McAfee Stinger is a standalone utility made use of to discover as well as get rid of specific viruses. It’& rsquo; s not a replacement for complete antivirus protection, however a specialized device to aid managers as well as customers when handling contaminated system. Stinger uses next-generation check modern technology, including rootkit scanning, and check efficiency optimizations. It detects and eliminates threats identified under the “” Hazard Checklist”” choice under Advanced menu choices in the Stinger application.
McAfee Stinger currently detects as well as gets rid of GameOver Zeus and also CryptoLocker.
How do you utilize Stinger?
- Download and install the most recent version of Stinger.
- When prompted, choose to save the documents to a convenient location on your hard drive, such as your Desktop folder.
- When the download is total, browse to the folder which contains the downloaded Stinger documents, and run it.
- The Stinger interface will certainly be presented.
- By default, Stinger scans for running procedures, filled modules, registry, WMI and also directory areas known to be utilized by malware on an equipment to maintain check times marginal. If essential, click the “” Personalize my scan”” web link to add additional drives/directories to your scan.
- Stinger has the capacity to check targets of Rootkits, which is not made it possible for by default.
- Click the Check button to begin scanning the defined drives/directories.
- By default, Stinger will fix any infected documents it locates.
- Stinger leverages GTI Data Track record as well as runs network heuristics at Medium degree by default. If you pick “” High”” or “” Really High,”” McAfee Labs advises that you establish the “” On danger detection”” action to “” Record”” only for the initial scan.
For more information regarding GTI Data Reputation see the complying with KB posts
KB 53735 – FAQs for Worldwide Risk Intelligence Documents Reputation
KB 60224 – Exactly how to validate that GTI File Credibility is set up appropriately
KB 65525 – Recognition of generically identified malware (Global Danger Intelligence discoveries)
Read more stinger 64 At website Articles
Frequently Asked Questions
Q: I recognize I have a virus, yet Stinger did not identify one. Why is this?
A: Stinger is not a replacement for a complete anti-virus scanner. It is only created to spot as well as get rid of particular risks.
Q: Stinger found a virus that it couldn'’ t repair. Why is this? A: This is most likely as a result of Windows System Bring back performance having a lock on the contaminated file. Windows/XP/Vista/ 7 individuals should disable system recover prior to scanning.
Q: Where is the check log saved as well as exactly how can I view them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB as well as the logs are shown as list with time stamp, clicking the log documents name opens the file in the HTML format.
Q: Where are the Quarantine files stored?
A: The quarantine documents are stored under C: \ Quarantine \ Stinger.
Q: What is the “” Risk Listing”” option under Advanced food selection utilized for?
A: The Threat Listing supplies a listing of malware that Stinger is set up to discover. This listing does not include the results from running a scan.
Q: Exist any kind of command-line criteria available when running Stinger?
A: Yes, the command-line criteria are displayed by going to the help menu within Stinger.
Q: I ran Stinger and now have a Stinger.opt documents, what is that?
A: When Stinger runs it creates the Stinger.opt documents that saves the present Stinger setup. When you run Stinger the following time, your previous setup is made use of as long as the Stinger.opt data remains in the very same directory site as Stinger.
Q: Stinger upgraded elements of VirusScan. Is this expected behavior?
A: When the Rootkit scanning choice is selected within Stinger choices –– VSCore data (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These documents are installed just if more recent than what'’ s on the system and also is needed to check for today’& rsquo; s generation of newer rootkits. If the rootkit scanning option is handicapped within Stinger –– the VSCore upgrade will not happen.
Q: Does Stinger perform rootkit scanning when released using ePO?
A: We’& rsquo; ve impaired rootkit scanning in the Stinger-ePO package to restrict the auto upgrade of VSCore elements when an admin deploys Stinger to countless devices. To enable rootkit scanning in ePO mode, please utilize the following specifications while checking in the Stinger package in ePO:
— reportpath=%temp%– rootkit
For comprehensive guidelines, please refer to KB 77981
Q: What versions of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, Panorama SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. On top of that, Stinger requires the equipment to have Net Traveler 8 or above.
Q: What are the needs for Stinger to implement in a Success PE atmosphere?
A: While developing a personalized Windows PE picture, include assistance for HTML Application elements utilizing the guidelines offered in this walkthrough.
Q: Exactly how can I get assistance for Stinger?
A: Stinger is not a sustained application. McAfee Labs makes no assurances regarding this product.
Q: Exactly how can I include custom discoveries to Stinger?
A: Stinger has the choice where a customer can input upto 1000 MD5 hashes as a customized blacklist. Throughout a system scan, if any type of data match the custom blacklisted hashes – the documents will certainly get identified and deleted. This function is offered to assist power individuals that have separated a malware sample(s) for which no discovery is available yet in the DAT documents or GTI File Track Record. To take advantage of this feature:
- From the Stinger interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be discovered either using the Get in Hash button or click the Load hash Listing switch to indicate a text file containing MD5 hashes to be included in the scan. SHA1, SHA 256 or other hash types are unsupported.
- Throughout a check, files that match the hash will certainly have a detection name of Stinger!<>. Complete dat repair work is used on the identified data.
- Documents that are digitally signed using a legitimate certificate or those hashes which are already noted as tidy in GTI File Online reputation will not be discovered as part of the personalized blacklist. This is a security attribute to prevent individuals from unintentionally erasing data.
Q: Just how can run Stinger without the Real Protect component getting mounted?
A: The Stinger-ePO plan does not execute Genuine Protect. In order to run Stinger without Real Protect getting installed, execute Stinger.exe