How to Use Stinger

McAfee Stinger is a standalone utility used to detect and remove certain viruses. Stinger uses next-generation scanning technologies, including rootkit scanning, and scan performance optimizations.

McAfee Stinger now detects and eliminates GameOver Zeus and CryptoLocker.

How do you use Stinger?

  1. Download the latest version of Stinger.
  2. When prompted, choose to save the document to a convenient location in your hard disk, such as your Desktop folder.
  3. Once the downloading is complete, navigate to the folder that includes the downloaded Stinger document, and execute it. If necessary, click the”Customize my scanning” link to include extra drives/directories for a scan.
  4. Stinger has the ability to scan targets of Rootkits, which is not enabled by default.
  5. Click on the Scan button to start scanning the specified drives/directories.
  6. By default, Stinger will repair any infected files that it finds.
  7. Stinger leverages GTI File Reputation and operates network heuristics at Moderate level by default. If you select”High” or”Very High,” McAfee Labs recommends you place the”On threat detection” activity to”Report” only for the first scan.

    Q: I know I have a virus, but Stinger did not find one. What’s this?
    An: Stinger is not a replacement for a full anti-virus scanner. It is just supposed to find and remove certain threats.

    Q: Stinger found a virus it could not fix. Why is this?
    A: That is probably because of Windows System Restore functionality using a lock onto the infected file. Windows/XP/Vista/7 consumers should disable system restore before scanning.

    Q: how Where’s the scanning log stored and how can I view them?
    Inside Stinger, navigate to the log TAB and the logs have been displayed as list with time stamp, clicking onto the log file name opens the file in the HTML format.

    Q: Which are the Quarantine documents saved?
    A: The quarantine files are stored under C:\Quarantine\Stinger.

    Q: what’s your”Threat List” option under Advanced menu utilized for?
    This list does not comprise the results of running a scan.

    Q: Are there any command-line parameters available when conducting Stinger?
    A: Yes, even the command-line parameters are exhibited by going to the help menu inside Stinger.

    Q: I ran Stinger and now have a Stinger.opt file, what’s that?
    A: When Stinger runs it generates the Stinger.opt record that saves the existing Stinger configuration. After you operate Stinger the next time, your previous configuration is utilized provided that the Stinger.opt document is in precisely the identical directory as Stinger.

    Is this expected behavior?
    A: When the Rootkit scanning option is chosen within Stinger tastes — VSCore documents (mfehidk.sys & mferkdet.sys) to a McAfee endpoint is going to be upgraded to 15.x. These documents are set up only if newer than what’s on the system and is required to scan for the current creation of newer rootkits. In the event the rootkit scanning alternative is disabled within Stinger — the VSCore update won’t happen.

    Q: Can Stinger perform rootkit scanning when deployed via ePO?
    A: We’ve disabled rootkit scanning at the Stinger-ePO bundle to restrict the auto update of VSCore parts when an admin deploys Stinger to thousands of machines. To Allow rootkit scanning in ePO mode, please use these parameters while checking in the Stinger bundle in ePO:

    –reportpath=%yolk% –rootkit

    Q: What versions of Windows are backed by Stinger?
    Moreover, Stinger demands the system to get Web Explorer 8 or over.

    Q: What are the requirements for Stinger to execute in a Win PE environment?
    A: While developing a custom Windows PE image, add support to HTML Application components utilizing the directions offered within this walkthrough.

    Q: How can I obtain assistance for Stinger?
    An: Stinger is not a supported program. McAfee Labs makes no warranties about this product.

    Q: how How do I add custom made detections to Stinger?
    A: Stinger has the choice where a user may enter upto 1000 MD5 hashes as a customized blacklist. Throughout a system scan, even if any documents fit the habit blacklisted hashes – that the documents will get deleted and noticed. This attribute is provided to help power users that have isolated an malware sample(s) that no detection can be found yet from the DAT files or GTI File Reputation.

  8. Input MD5 hashes to be discovered either through the Enter Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be contained in the scan. SHA1, SHA 256 or other hash kinds are unsupported.
  9. During a scan, all documents that fit the hash will have a detection title of Stinger! . Total dat repair is applied on the file.
  10. Files which are digitally signed using a valid certificate or those hashes that are marked as clean from GTI File Reputation won’t be detected as part of their custom blacklist. This is a safety feature to prevent customers from accidentally deleting documents.

read about it stinger 64 from Our Articles

Q: How How do run Stinger without the Real Protect component becoming installed?
A: The Stinger-ePO package does not fulfill Actual Protect. To Be Able to operate Stinger with no Real Protect becoming installed, execute Stinger.exe –ePO

Leave a Reply