McAfee Stinger is a standalone energy made use of to spot and also remove details infections. It’& rsquo; s not a substitute for complete anti-viruses security, however a specialized device to help managers and also customers when managing infected system. Stinger utilizes next-generation scan modern technology, consisting of rootkit scanning, and also check performance optimizations. It identifies and also removes threats determined under the «» Threat Listing»» choice under Advanced menu choices in the Stinger application.
McAfee Stinger currently discovers and gets rid of GameOver Zeus and also CryptoLocker.
Exactly how do you make use of Stinger?
- Download and install the current variation of Stinger.
- When motivated, select to conserve the data to a convenient place on your hard disk, such as your Desktop computer folder.
- When the download is complete, navigate to the folder that contains the downloaded Stinger file, as well as run it.
- The Stinger user interface will be shown.
- By default, Stinger checks for running processes, loaded components, pc registry, WMI as well as directory site areas known to be used by malware on an equipment to keep check times marginal. If essential, click the «» Tailor my check»» link to add additional drives/directories to your scan.
- Stinger has the capability to scan targets of Rootkits, which is not allowed by default.
- Click the Scan switch to start scanning the defined drives/directories.
- By default, Stinger will certainly repair any kind of infected data it discovers.
- Stinger leverages GTI Data Reputation and also runs network heuristics at Tool degree by default. If you select «» High»» or «» Extremely High,»» McAfee Labs suggests that you set the «» On risk detection»» action to «» Report»» just for the very first check.
For more information regarding GTI Data Online reputation see the adhering to KB articles
KB 53735 – Frequently Asked Questions for Worldwide Danger Knowledge File Credibility
KB 60224 – Just how to validate that GTI File Credibility is mounted correctly
KB 65525 – Recognition of generically spotted malware (International Risk Intelligence detections)
Read about s_t_i_n_g_e_r.exe At website
Frequently Asked Questions
Q: I understand I have an infection, but Stinger did not detect one. Why is this?
A: Stinger is not an alternative to a full anti-virus scanner. It is just made to detect and get rid of certain dangers.
Q: Stinger found a virus that it couldn'’ t fixing. Why is this? A: This is most likely because of Windows System Recover performance having a lock on the infected data. Windows/XP/Vista/ 7 individuals need to disable system recover prior to scanning.
Q: Where is the check log conserved as well as how can I view them?
A: By default the log documents is saved from where Stinger.exe is run. Within Stinger, browse to the log TAB and the logs are shown as checklist with time stamp, clicking on the log data name opens up the file in the HTML format.
Q: Where are the Quarantine files kept?
A: The quarantine documents are saved under C: \ Quarantine \ Stinger.
Q: What is the «» Threat List»» choice under Advanced food selection utilized for?
A: The Danger Listing gives a checklist of malware that Stinger is set up to discover. This list does not contain the results from running a check.
Q: Are there any kind of command-line parameters readily available when running Stinger?
A: Yes, the command-line criteria are presented by mosting likely to the help food selection within Stinger.
Q: I ran Stinger and currently have a Stinger.opt data, what is that?
A: When Stinger runs it creates the Stinger.opt file that conserves the present Stinger setup. When you run Stinger the next time, your previous configuration is made use of as long as the Stinger.opt documents is in the exact same directory site as Stinger.
Q: Stinger upgraded elements of VirusScan. Is this expected behavior?
A: When the Rootkit scanning option is chosen within Stinger choices –– VSCore data (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be upgraded to 15.x. These data are installed just if more recent than what'’ s on the system and is required to scan for today’& rsquo; s generation of more recent rootkits. If the rootkit scanning option is impaired within Stinger –– the VSCore update will certainly not occur.
Q: Does Stinger do rootkit scanning when deployed through ePO?
A: We’& rsquo; ve impaired rootkit scanning in the Stinger-ePO bundle to limit the automobile upgrade of VSCore components when an admin releases Stinger to thousands of equipments. To enable rootkit scanning in ePO mode, please use the complying with parameters while checking in the Stinger plan in ePO:
— reportpath=%temperature%– rootkit
For comprehensive guidelines, please refer to KB 77981
Q: What variations of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, View SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. In addition, Stinger calls for the device to have Internet Traveler 8 or above.
Q: What are the needs for Stinger to perform in a Victory PE environment?
A: While creating a custom-made Windows PE image, add support for HTML Application elements making use of the guidelines offered in this walkthrough.
Q: How can I obtain support for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no guarantees about this item.
Q: How can I add personalized detections to Stinger?
A: Stinger has the alternative where a user can input upto 1000 MD5 hashes as a custom blacklist. Throughout a system scan, if any files match the custom blacklisted hashes – the data will certainly get discovered and deleted. This function is provided to help power individuals that have separated a malware sample(s) for which no discovery is offered yet in the DAT files or GTI Documents Reputation. To take advantage of this function:
- From the Stinger interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be spotted either through the Enter Hash button or click the Tons hash Checklist button to point to a text file consisting of MD5 hashes to be consisted of in the scan. SHA1, SHA 256 or other hash types are in need of support.
- Throughout a scan, files that match the hash will certainly have a detection name of Stinger!<
>. Full dat repair is applied on the spotted data.
- Documents that are electronically authorized utilizing a valid certificate or those hashes which are already marked as clean in GTI Data Reputation will certainly not be discovered as part of the customized blacklist. This is a security feature to stop users from accidentally erasing documents.
Q: Just how can run Stinger without the Actual Protect part obtaining mounted?
A: The Stinger-ePO bundle does not carry out Actual Protect. In order to run Stinger without Real Protect obtaining mounted, execute Stinger.exe