McAfee Stinger is a standalone utility utilized to discover and also remove details infections. It’& rsquo; s not a substitute for full anti-viruses security, however a specialized device to assist managers as well as users when handling contaminated system. Stinger uses next-generation scan innovation, consisting of rootkit scanning, and scan efficiency optimizations. It finds and also eliminates threats identified under the “” Danger Listing”” choice under Advanced menu options in the Stinger application.
McAfee Stinger now detects and also eliminates GameOver Zeus as well as CryptoLocker.
Just how do you utilize Stinger?
- Download and install the current version of Stinger.
- When prompted, choose to save the file to a hassle-free place on your hard disk, such as your Desktop folder.
- When the download is full, browse to the folder that contains the downloaded Stinger data, as well as run it.
- The Stinger user interface will be presented.
- By default, Stinger scans for running processes, loaded components, computer system registry, WMI as well as directory areas known to be made use of by malware on a machine to keep check times very little. If necessary, click the “” Personalize my check”” web link to add added drives/directories to your scan.
- Stinger has the capacity to check targets of Rootkits, which is not allowed by default.
- Click the Check switch to begin checking the specified drives/directories.
- By default, Stinger will fix any kind of contaminated files it discovers.
- Stinger leverages GTI File Reputation and runs network heuristics at Tool level by default. If you choose “” High”” or “” Very High,”” McAfee Labs recommends that you set the “” On threat detection”” action to “” Record”” just for the initial scan.
To get more information concerning GTI File Reputation see the adhering to KB articles
KB 53735 – Frequently Asked Questions for International Risk Intelligence Data Reputation
KB 60224 – Just how to validate that GTI Documents Track record is installed correctly
KB 65525 – Identification of generically spotted malware (International Risk Knowledge detections)
read about it stnger.exe from Our Articles
Frequently Asked Questions
Q: I recognize I have an infection, but Stinger did not spot one. Why is this?
A: Stinger is not a substitute for a complete anti-virus scanner. It is only developed to identify and also eliminate details hazards.
Q: Stinger discovered a virus that it couldn'’ t fixing. Why is this? A: This is probably because of Windows System Restore functionality having a lock on the contaminated data. Windows/XP/Vista/ 7 individuals ought to disable system recover prior to scanning.
Q: Where is the scan log saved and exactly how can I watch them?
A: By default the log documents is saved from where Stinger.exe is run. Within Stinger, browse to the log TAB as well as the logs are displayed as checklist with time stamp, clicking on the log data name opens up the data in the HTML style.
Q: Where are the Quarantine files stored?
A: The quarantine documents are stored under C: \ Quarantine \ Stinger.
Q: What is the “” Risk List”” option under Advanced food selection utilized for?
A: The Hazard Listing gives a list of malware that Stinger is set up to spot. This list does not consist of the results from running a check.
Q: Exist any command-line parameters readily available when running Stinger?
A: Yes, the command-line specifications are displayed by mosting likely to the aid menu within Stinger.
Q: I ran Stinger and also now have a Stinger.opt file, what is that?
A: When Stinger runs it produces the Stinger.opt documents that saves the existing Stinger arrangement. When you run Stinger the next time, your previous setup is made use of as long as the Stinger.opt documents remains in the same directory site as Stinger.
Q: Stinger upgraded components of VirusScan. Is this anticipated actions?
A: When the Rootkit scanning choice is selected within Stinger preferences –– VSCore documents (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These files are set up just if newer than what'’ s on the system and is required to scan for today’& rsquo; s generation of newer rootkits. If the rootkit scanning choice is disabled within Stinger –– the VSCore upgrade will certainly not occur.
Q: Does Stinger perform rootkit scanning when released via ePO?
A: We’& rsquo; ve disabled rootkit scanning in the Stinger-ePO plan to restrict the car update of VSCore parts when an admin deploys Stinger to thousands of makers. To make it possible for rootkit scanning in ePO setting, please use the complying with specifications while checking in the Stinger plan in ePO:
— reportpath=%temp%– rootkit
For in-depth guidelines, please describe KB 77981
Q: What versions of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. In addition, Stinger calls for the device to have Net Traveler 8 or above.
Q: What are the requirements for Stinger to implement in a Victory PE atmosphere?
A: While producing a custom-made Windows PE picture, add support for HTML Application elements utilizing the instructions given in this walkthrough.
Q: How can I get support for Stinger?
A: Stinger is not a sustained application. McAfee Labs makes no guarantees about this product.
Q: How can I add custom-made discoveries to Stinger?
A: Stinger has the option where a user can input upto 1000 MD5 hashes as a custom blacklist. Throughout a system check, if any type of files match the personalized blacklisted hashes – the files will certainly get identified as well as deleted. This attribute is given to assist power customers who have isolated a malware sample(s) for which no detection is available yet in the DAT data or GTI Data Reputation. To utilize this function:
- From the Stinger user interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be detected either using the Get in Hash button or click the Load hash List switch to point to a text file having MD5 hashes to be included in the check. SHA1, SHA 256 or other hash kinds are unsupported.
- During a scan, documents that match the hash will certainly have a discovery name of Stinger!<
>. Complete dat fixing is applied on the detected data.
- Documents that are electronically authorized utilizing a legitimate certificate or those hashes which are already marked as clean in GTI File Track record will certainly not be discovered as part of the personalized blacklist. This is a safety feature to avoid customers from accidentally erasing data.
Q: Just how can run Stinger without the Genuine Protect part obtaining set up?
A: The Stinger-ePO plan does not perform Genuine Protect. In order to run Stinger without Real Protect getting installed, carry out Stinger.exe