Site icon Emsisoft | Cybersecurity Blog

The Emsisoft Remediation Kit | Windows Device Protection | Emsisoft Tutorial


Hello, and welcome to our video. Today we’re going to explore the Emsisoft Remediation Kit: a fully portable dual-engine cleaning toolkit that scans for and removes Malware and Potentially Unwanted Programs from your PC. It’s the tool of choice for second opinion scans, and works well with other antivirus- and anti-malware programs. Use it when you suspect your computer may be infected, or when you’re not sure if your other solution has removed all of the malware from your computer. A typical malware scan with the Emsisoft Remediation Kit is quick and simple.

When you purchase the Remediation Kit, you’ll be given a link to download a package, and a license key which meets your specific needs. The installer is actually a self extracting archive file that unpacks all files to the destination folder – the on-screen instructions guide you through the process. The Remediation Kit is a portable application so it can be run from your local hard drive or from a USB drive, whichever is more convenient. Scans should be done on an active version of Windows, because it needs to access the active Registry to safely detect and restore potentially damaged sections.

After the installation has completed, it asks you to accept the license and maintenance agreement. Next, it will ask you to either enter a license key for commercial use, or Buy a new license key. Since we’ve already purchased a license, we’ll select the first option, enter our key, and click “Next”.

Once the license key has been entered, you’ll notice that the first menu block is orange, reminding you to update its malware signatures. So let’s run an update, and keep in mind that it’s a good idea to do an update before each scan. Click the “Update Now” link, and once the process has completed, the first menu block will change from orange to green. While you have to be connected to the internet to complete this step, you can then run a scan on a computer which doesn’t have internet connectivity, from a USB drive for example.

Now we’re ready to start a scan with the Remediation Kit. You can click on The “Scan” icon in the left-side menu, or on the top half of the “Scan & Clean” tile.

Use the Quick Scan if you’re quite sure that the system is clean already, for example when you have a new computer. It will only scan active programs and perform a quick search for known malware traces in the file system and registry.

The Malware Scan is the best choice for most users because it’s optimized to scan locations where malware typically infects. This scan doesn’t normally miss any active malware.

However, if you want to be absolutely thorough and also find inactive malware files, or if this is the first time you’re scanning your computer we recommend doing a Custom Scan. With its default settings it will scan all storage drives of your PC. This scan is also useful if you wish to configure your own scan settings, scan additional drives for malware, or scan specific folders or files.

If you often run a custom scan with the same settings, you can save those settings to a file and use them again for your next custom scan.

Regardless of the type of scan that you run, the “Scanner settings” section of the page allows you to specify whether to detect potentially unwanted programs, specify the performance impact of your scan, and whether to report or quarantine detections right away.

Let’s run a custom scan, and we’ll see what we can do with the results.

Once your scan has completed, you can view a report that records the scan type, all settings used for the scan, the start and end time, the number of files scanned as well as the number of detections. You can always refer back to past scans, which are saved in the “Reports” folder in your “ERK” directory.

The “Scan Results” will show you any suspicious files that have been detected but not quarantined, and gives you the options to quarantine or delete any or all detections. If the scanner settings were already configured to quarantine detections, they won’t appear in this list. I’ll quarantine these items now.

Let’s look at the files that have been put in quarantine now. The quarantine is a safe place for suspicious files, and they can’t do any harm to your system once they’re in quarantine. We have a few options from the quarantine page. First, we can restore files if there’s been a false detection. We can also delete files if we know that it’s malware. The “False Detection” button opens a form to send a report of the file in question to our lab team for further investigation. The “Re-scan all” button will repeat a scan of the files in the quarantine, with the latest malware update – occasionally, updates will flag a file as a false positive. Finally, you can select “Add file” to manually move a file to the quarantine, if you’re not quite sure about it and want to be safe as you investigate it further.

All scanner, quarantine and update events are thoroughly logged and can be viewed in the “Logs” section. Logs can be helpful to our analysts if you ever encounter a complication.

The “Settings” page has two sections. “Exclusions” allows you to specify files or folders to be excluded from scans. This should be used with caution, as false positives from our scanner are quite rare. And the “Advanced” settings lets you define how the Emsisoft Remediation Kit will operate. For example, you can opt-in to collect anonymous information about malware it finds on your computer, which helps improve our products’ overall malware detection capabilities.

The remaining settings are pretty self-explanatory, so we’ll let you investigate them at your leisure.

Finally, the Emsisoft Remediation Kit also includes the Emsisoft Commandline Scanner – a console application which has features nearly identical to those of the graphical Emsisoft Remediation Kit scanner, and is widely regarded as “one of the most sophisticated command line scanners around”. We have a separate video on the Commandline Scanner, and it provides a good overview of its functionality – if you’re interested you should check out the link to it in the comments section.

And that’s it for our video on the Emsisoft Remediation Kit. To find out more, contact Emsisoft from our website. I hope that you found it helpful, and don’t forget to leave your comments below. Thanks for watching.

Exit mobile version