How do I stop this continuous behavior

[thebigeasytraveler 0]

Software continuously keeps catching these infections and places into quarantine.  Happening every minute or so. Are they safe?  What can be done to stop the pop-up every 1 minute and/or get rid of these files if they are harmful?

1. Medium risk Malware "Behavior.Spyware" in "C:\Program Files (x86)\Common Files\System Sll\sll.exe" quarantined by user 

2. Medium risk Malware "Behavior.FirewallModification" in "C:\Program Files (x86)\Common Files\System Sll\checkFirewall.exe" quarantined by user

Window 8.1, Emsisoft version 2018.10.1.2096

Many thanks in advance.
 

 

[stapp 155]

You could follow the steps here

https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/

[GT500 873]

If you could do the following, I could try and see if I can find information about the file in question:

1. Open Emsisoft Anti-Malware.
2. Click on Logs.
3. Type sll.exe into the search field at the top.
4. Find an entry in the list from the Behavior Blocker showing it detecting suspicious behavior for sll.exe and double-click on it for more information.
5. The third line should be enclosed in parenthesis and should have SHA1: followed by a long string of numbers and letters. Copy this line, and paste it into a reply.

[thebigeasytraveler 0]

9 minutes ago, GT500 said:

If you could do the following, I could try and see if I can find information about the file in question:

1. Open Emsisoft Anti-Malware.
2. Click on Logs.
3. Type sll.exe into the search field at the top.
4. Find an entry in the list from the Behavior Blocker showing it detecting suspicious behavior for sll.exe and double-click on it for more information.
5. The third line should be enclosed in parenthesis and should have SHA1: followed by a long string of numbers and letters. Copy this line, and paste it into a reply.

Thank you.  Here's the information requested

(SHA1: A2F4F2214750149DE0AFFBFE11253C5CEE9594B5)
 

[thebigeasytraveler 0]

32 minutes ago, stapp said:

You could follow the steps here

https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/

Thank you

[GT500 873]

I'm not finding any matches for that SHA1 hash. If you restore the file from the Quarantine in Emsisoft Anti-Malware, then you can upload it to VirusTotal and have them scan it, then post a link to the analysis here for us to review:
https://www.virustotal.com/

Here's how to restore something from the Quarantine:

1. Open Emsisoft Anti-Malware.
2. Click on Quarantine in the Scan & Clean tile, or click on the icon on the far left (sidebar) that looks like a square with a white circle in it.
3. Click on the file you'd like to restore from the list to select it (it should be highlighted in light blue when selected).
4. Click on the Restore button in the lower-left.

 

[thebigeasytraveler 0]

@GT500, I followed the directions that @stapp listed and I am working in another post with another staff member.  I don't want to confuse issues so please close this until we work through other potential issues from the beginning. Thank you for your help.  hope this makes sense. 

[GT500 873]

OK. Kevin may want to see the file in question as well, however it's probably best to wait until he asks for it (if he hasn't already).