How to Use Stinger

McAfee Stinger is a standalone utility used to detect and remove certain viruses. Stinger uses next-generation scan technology, such as rootkit scanning, and scan performance optimizations. It finds and eliminates threats identified under the”Threat List” option under Advanced menu choices in the Stinger application.

McAfee Stinger now finds and removes GameOver Zeus and CryptoLocker.

How do you utilize Stinger?

  1. Download the most recent version of Stinger.
  2. When prompted, choose to save the file to a convenient place in your hard diskdrive, such as your Desktop folder.
  3. Once the downloading is complete, browse to the folder that contains the downloaded Stinger file, and execute it.
  4. By default, Stinger scans for running procedures, loaded modules, registry, WMI and directory locations known to be employed by malware to a machine to maintain scan times minimum. If needed, click on the”Customize my scanning” link to include additional drives/directories for your scan.
  5. Stinger has the ability to scan targets of Rootkits, which is not allowed by default.
  6. Click on the Scan button to start scanning the given drives/directories.
  7. By default, Stinger will repair any infected files that it finds.
  8. Stinger Requires GTI File Reputation and conducts system heuristics at Moderate level by default. If you choose”High” or”Very High,” McAfee Labs recommends that you put the”On threat detection” activity to”Report” only for the first scan.follow the link At our site

    Q: I understand I have a virus, however, Stinger didn’t find one. Why is this?
    A: Stinger is not a substitute for an entire anti virus scanner. It is just designed to find and remove certain threats.

    Q: Stinger found a virus it couldn’t repair. Why is this?
    A: That is most likely because of Windows System Restore performance using a lock onto the infected file. Windows/XP/Vista/7 consumers must disable system restore before scanning.

    Q: How Where’s the scan log stored and how do I view them?
    A: By default the log file is stored from where Stinger.exe is run. Inside Stinger, browse to the log TAB and the logs will be displayed as listing with the time stamp, clicking onto the log file name opens the file in the HTML format.

    Q: Which would be the Quarantine files saved?
    A: The quarantine documents are saved under C:\Quarantine\Stinger.

    A: The Threat List provides a listing of malware which Stinger has been configured to discover. This listing doesn’t comprise the results of running a scan.

    Q: Are there some command-line parameters available when running Stinger?
    A: Yes, even the command-line parameters are exhibited by going to the help menu in Stinger.

    Q: I conducted Stinger and finally have a Stinger.opt file, what’s that?
    A: When Stinger runs it creates the Stinger.opt record which saves the existing Stinger configuration. After you conduct Stinger the second time, your previous configuration is employed as long as the Stinger.opt file is in precisely the exact same directory as Stinger.

    Q: Stinger updated parts of VirusScan. Is this expected behaviour?
    A: When the Rootkit scanning option is chosen within Stinger preferences — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be upgraded to 15.x. These documents are installed only if newer than what’s on the system and is needed to scan for the current generation of newer rootkits. In the event the rootkit scanning option is disabled within Stinger — the VSCore upgrade won’t happen.

    Q: How Can Stinger perform rootkit scanning when installed through ePO?
    A: We’ve disabled rootkit scanning at the Stinger-ePO package to set a limit on the vehicle upgrade of VSCore parts when an admin deploys Stinger to tens of thousands of machines. To enable rootkit scanning in ePO style, please use the following parameters while assessing in the Stinger bundle in ePO:

    –reportpath=%yolk% –rootkit

    For detailed instructions, please refer to KB 77981

    Q: What versions of Windows are encouraged by Stinger?
    Furthermore, Stinger demands the system to have Web Explorer 8 or above.

    Q: What are the prerequisites for Stinger to do at a Win PE environment?
    A: when creating a custom Windows PE picture, add support for HTML Application parts utilizing the directions provided within this walkthrough.

    Q: How How can I get service for Stinger?
    An: Stinger isn’t a supported program. McAfee Labs makes no warranties about this product.

    Q: how How do I add custom detections into Stinger?
    A: Stinger has the choice where a user can input upto 1000 MD5 hashes as a customized blacklist. During a system scan, if any documents fit the habit blacklisted hashes – the documents will get detected and deleted. This feature is provided to help power users who have isolated an malware sample(s) for which no detection can be found however in the DAT files or GTI File Reputation. To leverage this feature:

    1. In the Stinger port goto the Advanced –> Blacklist tab.
    2. During a scan, documents which fit the hash will have a detection title of Stinger! . Full dat fix is put on the found file.
    3. Documents that are digitally signed with a valid certification or people hashes which are already marked as blank in GTI File Reputation won’t be detected as a member of their custom made blacklist. This is a safety feature to prevent users from accidentally deleting files.

    Q: How How can conduct Stinger without the Real Protect component becoming installed?
    A: The Stinger-ePO bundle does not execute Real Protect. So as to operate Stinger with no Real Protect becoming installed, do Stinger.exe –ePO