How to Use Stinger

It is not a substitute for full antivirus protection, but an specialized instrument to assist administrators and users when dealing with infected system. Stinger uses next-generation scan technology, such as rootkit scanning, and scan performance optimizations. It finds and removes threats identified below the”Threat List” option under Advanced menu options in the Stinger application.

McAfee Stinger now detects and removes GameOver Zeus and CryptoLocker.

How do you utilize Stinger?

  1. Download the most recent version of Stinger.
  2. Once prompted, choose to save the file to a suitable location on your hard disk, such as the Desktop folder.
  3. When the downloading is complete, navigate to the folder that includes the downloaded Stinger document, and execute it.
  4. The Stinger interface will be shown.
  5. By default, Stinger scans for conducting procedures, loaded modules, registry, WMI and directory locations known to be used by malware onto a system to maintain scan times minimal. If necessary, click on the”Customize my scanning” link to include additional drives/directories to a scan.
  6. Stinger has the capability to scan goals of Rootkits, which is not enabled by default.
  7. Click the Scan button to start scanning the specified drives/directories.
  8. Stinger leverages GTI File Reputation and operates network heuristics at Medium level by default. If you choose”High” or”Very High,” McAfee Labs recommends that you put the”On hazard detection” activity to”Report” only for the initial scan.To Find out More about GTI File Reputation watch the following KB articlesKB 53735 – FAQs for Worldwide Threat Intelligence File ReputationKB 60224 – The best way to confirm that GTI File Reputation is installed properlyKB 65525 – Identification of generically found malware (International Threat Intelligence detections)

Join Us website

Frequently Asked Questions

Q: I know I have a virus, however, Stinger didn’t find one. What’s this?
An: Stinger is not a replacement for a full anti virus scanner. It’s simply supposed to find and remove certain threats.

Q: Stinger discovered a virus that it could not repair. What’s this?
A: That is most likely due to Windows System Restore performance having a lock on the infected document. Windows/XP/Vista/7 users must disable system restore before scanning.

Q: How Where is your scan log stored and how do I view them?
Inside Stinger, browse to the log TAB along with the logs are all displayed as record of time stamp, clicking onto the log file name opens the document from the HTML format.

Q: How Which would be the Quarantine files saved?
A: The quarantine files are saved under C:\Quarantine\Stinger.

Q: What is your”Threat List” option under Advanced menu employed for?
A: The Threat List provides a listing of malware that Stinger is configured to discover. This listing doesn’t contain the results from running a scan.

Q: Are there any command-line parameters accessible when conducting Stinger?
A: Yes, the command-line parameters are exhibited by going to the help menu inside Stinger.

Q: I ran Stinger and finally have a Stinger.opt file, what is that?
A: When Stinger conducts it creates the Stinger.opt document which saves the recent Stinger configuration. After you conduct Stinger the next time, your prior configuration is employed as long as the Stinger.opt file is in exactly the same directory as Stinger.

Q: Stinger updated parts of VirusScan. Is this expected behavior?
A: as soon as the Rootkit scanning option is chosen within Stinger tastes — VSCore documents (mfehidk.sys & mferkdet.sys) on a McAfee endpoint will be upgraded to 15.x. These documents are set up only if newer than what’s about the system and is required to scan for the current creation of newer rootkits. In case the rootkit scanning alternative is disabled in Stinger — that the VSCore update will not occur.

Q: Can Stinger work rootkit scanning when installed through ePO?
A: We have disabled rootkit scanning at the Stinger-ePO bundle to restrict the auto update of VSCore components as soon as an admin deploys Stinger to tens of thousands of machines. To Allow rootkit scanning in ePO manner, please use these parameters while checking in the Stinger package in ePO:

–reportpath=%temp% –rootkit

Q: What versions of Windows are encouraged by Stinger?
Furthermore, Stinger requires the device to get Web Explorer 8 or over.

Q: Which are the prerequisites for Stinger to execute at a Win PE surroundings?
A: While developing a custom Windows PE image, add support to HTML Application components utilizing the instructions given in this walkthrough.

Q: How do I obtain support for Stinger?
A: Stinger isn’t a supported application. McAfee Labs makes no warranties concerning this item.

Q: how How can I add custom made detections to Stinger?
A: Stinger has the option where a user can input upto 1000 MD5 hashes as a custom made blacklist. Throughout a system scan, if any documents match the custom blacklisted hashes – that the files will get deleted and noticed. This feature is provided to help power users that have isolated a malware sample(s) for which no detection is available yet from the DAT documents or GTI File Reputation.Input MD5 hashes to be discovered either through the Enter Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be included in the scanning.During a scan, all files that fit the hash is going to have detection name of Stinger! . Total dat repair is put on the detected file.Files that are digitally signed with a valid certificate or people hashes that are already marked as blank in GTI File Reputation will not be detected as a member of the customized blacklist. This is a security feature to prevent users from accidentally deleting files.

Q: How How can run Stinger with no Actual Protect component becoming installed?
A: The Stinger-ePO package doesn’t fulfill Actual Protect. So as to run Stinger without Real Protect becoming installed, execute Stinger.exe –ePO