How to Use Stinger

McAfee Stinger is a standalone utility used to detect and remove certain viruses. It detects and eliminates threats identified below the”Threat List” option under Advanced menu options in the Stinger program.

McAfee Stinger now finds and removes GameOver Zeus and CryptoLocker.

How do you utilize Stinger?

  1. Download the most recent version of Stinger.
  2. When prompted, choose to save the file to a suitable location in your hard diskdrive, such as the Desktop folder.
  3. When the download is complete, navigate to the folder which contains the downloaded Stinger file, and run it.
  4. The Stinger interface will be displayed.
  5. By default, Stinger scans for running processes, loaded modules, registry, WMI and directory places known to be employed by malware on a machine to maintain scan times minimum. If needed, click the”Customize my scan” link to include extra drives/directories to a scan.
  6. Stinger has the capacity to scan goals of Rootkits, which isn’t enabled by default.
  7. Click the Scan button to begin scanning the given drives/directories.
  8. By default, Stinger will repair any infected files that it finds.
  9. Stinger leverages GTI File Reputation and operates community heuristics at Medium level by default. If you select”High” or”Very High,” McAfee Labs recommends that you place the”On threat detection” action to”Report” only for the first scan.

    To learn more about GTI File Reputation watch the following KB articles

    KB 53735 – FAQs for Worldwide Threat Intelligence File Reputation

    KB 60224 – The best way to confirm that GTI File Reputation is set up correctly

    KB 65525 – Identification generically detected malware (Global Threat Intelligence detections)

you can find more here mc afee stinger from Our Articles

Frequently Asked Questions

Q: I know I have a virus, however, Stinger didn’t detect one. Why is this?
A: Stinger is not a replacement for an entire anti-virus scanner. It is simply designed to find and remove specific threats.

Q: Stinger found a virus that it couldn’t repair. What’s this?
A: This is probably due to Windows System Restore performance using a lock onto the infected file. Windows/XP/Vista/7 users should disable system restore before scanning.

Q: How Where is your scan log stored and how can I view them?
Inside Stinger, browse into the log TAB along with the logs will be displayed as list with time stamp, clicking on the log file name opens the document in the HTML format.

Q: How Where would be the Quarantine files stored?

This list does not include the results from running a scan.

Q: Why Are there some command-line parameters accessible when conducting Stinger?
A: Yes, even the command-line parameters are shown by going to the help menu inside Stinger.

Q: I conducted Stinger and finally have a Stinger.opt record, what is that?
A: When Stinger conducts it creates the Stinger.opt record that saves the recent Stinger configuration. After you conduct Stinger the second time, your previous configuration is utilized provided that the Stinger.opt file is in precisely the identical directory as Stinger.

Q: Stinger updated parts of VirusScan. Is this expected behaviour?
A: as soon as the Rootkit scanning option is chosen within Stinger tastes — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be updated to 15.x. These documents are installed only if newer than what’s on the system and is needed to scan for today’s generation of newer rootkits. If the rootkit scanning option is disabled in Stinger — that the VSCore upgrade won’t happen.

Q: Can Stinger work rootkit scanning when installed through ePO?
A: We have disabled rootkit scanning from the Stinger-ePO bundle to limit the auto update of VSCore components as soon as an admin deploys Stinger to tens of thousands of machines. To Allow rootkit scanning in ePO mode, please utilize the following parameters while checking in the Stinger bundle in ePO:

–reportpath=%yolk% –rootkit

For detailed instructions, please refer to KB 77981

Q: What versions of Windows are backed by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Additionally, Stinger demands the machine to have Web Explorer 8 or above.

Q: Which are the prerequisites for Stinger to perform in a Win PE surroundings?
A: whilst creating a custom Windows PE image, add support to HTML Application components using the directions given in this walkthrough.

Q: How can I get service for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no guarantees about this item.

Q: how How do I add custom detections to Stinger?
A: Stinger has the option where a user may enter upto 1000 MD5 hashes as a custom blacklist. Throughout a system scan, if any documents match the custom blacklisted hashes – that the files will get deleted and noticed. This feature is provided to assist power users who have isolated an malware sample(s) for which no detection is available yet in the DAT documents or GTI File Reputation.

  • During a scan, all documents that fit the hash is going to have detection title of Stinger! . Total dat fix is used on the found file.
  • Documents that are digitally signed with a valid certification or those hashes which are already marked as blank from GTI File Reputation will not be detected as part of the custom made blacklist. This is a safety feature to prevent customers from accidentally deleting files.
  • Q: How can run Stinger with no Real Protect component getting installed?
    A: The Stinger-ePO bundle doesn’t fulfill Actual Protect. So as to conduct Stinger without Real Protect getting installed, do Stinger.exe –ePO

    Leave a Reply

    Your email address will not be published. Required fields are marked *