to find and remove spyware.
Download COVERT Pro and check FREE of charge your computer for spyware and rootkits, which were not detected by an antivirus.