How to Use Stinger

McAfee Stinger is a standalone utility made use of to detect as well as eliminate particular infections. It’& rsquo; s not a replacement for complete antivirus security, however a specialized tool to aid managers as well as individuals when managing contaminated system. Stinger utilizes next-generation scan innovation, consisting of rootkit scanning, and also check performance optimizations. It identifies and gets rid of hazards recognized under the “” Danger Listing”” choice under Advanced menu alternatives in the Stinger application.

McAfee Stinger currently identifies as well as eliminates GameOver Zeus and also CryptoLocker.

How do you utilize Stinger?

  1. Download and install the latest version of Stinger.
  2. When motivated, select to conserve the documents to a practical location on your hard disk, such as your Desktop folder.
  3. When the download is full, navigate to the folder which contains the downloaded and install Stinger file, and also run it.
  4. The Stinger interface will be shown.
  5. By default, Stinger scans for running procedures, filled components, windows registry, WMI as well as directory areas known to be used by malware on a maker to keep check times minimal. If necessary, click the “” Customize my check”” link to include extra drives/directories to your scan.
  6. Stinger has the ability to scan targets of Rootkits, which is not made it possible for by default.
  7. Click the Scan button to start scanning the defined drives/directories.
  8. By default, Stinger will certainly fix any type of infected documents it discovers.
  9. Stinger leverages GTI Data Online reputation as well as runs network heuristics at Tool degree by default. If you select “” High”” or “” Really High,”” McAfee Labs recommends that you establish the “” On danger discovery”” activity to “” Report”” only for the very first scan.

    To find out more regarding GTI Data Credibility see the adhering to KB posts

    KB 53735 – FAQs for Global Danger Intelligence File Track Record

    KB 60224 – Exactly how to validate that GTI Data Reputation is set up correctly

    KB 65525 – Recognition of generically detected malware (International Hazard Intelligence discoveries)

you can find more here stinger anit virus from Our Articles

Frequently Asked Questions

Q: I understand I have a virus, yet Stinger did not find one. Why is this?
A: Stinger is not a substitute for a complete anti-virus scanner. It is only made to spot as well as remove details risks.

Q: Stinger located an infection that it couldn'’ t fixing. Why is this? A: This is probably because of Windows System Bring back performance having a lock on the contaminated file. Windows/XP/Vista/ 7 customers need to disable system bring back prior to scanning.

Q: Where is the scan log saved and also exactly how can I see them?
A: By default the log file is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB as well as the logs are shown as checklist with time stamp, clicking the log documents name opens up the documents in the HTML style.

Q: Where are the Quarantine files saved?
A: The quarantine documents are stored under C: \ Quarantine \ Stinger.

Q: What is the “” Risk Listing”” choice under Advanced food selection used for?
A: The Risk Checklist provides a listing of malware that Stinger is configured to discover. This list does not contain the arise from running a scan.

Q: Are there any type of command-line parameters offered when running Stinger?
A: Yes, the command-line specifications are shown by mosting likely to the aid menu within Stinger.

Q: I ran Stinger and also currently have a Stinger.opt file, what is that?
A: When Stinger runs it develops the Stinger.opt file that conserves the present Stinger arrangement. When you run Stinger the following time, your previous configuration is made use of as long as the Stinger.opt documents is in the same directory as Stinger.

Q: Stinger upgraded elements of VirusScan. Is this anticipated habits?
A: When the Rootkit scanning option is picked within Stinger choices –– VSCore data (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These data are installed only if newer than what'’ s on the system as well as is needed to check for today’& rsquo; s generation of newer rootkits. If the rootkit scanning alternative is impaired within Stinger –– the VSCore upgrade will certainly not occur.

Q: Does Stinger perform rootkit scanning when deployed via ePO?
A: We’& rsquo; ve handicapped rootkit scanning in the Stinger-ePO package to restrict the car upgrade of VSCore components when an admin releases Stinger to thousands of machines. To enable rootkit scanning in ePO setting, please utilize the adhering to specifications while signing in the Stinger plan in ePO:

— reportpath=%temp%– rootkit

For comprehensive guidelines, please refer to KB 77981

Q: What versions of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Additionally, Stinger needs the maker to have Net Explorer 8 or above.

Q: What are the requirements for Stinger to carry out in a Win PE setting?
A: While producing a custom-made Windows PE photo, add support for HTML Application parts using the directions offered in this walkthrough.

Q: How can I obtain assistance for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no warranties about this item.

Q: How can I include personalized detections to Stinger?
A: Stinger has the choice where a customer can input upto 1000 MD5 hashes as a custom-made blacklist. Throughout a system check, if any kind of files match the custom blacklisted hashes – the data will certainly get found as well as erased. This feature is provided to assist power customers who have separated a malware sample(s) for which no discovery is readily available yet in the DAT data or GTI File Online Reputation. To take advantage of this function:

  1. From the Stinger user interface goto the Advanced–> > Blacklist tab.
  2. Input MD5 hashes to be identified either through the Get in Hash button or click the Tons hash Listing switch to indicate a text file containing MD5 hashes to be consisted of in the scan. SHA1, SHA 256 or other hash kinds are in need of support.
  3. Throughout a scan, files that match the hash will have a discovery name of Stinger!<>. Complete dat fixing is applied on the discovered file.
  4. Files that are digitally signed using a legitimate certificate or those hashes which are currently noted as clean in GTI Data Credibility will certainly not be identified as part of the customized blacklist. This is a security function to prevent users from unintentionally deleting documents.

Q: Exactly how can run Stinger without the Actual Protect element getting installed?
A: The Stinger-ePO package does not carry out Genuine Protect. In order to run Stinger without Real Protect getting installed, implement Stinger.exe