McAfee Stinger is a standalone utility used to find and remove details infections. It’& rsquo; s not a substitute for complete anti-viruses defense, yet a specialized device to help administrators and also customers when managing contaminated system. Stinger makes use of next-generation check modern technology, consisting of rootkit scanning, as well as check performance optimizations. It finds as well as eliminates threats determined under the “” Threat Listing”” alternative under Advanced menu options in the Stinger application.
McAfee Stinger currently detects and also eliminates GameOver Zeus as well as CryptoLocker.
How do you use Stinger?
- Download and install the most recent version of Stinger.
- When triggered, select to save the documents to a hassle-free location on your hard drive, such as your Desktop folder.
- When the download is complete, navigate to the folder which contains the downloaded Stinger data, and also run it.
- The Stinger interface will be displayed.
- By default, Stinger scans for running processes, packed modules, computer system registry, WMI and also directory site locations recognized to be made use of by malware on a device to maintain scan times marginal. If necessary, click the “” Customize my check”” web link to include extra drives/directories to your scan.
- Stinger has the capability to scan targets of Rootkits, which is not enabled by default.
- Click the Check switch to begin scanning the defined drives/directories.
- By default, Stinger will repair any infected files it discovers.
- Stinger leverages GTI Data Track record and runs network heuristics at Tool level by default. If you choose “” High”” or “” Really High,”” McAfee Labs suggests that you establish the “” On danger discovery”” action to “” Report”” just for the first scan.
To find out more concerning GTI Documents Credibility see the adhering to KB write-ups
KB 53735 – FAQs for Global Danger Knowledge Documents Reputation
KB 60224 – Exactly how to confirm that GTI File Online reputation is mounted correctly
KB 65525 – Identification of generically found malware (Global Threat Knowledge detections)
read about it mcafee stinger from Our Articles
Frequently Asked Questions
Q: I know I have an infection, but Stinger did not detect one. Why is this?
A: Stinger is not an alternative to a full anti-virus scanner. It is only developed to spot as well as eliminate specific dangers.
Q: Stinger located an infection that it couldn'’ t fixing. Why is this? A: This is more than likely as a result of Windows System Restore functionality having a lock on the contaminated file. Windows/XP/Vista/ 7 users should disable system recover prior to scanning.
Q: Where is the scan log conserved and how can I view them?
A: By default the log file is saved from where Stinger.exe is run. Within Stinger, browse to the log TAB and the logs are shown as checklist with time stamp, clicking the log data name opens the data in the HTML style.
Q: Where are the Quarantine files stored?
A: The quarantine files are stored under C: \ Quarantine \ Stinger.
Q: What is the “” Threat Checklist”” option under Advanced food selection made use of for?
A: The Hazard Checklist supplies a listing of malware that Stinger is configured to detect. This list does not contain the results from running a scan.
Q: Exist any kind of command-line parameters readily available when running Stinger?
A: Yes, the command-line criteria are presented by going to the help menu within Stinger.
Q: I ran Stinger as well as currently have a Stinger.opt file, what is that?
A: When Stinger runs it produces the Stinger.opt data that saves the existing Stinger setup. When you run Stinger the following time, your previous setup is used as long as the Stinger.opt data is in the same directory as Stinger.
Q: Stinger updated elements of VirusScan. Is this expected actions?
A: When the Rootkit scanning choice is selected within Stinger choices –– VSCore data (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These data are installed only if more recent than what'’ s on the system as well as is required to scan for today’& rsquo; s generation of newer rootkits. If the rootkit scanning alternative is handicapped within Stinger –– the VSCore update will certainly not happen.
Q: Does Stinger perform rootkit scanning when deployed using ePO?
A: We’& rsquo; ve disabled rootkit scanning in the Stinger-ePO plan to limit the vehicle upgrade of VSCore components when an admin deploys Stinger to countless devices. To allow rootkit scanning in ePO mode, please make use of the following criteria while checking in the Stinger package in ePO:
— reportpath=%temp%– rootkit
For comprehensive guidelines, please describe KB 77981
Q: What versions of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Furthermore, Stinger requires the maker to have Net Traveler 8 or above.
Q: What are the requirements for Stinger to carry out in a Win PE environment?
A: While developing a customized Windows PE image, include support for HTML Application elements using the guidelines supplied in this walkthrough.
Q: Exactly how can I obtain support for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no assurances concerning this item.
Q: Just how can I include customized discoveries to Stinger?
A: Stinger has the alternative where an individual can input upto 1000 MD5 hashes as a custom-made blacklist. Throughout a system check, if any type of files match the custom-made blacklisted hashes – the data will certainly obtain found and also erased. This feature is provided to help power customers who have isolated a malware sample(s) for which no discovery is readily available yet in the DAT data or GTI Data Credibility. To utilize this feature:
- From the Stinger user interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be discovered either by means of the Enter Hash button or click the Load hash Checklist button to indicate a text file including MD5 hashes to be included in the scan. SHA1, SHA 256 or various other hash kinds are unsupported.
- During a scan, documents that match the hash will certainly have a detection name of Stinger!<>. Full dat fixing is applied on the spotted data.
- Documents that are electronically authorized making use of a valid certificate or those hashes which are currently noted as clean in GTI Data Reputation will not be discovered as part of the customized blacklist. This is a safety and security feature to prevent individuals from unintentionally erasing data.
Q: Exactly how can run Stinger without the Real Protect component obtaining set up?
A: The Stinger-ePO bundle does not carry out Real Protect. In order to run Stinger without Real Protect obtaining set up, execute Stinger.exe