McAfee Stinger is a standalone energy made use of to identify as well as eliminate specific viruses. It’& rsquo; s not an alternative to full anti-viruses defense, but a specialized tool to aid administrators as well as users when managing contaminated system. Stinger utilizes next-generation scan modern technology, consisting of rootkit scanning, and scan efficiency optimizations. It spots and gets rid of threats identified under the “” Risk List”” option under Advanced menu alternatives in the Stinger application.
McAfee Stinger currently detects and also removes GameOver Zeus and also CryptoLocker.
Exactly how do you use Stinger?
- Download and install the most recent variation of Stinger.
- When prompted, choose to save the data to a practical area on your hard disk, such as your Desktop computer folder.
- When the download is complete, navigate to the folder which contains the downloaded Stinger file, and run it.
- The Stinger user interface will certainly be displayed.
- By default, Stinger checks for running processes, filled modules, registry, WMI and also directory locations known to be made use of by malware on a machine to maintain scan times minimal. If essential, click the “” Customize my check”” web link to add added drives/directories to your scan.
- Stinger has the capability to check targets of Rootkits, which is not made it possible for by default.
- Click the Scan switch to begin checking the specified drives/directories.
- By default, Stinger will certainly fix any kind of contaminated documents it discovers.
- Stinger leverages GTI File Online reputation and runs network heuristics at Medium degree by default. If you pick “” High”” or “” Very High,”” McAfee Labs recommends that you set the “” On risk detection”” activity to “” Report”” just for the initial check.
For more information about GTI File Reputation see the adhering to KB short articles
KB 53735 – FAQs for International Risk Intelligence File Reputation
KB 60224 – How to validate that GTI Data Reputation is installed appropriately
KB 65525 – Identification of generically identified malware (Global Danger Knowledge discoveries)
At site stiner.exe from Our Articles
Frequently Asked Questions
Q: I know I have an infection, however Stinger did not discover one. Why is this?
A: Stinger is not a replacement for a full anti-virus scanner. It is just made to identify and also get rid of certain risks.
Q: Stinger discovered an infection that it couldn'’ t fixing. Why is this? A: This is probably due to Windows System Bring back capability having a lock on the infected file. Windows/XP/Vista/ 7 users should disable system restore before scanning.
Q: Where is the check log conserved as well as exactly how can I see them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB and the logs are displayed as listing with time stamp, clicking the log documents name opens the documents in the HTML layout.
Q: Where are the Quarantine files stored?
A: The quarantine data are stored under C: \ Quarantine \ Stinger.
Q: What is the “” Hazard List”” option under Advanced food selection made use of for?
A: The Risk Checklist supplies a list of malware that Stinger is set up to detect. This listing does not include the arise from running a check.
Q: Are there any type of command-line parameters offered when running Stinger?
A: Yes, the command-line parameters are presented by mosting likely to the assistance food selection within Stinger.
Q: I ran Stinger and also now have a Stinger.opt documents, what is that?
A: When Stinger runs it creates the Stinger.opt documents that conserves the existing Stinger setup. When you run Stinger the following time, your previous setup is used as long as the Stinger.opt file remains in the exact same directory as Stinger.
Q: Stinger upgraded components of VirusScan. Is this anticipated habits?
A: When the Rootkit scanning option is picked within Stinger preferences –– VSCore documents (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will certainly be updated to 15.x. These documents are installed just if more recent than what'’ s on the system and also is required to check for today’& rsquo; s generation of more recent rootkits. If the rootkit scanning option is impaired within Stinger –– the VSCore update will not occur.
Q: Does Stinger do rootkit scanning when deployed by means of ePO?
A: We’& rsquo; ve disabled rootkit scanning in the Stinger-ePO package to limit the vehicle update of VSCore elements when an admin deploys Stinger to hundreds of devices. To allow rootkit scanning in ePO mode, please use the adhering to parameters while checking in the Stinger bundle in ePO:
— reportpath=%temp%– rootkit
For comprehensive instructions, please describe KB 77981
Q: What versions of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, View SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Furthermore, Stinger calls for the maker to have Internet Traveler 8 or above.
Q: What are the needs for Stinger to execute in a Success PE setting?
A: While producing a custom-made Windows PE photo, include support for HTML Application elements using the instructions supplied in this walkthrough.
Q: How can I obtain assistance for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no guarantees concerning this product.
Q: Exactly how can I add custom-made detections to Stinger?
A: Stinger has the choice where an individual can input upto 1000 MD5 hashes as a customized blacklist. During a system check, if any data match the customized blacklisted hashes – the documents will certainly obtain detected and erased. This attribute is supplied to help power customers who have actually isolated a malware example(s) for which no discovery is offered yet in the DAT files or GTI File Track Record. To utilize this function:
- From the Stinger interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be found either via the Go into Hash switch or click the Lots hash Checklist button to indicate a text file having MD5 hashes to be consisted of in the check. SHA1, SHA 256 or various other hash types are unsupported.
- During a check, documents that match the hash will certainly have a discovery name of Stinger!<
>. Complete dat repair service is applied on the spotted file.
- Data that are electronically signed using a legitimate certification or those hashes which are currently marked as clean in GTI Data Online reputation will not be found as part of the custom-made blacklist. This is a security attribute to avoid users from unintentionally erasing documents.
Q: Just how can run Stinger without the Genuine Protect element getting set up?
A: The Stinger-ePO bundle does not implement Actual Protect. In order to run Stinger without Real Protect getting mounted, implement Stinger.exe