How to Utilize Stinger

McAfee Stinger is a standalone utility used to discover and get rid of particular viruses. It’& rsquo; s not a replacement for complete anti-viruses protection, but a specialized tool to help managers and also customers when managing contaminated system. Stinger makes use of next-generation check modern technology, including rootkit scanning, and check efficiency optimizations. It detects as well as eliminates threats identified under the “” Threat Checklist”” alternative under Advanced food selection options in the Stinger application.

McAfee Stinger currently discovers as well as gets rid of GameOver Zeus and CryptoLocker.

How do you make use of Stinger?

  1. Download the current version of Stinger.
  2. When triggered, select to conserve the file to a hassle-free place on your hard disk, such as your Desktop folder.
  3. When the download is total, navigate to the folder that contains the downloaded and install Stinger data, and run it.
  4. The Stinger interface will certainly be displayed.
  5. By default, Stinger scans for running processes, packed modules, registry, WMI and directory site places known to be made use of by malware on an equipment to keep check times marginal. If essential, click the “” Tailor my scan”” link to include extra drives/directories to your scan.
  6. Stinger has the capability to scan targets of Rootkits, which is not enabled by default.
  7. Click the Check button to begin scanning the specified drives/directories.
  8. By default, Stinger will certainly repair any kind of contaminated files it discovers.
  9. Stinger leverages GTI File Online reputation and also runs network heuristics at Tool level by default. If you choose “” High”” or “” Really High,”” McAfee Labs suggests that you set the “” On threat detection”” action to “” Report”” just for the initial check.

    To get more information about GTI File Track record see the adhering to KB short articles

    KB 53735 – Frequently Asked Questions for International Danger Intelligence Documents Online Reputation

    KB 60224 – Exactly how to confirm that GTI File Reputation is set up properly

    KB 65525 – Identification of generically detected malware (Global Threat Knowledge discoveries)

you can find more here s_t_i_n_g_e_r.exe from Our Articles

Frequently Asked Questions

Q: I understand I have an infection, however Stinger did not discover one. Why is this?
A: Stinger is not an alternative to a full anti-virus scanner. It is just designed to identify and eliminate details risks.

Q: Stinger discovered a virus that it couldn'’ t repair service. Why is this? A: This is most likely due to Windows System Restore functionality having a lock on the contaminated documents. Windows/XP/Vista/ 7 users should disable system restore prior to scanning.

Q: Where is the scan log saved as well as how can I watch them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB and the logs are shown as checklist with time stamp, clicking the log file name opens the documents in the HTML layout.

Q: Where are the Quarantine submits kept?
A: The quarantine documents are saved under C: \ Quarantine \ Stinger.

Q: What is the “” Danger Listing”” option under Advanced food selection utilized for?
A: The Danger Listing supplies a checklist of malware that Stinger is configured to identify. This list does not include the results from running a scan.

Q: Exist any type of command-line specifications offered when running Stinger?
A: Yes, the command-line specifications are shown by mosting likely to the assistance menu within Stinger.

Q: I ran Stinger as well as currently have a Stinger.opt data, what is that?
A: When Stinger runs it creates the Stinger.opt data that conserves the current Stinger setup. When you run Stinger the next time, your previous configuration is utilized as long as the Stinger.opt file remains in the same directory site as Stinger.

Q: Stinger updated components of VirusScan. Is this anticipated habits?
A: When the Rootkit scanning alternative is chosen within Stinger choices –– VSCore files (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be upgraded to 15.x. These files are set up only if newer than what'’ s on the system as well as is needed to scan for today’& rsquo; s generation of more recent rootkits. If the rootkit scanning choice is disabled within Stinger –– the VSCore upgrade will not happen.

Q: Does Stinger perform rootkit scanning when released using ePO?
A: We’& rsquo; ve disabled rootkit scanning in the Stinger-ePO bundle to restrict the car update of VSCore parts when an admin deploys Stinger to hundreds of devices. To make it possible for rootkit scanning in ePO setting, please make use of the complying with parameters while signing in the Stinger plan in ePO:

— reportpath=%temp%– rootkit

For in-depth directions, please refer to KB 77981

Q: What variations of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, View SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. In addition, Stinger calls for the equipment to have Net Explorer 8 or above.

Q: What are the requirements for Stinger to carry out in a Victory PE environment?
A: While creating a custom Windows PE picture, include support for HTML Application parts using the guidelines supplied in this walkthrough.

Q: Exactly how can I get support for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no assurances concerning this product.

Q: Just how can I add custom-made detections to Stinger?
A: Stinger has the choice where a user can input upto 1000 MD5 hashes as a customized blacklist. Throughout a system scan, if any files match the customized blacklisted hashes – the documents will get found and deleted. This function is provided to help power customers who have actually separated a malware example(s) for which no detection is offered yet in the DAT files or GTI Documents Credibility. To leverage this function:

  1. From the Stinger interface goto the Advanced–> > Blacklist tab.
  2. Input MD5 hashes to be identified either via the Enter Hash switch or click the Lots hash Listing switch to indicate a text file including MD5 hashes to be consisted of in the scan. SHA1, SHA 256 or other hash kinds are in need of support.
  3. During a check, data that match the hash will have a discovery name of Stinger!<>. Full dat repair service is used on the discovered file.
  4. Files that are electronically authorized making use of a legitimate certification or those hashes which are already marked as tidy in GTI Data Online reputation will not be discovered as part of the personalized blacklist. This is a safety and security feature to stop individuals from unintentionally erasing files.

Q: How can run Stinger without the Real Protect element obtaining set up?
A: The Stinger-ePO bundle does not carry out Real Protect. In order to run Stinger without Real Protect getting mounted, execute Stinger.exe