How to find and clean malware infections with Emsisoft Emergency Kit

  • June 9, 2015
  • 5 min read
How to find and clean malware infections with Emsisoft Emergency Kit


Emsisoft Emergency Kit is the only free, fully portable dual-engine cleaning toolkit that scans for and removes Malware and Potentially Unwanted Programs (PUPs) from your PC. It’s the tool of choice for a second opinion scan and works well with any other antivirus- and anti-malware programs. Use it if you suspect your computer is infected, but other protection and cleaning software fails to get you out of your misery. It doesn’t take you a lot of time — a typical malware scan with Emsisoft Emergency Kit takes no more than a minute.

This tutorial provides step-by-step instructions on how to scan and clean your computer.

  1. Download and run the Emsisoft Emergency Kit
  2. Check for the latest online updates
  3. Run a scan and clean your computer
  4. What to do if malware is found
  5. For geeks: Emsisoft Commandline Scanner
  6. For malware removal professionals: Emsisoft Emergency Kit Pro

1. Download and run the Emsisoft Emergency Kit

Download: If you don’t have the Emsisoft Emergency Kit yet, download it here. It’s free for private use and it’s fully portable, which means no installation is required. The download package just unpacks to “C:\EEK\” by default, or any other destination of your choice. Unpacking to a USB device is fine, to carry to and run on another computer.

Note: If you don’t need the software anymore, just delete the whole folder and the shortcut at any time.

Run: Simply run it by double-clicking ‘Start Emergency Kit Scanner.exe’ in the folder it was unpacked to.

If Windows issues an alert and asks for your permission to run the program, allow it to run with elevated rights.

The software can also be started from a read-only device such as CD/DVD/BD or any write-protected USB devices. While online updates are not possible in that case, the software itself remains fully functional for scanning and cleaning, without risking an accidental infection of the plugged-in drive or disk.

2. Check for the latest online updates

We recommend that you run an online update each time you start a new scan, to ensure all the latest malware signatures are included. If you’re opening the program for the first time, it will automatically start an update.

Once the update process has completed successfully, the color in the first menu block will change from orange to green.

After the update has finished, click “SCAN” on the left-side menu or on the green ‘Scan & Clean’ tile.

3. Run a scan and clean your computer

You are now ready to run a scan. There are three options: Quick Scan, Malware Scan, and Custom Scan.

The Malware Scan is the best choice for most users because it’s optimized to scan locations where malware typically infects. This scan typically does not miss any malware; however, if you want to be absolutely thorough and also find inactive malware files or if this is the first time you’re scanning your computer we recommend doing a Custom Scan. It will, with its default settings, scan all the contents of your PC, including local drives and more. This scan is also useful if you wish to configure your own scan settings, scan additional drives for malware or exclude certain folders.

Use the Quick Scan if you are quite sure that the system is clean already, e.g., when you have a new computer. It will only scan active programs and perform a quick search for known malware traces in the file system and registry.

4. What to do if malware is found

If the scan detects any malware or PUPs on your computer, it will display and preselect all findings.

You can either quarantine or delete selected objects. We recommend you quarantine objects in most cases, as this option will completely disable the malware by wrapping it in an encrypted container. It will render the malware harmless while allowing it to either be analyzed by one of our technicians (if needed) or restored in the off chance that it is a false positive.

If you opt to delete files instead, you will irreversibly delete the detected files — so only do this if you are absolutely certain the files are malicious.

View scan logs

All scanner, quarantine and update events are thoroughly logged and can be viewed at the “LOGS” section. Logs can be helpful to our analysts if you ever encounter a complication.

Additional privacy settings and options

The “SETTINGS” area lets you define how the Emsisoft Emergency Kit will operate, especially in regards to your privacy. You can opt-in for our cloud-based database that stores information about all types of programs, good and bad, and checks them in real-time. By opting in, you give the program permission to collect anonymous information about malware it finds on your computer, which helps improve our products’ overall malware detection capabilities.

A Quarantine Re-Scan is by default performed every time new signature updates are downloaded. If it ever happens that you have a wrongly detected object in quarantine, a re-scan with corrected detection signatures would ask you to restore the quarantined objects back to its original place.

Enable Beta Updates only if you are an advanced user and want to take advantage of the latest untested software updates. If you would like to get more insights, please sign up for our beta tester program.

5. For geeks: Emsisoft Commandline Scanner

System administrators, security experts, and experienced command line users will love this. The Emsisoft Emergency Kit also includes the Emsisoft Commandline Scanner, a console application for professionals who don’t need a graphical user interface. Its features are nearly identical to those of the graphical Emsisoft Emergency Kit scanner, and many professionals have called its latest incarnation “one of the most sophisticated command line scanners around”.

Emsisoft Commandline Scanner makes it easy to run repeated scans, perfect for use in automated batch scripts. It can easily be integrated in multi-engine scanning toolkits and its created log files are easy to parse. For more information, see the product details.

To run the Emsisoft Commandline Scanner, either navigate to Emsisoft Emergency Kit’s folder and run the file “Start Commandline Scanner.exe” to see an overview of available parameters or directly locate the “a2cmd.exe” file in “bin” folder appropriate to the bitness of the target computer, and start from there.

6. For malware removal professionals: Emsisoft Business Emergency Kit

Corporate users with up to 50 Windows devices (ie. helpdesks and PC repairs) please purchase the Emsisoft Business Emergency Kit license at a reasonable rate of $199. That can get you the following hard- and software-package:

For details, as well as for custom Enterprise scale licensing options, please check out the Emsisoft Emergency Kit page.

 

Last updated on March 2, 2021.

Emsi

Emsi

Emsisoft founder and managing director. In 1998 when I was 16, a so called 'friend' sent me a file via ICQ that unexpectedly opened my CD-ROM drive, which gave me a big scare. It marked the start of my journey to fight trojans and other malware. My story

What to read next