McAfee Stinger is a standalone energy utilized to find and also remove details infections. It’& rsquo; s not a substitute for complete anti-viruses defense, but a specialized tool to help administrators and also users when taking care of infected system. Stinger uses next-generation scan innovation, including rootkit scanning, and check efficiency optimizations. It discovers as well as gets rid of dangers determined under the «» Threat List»» choice under Advanced menu choices in the Stinger application.

McAfee Stinger currently spots and removes GameOver Zeus as well as CryptoLocker.

How do you make use of Stinger?

  1. Download the latest version of Stinger.
  2. When prompted, pick to conserve the file to a convenient location on your hard disk, such as your Desktop folder.
  3. When the download is full, browse to the folder that contains the downloaded and install Stinger documents, as well as run it.
  4. The Stinger interface will certainly be shown.
  5. By default, Stinger scans for running processes, filled components, computer registry, WMI and directory places known to be used by malware on a device to maintain check times marginal. If required, click the «» Personalize my scan»» link to add additional drives/directories to your check.
  6. Stinger has the capacity to scan targets of Rootkits, which is not made it possible for by default.
  7. Click the Check button to start checking the specified drives/directories.
  8. By default, Stinger will certainly repair any infected documents it discovers.
  9. Stinger leverages GTI Documents Reputation and also runs network heuristics at Tool degree by default. If you select «» High»» or «» Extremely High,»» McAfee Labs advises that you establish the «» On threat discovery»» action to «» Report»» just for the first check.

    For more information about GTI Documents Reputation see the following KB write-ups

    KB 53735 – Frequently Asked Questions for International Hazard Knowledge File Credibility

    KB 60224 – Exactly how to verify that GTI Documents Credibility is set up correctly

    KB 65525 – Identification of generically found malware (Global Hazard Knowledge detections)

Read about stinger anit virus At website

Frequently Asked Questions

Q: I understand I have a virus, however Stinger did not spot one. Why is this?
A: Stinger is not a replacement for a complete anti-virus scanner. It is just developed to find and get rid of specific dangers.

Q: Stinger discovered an infection that it couldn'’ t repair. Why is this? A: This is most likely as a result of Windows System Bring back functionality having a lock on the infected documents. Windows/XP/Vista/ 7 customers ought to disable system bring back prior to scanning.

Q: Where is the scan log saved and how can I watch them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB and the logs are displayed as list with time stamp, clicking the log data name opens up the documents in the HTML format.

Q: Where are the Quarantine files stored?
A: The quarantine documents are stored under C: \ Quarantine \ Stinger.

Q: What is the «» Danger Listing»» alternative under Advanced menu made use of for?
A: The Threat List supplies a listing of malware that Stinger is configured to find. This listing does not have the arise from running a check.

Q: Exist any command-line parameters readily available when running Stinger?
A: Yes, the command-line criteria are displayed by going to the aid menu within Stinger.

Q: I ran Stinger and now have a Stinger.opt file, what is that?
A: When Stinger runs it creates the Stinger.opt data that conserves the existing Stinger configuration. When you run Stinger the next time, your previous setup is made use of as long as the Stinger.opt data is in the exact same directory as Stinger.

Q: Stinger updated parts of VirusScan. Is this anticipated behavior?
A: When the Rootkit scanning alternative is selected within Stinger choices –– VSCore files (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will certainly be upgraded to 15.x. These data are installed just if newer than what'’ s on the system and is required to check for today’& rsquo; s generation of newer rootkits. If the rootkit scanning choice is disabled within Stinger –– the VSCore upgrade will certainly not occur.

Q: Does Stinger execute rootkit scanning when deployed by means of ePO?
A: We’& rsquo; ve handicapped rootkit scanning in the Stinger-ePO bundle to restrict the automobile update of VSCore parts when an admin releases Stinger to thousands of machines. To allow rootkit scanning in ePO setting, please make use of the complying with criteria while signing in the Stinger package in ePO:

— reportpath=%temp%– rootkit

For in-depth directions, please describe KB 77981

Q: What variations of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, View SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. On top of that, Stinger needs the maker to have Web Traveler 8 or above.

Q: What are the demands for Stinger to implement in a Win PE environment?
A: While creating a custom-made Windows PE image, add support for HTML Application elements making use of the guidelines supplied in this walkthrough.

Q: Exactly how can I obtain support for Stinger?
A: Stinger is not a sustained application. McAfee Labs makes no guarantees about this item.

Q: How can I include customized detections to Stinger?
A: Stinger has the option where a user can input upto 1000 MD5 hashes as a custom blacklist. Throughout a system check, if any documents match the personalized blacklisted hashes – the data will obtain spotted as well as removed. This feature is supplied to aid power users that have separated a malware sample(s) for which no discovery is available yet in the DAT data or GTI Data Reputation. To leverage this function:

  1. From the Stinger user interface goto the Advanced–> > Blacklist tab.
  2. Input MD5 hashes to be identified either using the Go into Hash switch or click the Load hash Checklist switch to point to a text file consisting of MD5 hashes to be included in the check. SHA1, SHA 256 or various other hash kinds are unsupported.
  3. Throughout a check, data that match the hash will have a detection name of Stinger!<>. Full dat repair service is used on the identified file.
  4. Files that are digitally authorized utilizing a legitimate certification or those hashes which are currently noted as tidy in GTI Documents Track record will not be discovered as part of the customized blacklist. This is a security feature to stop customers from mistakenly removing files.

Q: How can run Stinger without the Genuine Protect element obtaining set up?
A: The Stinger-ePO bundle does not carry out Genuine Protect. In order to run Stinger without Real Protect obtaining set up, carry out Stinger.exe