How to Use Stinger

McAfee Stinger is a standalone utility used to detect and remove certain viruses. Stinger utilizes next-generation scan technology, such as rootkit scanning, and scan performance optimizations.

McAfee Stinger now detects and eliminates GameOver Zeus and CryptoLocker.

How can you utilize Stinger?

When prompted, choose to save the file to a suitable location in your hard disk, like your Desktop folder.

Once the download is complete, browse to the folder which includes the downloaded Stinger record, and run it.

By default, Stinger scans for conducting processes, loaded modules, registry, WMI and directory locations known to be employed by malware onto a machine to maintain scan times minimum. If necessary, click on the”Customize my scanning” link to add additional drives/directories to a scan.

Stinger has the ability to scan targets of Rootkits, which is not enabled by default.

Click the Scan button to begin scanning the specified drives/directories.

By default, Stinger will repair any infected files that it finds.

Stinger Requires GTI File Reputation and operates network heuristics at Medium level . If you select”High” or”Very High,” McAfee Labs recommends that you set the”On hazard detection” actions to”Report” only for the first scan.

To Find out More about GTI File Reputation view the following KB articles

KB 53735 – FAQs for Global Threat Intelligence File Reputation

KB 60224 – How to confirm that GTI File Reputation is installed correctly

KB 65525 – Identification of generically found malware (International Threat Intelligence detections)

follow the link chip de malware At our site

Often Asked Questions

Q: I know I have a virus, however, Stinger did not find one. What’s this?
A: Stinger is not a replacement for a full anti-virus scanner. It is simply designed to find and remove specific threats.

Q: Stinger found a virus it couldn’t fix. Why is this?
A: That is most likely because of Windows System Restore functionality using a lock onto the infected document. Windows/XP/Vista/7 users should disable system restore prior to scanning.

Q: Where is the scan log saved and how do I view them?
A: By default the log file is saved in where Stinger.exe is conducted. Within Stinger, navigate into the log TAB and the logs have been displayed as listing of time stamp, clicking onto the log file name opens the document in the HTML format.

Q: How Where are the Quarantine documents saved?

This listing does not include the results of running a scan.

Q: Why Are there any command-line parameters available when running Stinger?
A: Yes, even the command-line parameters have been displayed by going to the help menu within Stinger.

Q: I conducted Stinger and now have a Stinger.opt file, what’s that?
A: When Stinger conducts it generates the Stinger.opt file that saves the current Stinger configuration. After you conduct Stinger the next time, your previous configuration is used as long as the Stinger.opt document is in exactly the same directory as Stinger.

Is this expected behaviour?
A: When the Rootkit scanning alternative is chosen within Stinger preferences — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint is going to be upgraded to 15.x. These files are installed only if newer than what’s about the system and is needed to scan for today’s creation of newer rootkits. In the event the rootkit scanning option is disabled inside Stinger — that the VSCore update won’t occur.

Q: Does Stinger work rootkit scanning when deployed through ePO?
A: We’ve disabled rootkit scanning at the Stinger-ePO bundle to set a limit on the vehicle upgrade of VSCore components when an admin deploys Stinger to thousands of machines. To enable rootkit scanning in ePO manner, please utilize the following parameters while assessing in the Stinger package in ePO:

–reportpath=%temp% –rootkit

Q: How What versions of Windows are backed by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Furthermore, Stinger requires the device to have Internet Explorer 8 or above.

Q: What are the prerequisites for Stinger to perform at a Win PE surroundings?
A: whilst creating a custom Windows PE image, add support for HTML Application components utilizing the instructions given within this walkthrough.

Q: How do I obtain hold for Stinger?
An: Stinger isn’t a supported program. McAfee Labs makes no warranties concerning this item.

Q: How How do I add custom made detections into Stinger?
A: Stinger has the option where a user may enter upto 1000 MD5 hashes as a custom blacklist. During a system scan, even if any documents fit the habit blacklisted hashes – the documents will get deleted and noticed. This feature is provided to help power users who have isolated a malware sample(s) that no detection is available however in the DAT files or GTI File Reputation. To leverage this attribute:

1. In the Stinger port goto the Advanced –> Blacklist tab.
2. During a scan, documents which fit the hash is going to have detection name of Stinger! . Total dat fix is put on the file.
3. Files that are digitally signed using a valid certificate or people hashes that are marked as blank in GTI File Reputation will not be detected as part of the custom blacklist. This is a security feature to prevent customers from accidentally deleting files.

Q: How can conduct Stinger without the Actual Protect component becoming installed?
A: The Stinger-ePO bundle doesn’t fulfill Actual Protect. So as to run Stinger with no Real Protect getting installed, execute Stinger.exe –ePO