McAfee Stinger is a standalone utility used to identify and eliminate certain infections. It’& rsquo; s not a replacement for full anti-viruses protection, but a specialized tool to aid managers and also users when dealing with contaminated system. Stinger makes use of next-generation check technology, consisting of rootkit scanning, as well as scan efficiency optimizations. It spots and also removes hazards determined under the “” Danger Checklist”” choice under Advanced menu choices in the Stinger application.
McAfee Stinger currently discovers and also removes GameOver Zeus as well as CryptoLocker.
How do you make use of Stinger?
- Download and install the latest version of Stinger.
- When prompted, select to conserve the file to a convenient location on your hard disk, such as your Desktop folder.
- When the download is total, browse to the folder that contains the downloaded and install Stinger file, and run it.
- The Stinger interface will certainly be shown.
- By default, Stinger checks for running processes, packed components, windows registry, WMI and directory areas known to be used by malware on a machine to maintain scan times minimal. If essential, click the “” Tailor my check”” link to include additional drives/directories to your check.
- Stinger has the capacity to check targets of Rootkits, which is not made it possible for by default.
- Click the Check button to start scanning the specified drives/directories.
- By default, Stinger will certainly repair any contaminated documents it discovers.
- Stinger leverages GTI File Credibility as well as runs network heuristics at Medium degree by default. If you pick “” High”” or “” Really High,”” McAfee Labs advises that you establish the “” On risk detection”” activity to “” Report”” only for the initial scan.
To read more regarding GTI File Track record see the complying with KB short articles
KB 53735 – Frequently Asked Questions for Global Danger Knowledge Documents Reputation
KB 60224 – Exactly how to verify that GTI Data Track record is mounted properly
KB 65525 – Identification of generically identified malware (International Risk Knowledge detections)
read about it mcafee stinger download from Our Articles
Frequently Asked Questions
Q: I recognize I have an infection, but Stinger did not spot one. Why is this?
A: Stinger is not a substitute for a complete anti-virus scanner. It is only made to discover and also get rid of particular risks.
Q: Stinger located an infection that it couldn'’ t repair. Why is this? A: This is most likely due to Windows System Restore functionality having a lock on the infected file. Windows/XP/Vista/ 7 individuals must disable system bring back before scanning.
Q: Where is the scan log saved and also exactly how can I view them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, browse to the log TAB and also the logs are shown as checklist with time stamp, clicking the log documents name opens the data in the HTML layout.
Q: Where are the Quarantine files saved?
A: The quarantine documents are saved under C: \ Quarantine \ Stinger.
Q: What is the “” Hazard Listing”” option under Advanced menu made use of for?
A: The Threat List offers a list of malware that Stinger is configured to discover. This list does not consist of the arise from running a check.
Q: Exist any command-line specifications available when running Stinger?
A: Yes, the command-line parameters are shown by mosting likely to the aid food selection within Stinger.
Q: I ran Stinger as well as currently have a Stinger.opt file, what is that?
A: When Stinger runs it produces the Stinger.opt documents that conserves the existing Stinger arrangement. When you run Stinger the next time, your previous setup is made use of as long as the Stinger.opt file remains in the same directory site as Stinger.
Q: Stinger upgraded elements of VirusScan. Is this expected habits?
A: When the Rootkit scanning alternative is selected within Stinger choices –– VSCore documents (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will certainly be updated to 15.x. These documents are installed just if newer than what'’ s on the system and also is needed to scan for today’& rsquo; s generation of more recent rootkits. If the rootkit scanning choice is disabled within Stinger –– the VSCore upgrade will certainly not happen.
Q: Does Stinger perform rootkit scanning when deployed via ePO?
A: We’& rsquo; ve disabled rootkit scanning in the Stinger-ePO bundle to restrict the auto update of VSCore elements when an admin deploys Stinger to hundreds of makers. To enable rootkit scanning in ePO setting, please utilize the adhering to parameters while signing in the Stinger plan in ePO:
— reportpath=%temperature%– rootkit
For comprehensive guidelines, please describe KB 77981
Q: What variations of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, View SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. On top of that, Stinger requires the machine to have Net Explorer 8 or above.
Q: What are the requirements for Stinger to perform in a Win PE environment?
A: While creating a personalized Windows PE photo, add assistance for HTML Application components using the directions given in this walkthrough.
Q: Just how can I obtain support for Stinger?
A: Stinger is not a sustained application. McAfee Labs makes no guarantees concerning this item.
Q: Just how can I include custom detections to Stinger?
A: Stinger has the alternative where a user can input upto 1000 MD5 hashes as a personalized blacklist. Throughout a system check, if any documents match the customized blacklisted hashes – the data will certainly obtain identified as well as removed. This function is offered to assist power users that have actually separated a malware sample(s) for which no discovery is available yet in the DAT data or GTI Data Reputation. To take advantage of this attribute:
- From the Stinger interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be found either through the Enter Hash switch or click the Tons hash Checklist switch to indicate a text file containing MD5 hashes to be consisted of in the check. SHA1, SHA 256 or various other hash types are unsupported.
- During a scan, documents that match the hash will have a discovery name of Stinger!<
>. Full dat repair is used on the detected documents.
- Files that are electronically authorized utilizing a legitimate certification or those hashes which are already noted as tidy in GTI File Track record will not be detected as part of the customized blacklist. This is a security attribute to stop individuals from unintentionally removing data.
Q: Just how can run Stinger without the Real Protect component getting set up?
A: The Stinger-ePO bundle does not implement Genuine Protect. In order to run Stinger without Real Protect obtaining installed, perform Stinger.exe