On a clean computer I downloaded Emsisoft Emergency Kit to a flash drive, and then plugged it into a port of the infected computer, turned it on, and tried to install items, but it only got to 4% and stopped. I still have Internet access, but maybe I should do this offline. Are there any recommendations for a usb stick that has a cleaning program that will work against an already infected computer? Whatever the infection is, it disabled McAfee.
If you have a virus infected device you should not let it go online or on a network. Don't try installing anything to the computer or you will likely infect those files. Run a standalone AV from a USB stick. no need to install. Malwarebytes was the goto choice for many until they stopped making a standalone. HitmanPro is a good option to try https://www.hitmanpro.com Not so many AV companies still offer a standalone you can boot from, but Avira still do and are one of the top 5 AV. https://www.avira.com/en/downloads#tab_a3_0 Once you are confident you have cleaned the PC get rid of Mcafee and install something actually useful (eg. something in the top 5 AV) You can use Bitdefender, Avira and Kaspersky for free, and if you like it pay for the no-nag version. Alternatively just go back to windows Defender and tighten the settings more. This would be better than using Mcaffe. https://github.com/AndyFul/ConfigureDefender
It's generally better to run scans while online, as most security software is largely cloud dependent these days. However, Dr.Web's CureIt isn't. They release a new version daily with updated signatures. https://free.drweb.com/
I would advise to: 1. boot computer from a usb/dvd drive that already contains AV software such as Kaspersky Rescue Disk, update signatures and scan system drive. It is Linux-based so Wifi connection sometimes does not work. In that case try Ethernet crossover cable to download updates. 2. unplug your internal drive from PC and plug into other computer that already have AV installed. Don't boot from infected drive. Don't copy any files. Don't even browse that drive via file manager. Don't take any other action other than scanning that drive using updated AV software to minimize the chance to transfer malware.
My mistake, I overlooked the stage where the standalone will need to pull the current database. But generally speaking until you are dealing with the AV you don't want it going online. The Kaspersky and Avira live images are both excellent choices, and are created daily with the latest AV definitions, so even if you can't get it online with the linux distro it won't matter too much. Once you have cleaned it with a live image, you should do a second scan with a good AV from the booted windows system. Due to strict file permissions some files may not be accessible from outside the running OS.
I got a FIx Me Stick, and it is working so far. Made it through the updates and to the scanning level, so I think it's going to clean the infection. I am really happy that this appears to be working. I'll provide an update.
The Fix Me Stick basically worked, but I double-checked results with McAfee stinger and everything was clean. I am surprised that my first try with Emsisoft Emergency Kit was stopped during update. The virus was pretty nasty, as it also disabled the original McAfee protection.
Good to hear I looked into this Fix Me Stick. It uses Avira for the AV component. Basically you just bought the free Avira from a 3rd party, and it does not work as a runtime AV, only for standalone scans. Avira is what solved your problem. If I were you I'd stick with buying Avira direct from Avira so you get their support and access to all their optional tools. Avira offer a free ISO image anyone can use to create a bootable USB stick, much like you just paid for. Not sure why you think McAfee Stinger is any use for a second opinion, when McAfee as a first opinion didn't detect the virus to begin with.