How to find and clean malware infections with Emsisoft Emergency Kit

Emsisoft Emergency Kit is the only free, fully portable dual-engine cleaning toolkit that scans for and removes Malware and Potentially Unwanted Programs (PUPs) from your PC. It’s the tool of choice for a second opinion scan and works well in combination with any other antivirus- and anti-malware programs. Use it if you suspect your computer is infected, but other protection and cleaning software fails to get you out of your misery. It doesn’t take you a lot of time – a typical malware scan with Emsisoft Emergency Kit takes no more than a minute.

This tutorial provides step-by-step instructions on how to scan and clean your computer.

  1. Download and run the Emsisoft Emergency Kit
  2. Check for the latest online updates
  3. Run a scan and clean your computer
  4. What to do if malware is found
  5. For geeks: Emsisoft Commandline Scanner
  6. For malware removal professionals: Emsisoft Emergency Kit Pro

1. Download and run the Emsisoft Emergency Kit

Download: If you don’t have the Emsisoft Emergency Kit yet, download it here. It’s free for private use and it’s fully portable, which means no installation is required. The download package just unpacks to “C:\EEK\” or any other destination of your choice and place a shortcut on your Desktop.

Note: If you don’t need the software anymore, just delete the whole folder and the shortcut at any time.

Run: Simply double-click the Emsisoft Emergency Kit shortcut that appears on your Desktop to launch the scanner. If Windows issues an alert and asks for your permission to run the program, allow it to run with elevated rights.

The software can also be started from a read-only device such as CD/DVD/BD or any write-protected USB-devices. While online updates are not possible in that case, the software itself remains fully functional for scanning and cleaning, without risking an accidential infection of the plugged in drive or disk.

2. Check for the latest online updates

We recommend that you run an online update each time you start a new scan, to ensure all the latest malware signatures are included. If you’re opening the program for the first time, it will automatically prompt you to do so.

eek_update

We also recommend that you select “Yes” when asked if you’d like the program to detect Potentially Unwanted Programs (PUPs). Emsisoft specializes in removing PUPs, like unecessary browser toolbars or annoying adware that are notorious for bloating and slowing down your system.

Program update in progress

Once the update process has completed successfully, the color in the first menu block will change from orange to green.

Program update complete

After the update has finished, click “SCAN” in the main menu.

3. Run a scan and clean your computer

You are now ready to run a scan. There are three options: Quick Scan, Malware Scan, and Custom Scan.

The Malware Scan is the best choice for most users because it’s optimized to scan locations where malware typically infects. This scan typically does not miss any malware; however, if you want to be absolutely thorough and also find inactive malware files or if this is the first time you’re scanning your computer we recommend doing a Custom Scan. It will by default scan all the contents of your PC, including local drives and more. This scan is also useful if you wish to configure your own scan settings, scan additional drives for malware or exclude certain folders.

Scanning options

Use the Quick Scan if your are quite sure that the system is clean already, e.g. when you have a new computer. It will only scan active programs and perform a quick search for known malware traces in file system and registry.

4. What to do if malware is found

If the scan detects any malware or PUPs on your computer, it will display and preselect all findings.

CustomMalwareFoundScan_152605

You can either quarantine or delete selected objects. We recommend you quarantine objects in most cases, as this option will completely disable the malware by wrapping it in an encrypted container. It will render the malware harmless, while allowing it to be analyzed by one of our technicians if needed or restored in the off chance that it is a false positive.

ThreatsDetected_152805

If you opt to delete files instead, you will irreversibly delete the detected files – so only do this if you are absolutely certain the files are malicious.

Very rarely, a scan detects a rootkit that cannot be automatically removed without a significant risk of damaging your system. If this occurs, you will get a notification to contact one of our malware removal experts in the Emsisoft support forum. Follow their instructions to safely get back a clean system.

View scan logs

All scanner, quarantine and update events are thoroughly logged and can be viewed at the “LOGS” section. Logs can be helpful to our analysts if you ever encounter a complication.

LogScreen_152505

Additional privacy settings and options

The “SETTINGS” area lets you define how the Emsisoft Emergency Kit will operate, especially in regards to your privacy. You can join the Emsisoft Anti-Malware Network, our cloud based database that stores information about all types of programs, good and bad, and checks them in real time. By opting in you give the program permission to collect anonymous information about malware it finds on your computer, which helps improve our products’ overall malware detection capabilities.

PrivacySettings_152505

In this section you can also opt-out of using SSL encryption for all server communications which will allow you to analyze all the information that is being sent and received from Emsisoft webservers.

A Quarantine Re-Scan is by default performed every time new signature updates are downloaded. If it ever happens that you have a wrongly detected object in quarantine, a re-scan with corrected detection signatures would ask you to restore the quarantined objects back to its original place.

Enable Beta Updates only if you are an advanced user and want to take advantage of the latest untested software updates. If you would like to get more insights, please sign up for our beta tester program.

5. For geeks: Emsisoft Commandline Scanner

System administrators, security experts, and experienced commandline users will love this. The Emsisoft Emergency Kit also includes the Emsisoft Commandline Scanner, a console application

Emsisoft Commandline Scanner

Emsisoft Commandline Scanner

for professionals who don’t need a graphical user interface. Its features are nearly identical to those of the graphical Emsisoft Emergency Kit scanner, and many professionals have called its latest incarnation “one of the most sophisticated command line scanners around”.

Emsisoft Commandline Scanner makes it easy to run repeated scans, perfect for use in automated batch scripts. It can easily be integrated in multi-engine scanning toolkits and its created log files are easy to parse. For more information, see product details.

To run the Emsisoft Commandline Scanner, either navigate to “C:\EEK\” and run the file “Start Commandline Scanner.exe” to see an overview of available paramaters or directly locate the “a2cmd.exe” file in “bin” folder and start from there.

6. For malware removal professionals: Emsisoft Emergency Kit Pro

eek_stickCorporate users, such as helpdesks and PC repair companies please buy a Pro-license at a reasonable rate. $99 can get you the following hard- and software-package:

  • 16 GB USB stick: More than 15 GB for your own use, i.e. to make backups while cleaning a PC.
  • Up to 250 cleaned PCs per year: Higher packages for 500, 1000, 2000 and 4000 PCs available too.
  • Company branded GUI: Doesn’t show any “freeware” texts.
  • 2 in 1: Emsisoft Emergency Kit scanner + Emsisoft Commandline scanner.
  • Bonus: Emsisoft Anti-Malware license for 1 PC/1 year included for free.
  • You can clone the self-updating USB stick for your team as often as you require.

For details, please check out the Emsisoft Emergency Kit Pro page.

 

Have a Great (Malware-Free) Day!

  • Scott Bradley

    Do I need to be in safe mode before I run the EEK or from regular windows? Previous attempts to run other malware software has resulted in the file being deleted and unable to launch. Thanks.

    • David Biggar

      No, you don’t need to be in safe mode. If you need help and would like to, you can contact us at support@emsisoft.com, and one of us would be happy to help!