How to Utilize Stinger

McAfee Stinger is a standalone utility used to detect and remove specific viruses. Stinger utilizes next-generation scan technology, including rootkit scanning, and scan performance optimizations. It detects and eliminates threats identified under the”Threat List” option under Advanced menu options in the Stinger program.

McAfee Stinger now detects and eliminates GameOver Zeus and CryptoLocker.

How do you utilize Stinger?

  1. Download the most recent version of Stinger.
  2. When prompted, choose to save the document to a convenient place in your hard diskdrive, like your Desktop folder.
  3. Once the downloading is complete, browse to the folder which comprises the downloaded Stinger record, and execute it.
  4. The Stinger interface will be displayed.
  5. By default, Stinger scans for conducting processes, loaded modules, registry, WMI and directory places known to be used by malware on a system to maintain scan times minimum. If necessary, click on the”Customize my scanning” link to include extra drives/directories for your scan.
  6. Stinger has the ability to scan goals of Rootkits, which isn’t enabled by default.
  7. Click the Scan button to start scanning the given drives/directories.
  8. By default, Stinger will repair any infected files it finds.
  9. Stinger leverages GTI File Reputation and conducts system heuristics at Medium level . If you choose”High” or”Very High,” McAfee Labs recommends you put the”On hazard detection” activity to”Report” just for the initial scan.Join Us website

    Q: I know I have a virus, however, Stinger did not find one. Why is this?
    An: Stinger isn’t a replacement for a full anti-virus scanner. It is only supposed to find and remove specific threats.

    Q: Stinger discovered a virus it couldn’t repair. Why is this?
    A: This is probably because of Windows System Restore performance having a lock onto the infected file. Windows/XP/Vista/7 users must disable system restore prior to scanning.

    Q: how Where’s your scan log stored and how do I see them?
    Within Stinger, navigate to the log TAB along with the logs are all displayed as listing of time stamp, clicking on the log file name opens the file in the HTML format.

    Q: Where are the Quarantine documents saved?
    A: The quarantine documents are saved under C:\Quarantine\Stinger.

    Q: What is your”Threat List” option under Advanced menu employed for?
    A: The Threat List provides a list of malware which Stinger is configured to detect. This list does not comprise the results of running a scan.

    Q: Why Are there some command-line parameters accessible when conducting Stinger?
    A: Yes, the command-line parameters are shown by going to the help menu inside Stinger.

    Q: I conducted Stinger and finally have a Stinger.opt record, what is that?
    A: When Stinger runs it generates the Stinger.opt document which saves the recent Stinger configuration. When you run Stinger the second time, your previous configuration is utilized as long as the Stinger.opt document is in precisely the same directory as Stinger.

    Is this expected behaviour?
    A: When the Rootkit scanning alternative is selected within Stinger tastes — VSCore documents (mfehidk.sys & mferkdet.sys) on a McAfee endpoint is going to be upgraded to 15.x. These documents are installed only if newer than what’s on the system and is needed to scan for the current creation of newer rootkits. In case the rootkit scanning option is disabled inside Stinger — that the VSCore update won’t occur.

    Q: How Can Stinger perform rootkit scanning when installed via ePO?
    A: We have disabled rootkit scanning in the Stinger-ePO bundle to set a limit on the auto update of VSCore components once an admin deploys Stinger to tens of thousands of machines. To Allow rootkit scanning in ePO mode, please utilize these parameters while assessing in the Stinger package in ePO:

    –reportpath=%temp% –rootkit

    For detailed instructions, please refer to KB 77981

    Q: What versions of Windows are backed by Stinger?
    In addition, Stinger requires the machine to get Web Explorer 8 or over.

    Q: Which are the prerequisites for Stinger to do in a Win PE surroundings?
    A: While developing a custom Windows PE image, add support to HTML Application parts using the instructions provided in this walkthrough.

    Q: How How can I get help for Stinger?
    A: Stinger is not a supported application. McAfee Labs makes no guarantees about this item.

    Q: How How can I add custom detections to Stinger?
    A: Stinger gets the choice where a user may enter upto 1000 MD5 hashes as a custom blacklist. During a system scan, if any files match the custom blacklisted hashes – the files will get deleted and noticed. This attribute is provided to assist power users that have isolated a malware sample(s) that no detection is available however from the DAT documents or GTI File Reputation. To leverage this attribute:

    1. From the Stinger interface goto the Advanced –> Blacklist tab.
    2. Input MD5 hashes to be discovered either through the Input Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be contained in the scanning.
    3. During a scan, all files which fit the hash is going to have detection title of Stinger! . Complete dat repair is put on the detected file.
    4. Files which are digitally signed using a valid certification or those hashes that are marked as blank from GTI File Reputation won’t be detected as a member of the customized blacklist. This is a security feature to prevent users from accidentally deleting documents.

    Q: How can conduct Stinger without the Actual Protect component getting installed?
    A: The Stinger-ePO package doesn’t execute Real Protect. In order to operate Stinger with no Real Protect getting installed, do Stinger.exe –ePO

Leave a comment

Your email address will not be published. Required fields are marked *