How to Utilize Stinger

It’s not a substitute for full antivirus protection, however, a specialized instrument to assist administrators and users when dealing with infected system. Stinger uses next-generation scanning technologies, such as rootkit scanning, and scan performance optimizations.

McAfee Stinger now finds and removes GameOver Zeus and CryptoLocker.

How do you utilize Stinger?

  1. Download the latest version of Stinger.
  2. Once prompted, choose to save the file to a suitable place on your hard disk, like your Desktop folder.
  3. When the downloading is complete, navigate to the folder which includes the downloaded Stinger document, and run it.
  4. By default, Stinger scans for conducting processes, loaded modules, registry, WMI and directory locations known to be employed by malware onto a system to keep scan times minimal. If necessary, click on the”Customize my scan” link to include additional drives/directories for your scan.
  5. Stinger has the capability to scan targets of Rootkits, which is not enabled by default.
  6. Click on the Scan button to begin scanning the given drives/directories.
  7. By default, Stinger will repair any infected files it finds.
  8. Stinger leverages GTI File Reputation and runs network heuristics at Medium level by default. If you choose”High” or”Very High,” McAfee Labs recommends you place the”On threat detection” actions to”Report” only for the first scan.

    Q: I know I have a virus, but Stinger didn’t find one. What’s this?
    An: Stinger is not a replacement for an entire anti-virus scanner. It’s simply designed to detect and remove specific threats.

    Q: Stinger discovered a virus that it could not fix. What’s this?
    A: That is probably due to Windows System Restore performance having a lock to the infected document. Windows/XP/Vista/7 users must disable system restore prior to scanning.

    Q: How Where is the scanning log stored and how do I view them?
    A: By default the log file is stored from where Stinger.exe is run. Inside Stinger, browse to the log TAB and the logs are displayed as record of the time stamp, clicking on the log file name opens the document in the HTML format.

    Q: How Which would be the Quarantine files saved?
    A: The quarantine files are stored under C:\Quarantine\Stinger.

    Q: what’s the”Threat List” option under Advanced menu used for?
    A: The Threat List provides a listing of malware which Stinger has been configured to detect. This list does not include the results from running a scan.

    Q: Are there any command-line parameters available when running Stinger?
    A: Yes, the command-line parameters are displayed by going to the help menu within Stinger.

    Q: I conducted Stinger and now have a Stinger.opt record, what is that?
    A: When Stinger runs it generates the Stinger.opt record that saves the current Stinger configuration. After you operate Stinger the second time, your prior configuration is used as long as the Stinger.opt file is in precisely the exact same directory as Stinger.

    Is this expected behaviour?
    A: When the Rootkit scanning option is chosen within Stinger preferences — VSCore documents (mfehidk.sys & mferkdet.sys) on a McAfee endpoint will be upgraded to 15.x. These documents are installed only if newer than what’s about the machine and is needed to scan for the current creation of newer rootkits. If the rootkit scanning alternative is disabled within Stinger — that the VSCore upgrade won’t occur.

    Q: Does Stinger work rootkit scanning when deployed through ePO?
    A: We’ve disabled rootkit scanning in the Stinger-ePO package to set a limit on the auto update of VSCore components as soon as an admin deploys Stinger to tens of thousands of machines. To enable rootkit scanning in ePO mode, please use the following parameters while assessing in the Stinger bundle in ePO:

    –reportpath=%yolk% –rootkit

    For detailed instructions, please refer to KB 77981

    Q: What versions of Windows are backed by Stinger?
    A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. In addition, Stinger requires the device to get Web Explorer 8 or over.

    Q: What are the prerequisites for Stinger to do at a Win PE surroundings?
    A: While creating a custom Windows PE picture, add support to HTML Application components utilizing the instructions provided in this walkthrough.

    Q: How How do I get assistance for Stinger?
    An: Stinger isn’t a supported program. McAfee Labs makes no guarantees relating to this item.

    Q: how How can I add customized detections to Stinger?
    A: Stinger gets the choice where a user may enter upto 1000 MD5 hashes as a custom blacklist. Throughout a system scan, if any documents match the habit blacklisted hashes – the documents will get detected and deleted. This attribute is provided to help power users who have isolated a malware sample(s) that no detection is available yet in the DAT documents or GTI File Reputation.

  9. Input MD5 hashes to be discovered either through the Enter Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be included in the scan. SHA1, SHA 256 or other hash kinds are jobless.
  10. During a scan, all files that match the hash will have a detection title of Stinger! . Total dat fix is applied on the detected file.
  11. Files that are digitally signed using a valid certification or those hashes that are marked as clean in GTI File Reputation will not be detected as part of the custom blacklist. This is a safety feature to prevent users from accidentally deleting files.

At site mcaffee stinger from Our Articles

Q: How do conduct Stinger with no Real Protect component getting installed?
A: The Stinger-ePO package doesn’t fulfill Actual Protect. So as to operate Stinger with no Real Protect getting installed, do Stinger.exe –ePO

How to Utilize Stinger

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top