Jump to content

Kevin Zoll

Emsisoft Employee
  • Content Count

    18856
  • Joined

  • Last visited

  • Days Won

    178

Kevin Zoll last won the day on July 9 2020

Kevin Zoll had the most liked content!

Community Reputation

309 Excellent

About Kevin Zoll

  • Rank
    Malware Removal Support
  • Birthday 12/04/1960

Contact Methods

  • Website URL
    http://www.malwareteks.com/

Profile Information

  • Gender
    Male
  • Location
    Depauville, NY, USA
  • Interests
    Computer Security, Malware Research, Malware Removal, Computer Programming, Website Design

Recent Profile Visitors

171861 profile views
  1. Hello @Karan75, Welcome to the Emsisoft Support Forums. What does "Remote name could not be resolved" mean? It's an indication of a DNS issue. Our first recommendation is to reset your HOSTS file back to default. Microsoft has an article about this at the following link: https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default
  2. Hello @Gerrit van den Burg, Welcome to the Emsisoft Support Forums. This is a core file for the Brave Browser. What is telling you that the file is infected?
  3. Hello @BlackTunicLink, Welcome to the Emsisoft Support Forums. C:\Program Files\KMSpico\Service_KMS.exe C:\Users\aaron_000\Downloads\_\KEYGEN-TSZ\Keygen.exe Software cracks and Keygens are the only observed infection vector for the STOP Ransomware family, which accounts for roughly 50% of ransomware attacks worldwide. If you do not want your files encrypted by STOP, do not engage in software piracy. Copy the below code to Notepad; Save As fixlist.txt to your Desktop. GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\N
  4. Hello @Didi, Welcome to Emsisoft Support. Please read the entire instructions below. Yes, they are a bit lengthy and contain necessary administrative instructions as well as technical instructions. All users of Emsisoft Support who are in need of Malware Removal assistance are required to complete the procedures listed below: NOTE: You will want to print these instructions for reference, as you will perform all scans with all browsers closed. The majority of our support staff work Monday-Friday. We try very hard to answer all posts within 24-hour
  5. Hello @Nemanja Kostic, Welcome to the Emsisoft Support Forums. Please read the entire instructions below. Yes, they are a bit lengthy and contain necessary administrative instructions as well as technical instructions. All users of the Emsisoft Support Forums who are in need of Malware Removal assistance are required to complete the procedures listed below: NOTE: You will want to print these instructions for reference, as you will perform all scans with all browsers closed. The majority of our support staff work Monday-Friday. We try very hard to
  6. Check and make sure that "Automatically quarantine files with bad reputation" is not checked in Settings => Advanced. That looks like a a reputation based action was taken.
  7. Might be a bug with defender. I suggest visiting Microsoft Community and seeing if they can help sort out the issue with Defender. https://answers.microsoft.com/en-us
  8. Your scans are not showing any malware. You may have to remove the exclusions by manually editing the Registry. Windows stores Defender exclusions in HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows Defender > Exclusions > Paths Exercise caution when manually editing the registry.
  9. OK, going to switch to a tool that will take a more indepth look at the system. Download RogueKiller from https://www.fosshub.com/RogueKiller.html and save it to your desktop. Double-click on setup.exe to install RogueKiller. Close all programs and disconnect any USB or external drives before running the tool. Right-click RogueKiller.exe and select Run As Administrator to run the tool. Once the Prescan has finished, click Scan. Once the Status box shows "Scan Finished", click on the "Report" button and attach the scan log to your reply.
  10. You can let AdwCleaner remove the following: PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion PUP.Optional.Legacy C:\Users\Razvan\AppData\Roaming\Mozilla\Firefox\Profiles\xmllcvw7.default\searchplugins\yahoo-lavasoft.xml PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion Yes, you can delete that.
  11. I would like for you to run a third-party tool that aggressively targets Adware, Junkware, and PUPs. Download AdwCleaner and save it to your desktop. Right-click AdwCleaner.exe and select Run as Administrator. Read and accept the End User License Agreement. Press the Scan Now button and wait for it to complete. A window titled Scan Results will open. Select Cancel. Click the Log Files button on the left pane. Double-click the newest log file to open it in Notepad. (AdwCleaner[Sxx].txt, where x is replaced by a number) Attach the scan log to
  12. Hello @LeagueX, Copy the below code to Notepad; Save As fixlist.txt to your Desktop. HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-3298452434-1556392215-2145215963-1001\...\Run: [Zoom] => [X] GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Edge Extension: (TotalСashback — кэшбэк-сервис) - C:\Users\Razvan\AppData\Local\Microsoft\Edge\User Da
×
×
  • Create New...