McAfee Stinger is a standalone energy made use of to detect and eliminate details infections. It’& rsquo; s not an alternative to complete anti-viruses defense, but a specialized device to aid administrators as well as individuals when taking care of infected system. Stinger uses next-generation scan innovation, consisting of rootkit scanning, and also check performance optimizations. It finds and gets rid of dangers recognized under the “” Hazard Checklist”” option under Advanced food selection options in the Stinger application.
McAfee Stinger now detects and eliminates GameOver Zeus and CryptoLocker.
Just how do you use Stinger?
- Download the most recent variation of Stinger.
- When prompted, pick to conserve the file to a convenient area on your hard disk, such as your Desktop folder.
- When the download is total, navigate to the folder that contains the downloaded Stinger file, and run it.
- The Stinger user interface will be shown.
- By default, Stinger checks for running processes, loaded modules, computer registry, WMI and directory areas understood to be utilized by malware on an equipment to maintain check times marginal. If required, click the “” Customize my check”” web link to include additional drives/directories to your scan.
- Stinger has the capability to check targets of Rootkits, which is not enabled by default.
- Click the Check button to begin scanning the defined drives/directories.
- By default, Stinger will certainly repair any type of infected data it finds.
- Stinger leverages GTI File Reputation and also runs network heuristics at Tool level by default. If you select “” High”” or “” Extremely High,”” McAfee Labs suggests that you establish the “” On threat discovery”” action to “” Record”” just for the very first check.
To learn more about GTI Data Reputation see the complying with KB write-ups
KB 53735 – Frequently Asked Questions for International Hazard Knowledge Documents Reputation
KB 60224 – How to verify that GTI File Reputation is installed correctly
KB 65525 – Recognition of generically detected malware (Global Risk Knowledge detections)
you can find more here stnger.exe from Our Articles
Frequently Asked Questions
Q: I recognize I have a virus, yet Stinger did not discover one. Why is this?
A: Stinger is not an alternative to a complete anti-virus scanner. It is just developed to identify as well as remove details hazards.
Q: Stinger found an infection that it couldn'’ t repair. Why is this? A: This is probably due to Windows System Restore functionality having a lock on the infected data. Windows/XP/Vista/ 7 users need to disable system bring back before scanning.
Q: Where is the check log saved and also just how can I watch them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, browse to the log TAB as well as the logs are shown as listing with time stamp, clicking on the log documents name opens the file in the HTML format.
Q: Where are the Quarantine submits stored?
A: The quarantine documents are kept under C: \ Quarantine \ Stinger.
Q: What is the “” Hazard Checklist”” alternative under Advanced menu made use of for?
A: The Risk Checklist supplies a listing of malware that Stinger is configured to detect. This checklist does not have the arise from running a scan.
Q: Are there any command-line criteria readily available when running Stinger?
A: Yes, the command-line specifications are displayed by mosting likely to the help food selection within Stinger.
Q: I ran Stinger as well as currently have a Stinger.opt documents, what is that?
A: When Stinger runs it creates the Stinger.opt file that saves the current Stinger configuration. When you run Stinger the following time, your previous arrangement is used as long as the Stinger.opt documents remains in the same directory as Stinger.
Q: Stinger upgraded parts of VirusScan. Is this anticipated behavior?
A: When the Rootkit scanning option is picked within Stinger preferences –– VSCore data (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will certainly be upgraded to 15.x. These data are mounted only if more recent than what'’ s on the system and also is needed to scan for today’& rsquo; s generation of more recent rootkits. If the rootkit scanning alternative is handicapped within Stinger –– the VSCore update will not take place.
Q: Does Stinger do rootkit scanning when released using ePO?
A: We’& rsquo; ve handicapped rootkit scanning in the Stinger-ePO plan to limit the automobile update of VSCore parts when an admin releases Stinger to thousands of makers. To make it possible for rootkit scanning in ePO setting, please utilize the complying with parameters while signing in the Stinger package in ePO:
— reportpath=%temp%– rootkit
For comprehensive directions, please refer to KB 77981
Q: What variations of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, Panorama SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. In addition, Stinger needs the maker to have Net Traveler 8 or above.
Q: What are the requirements for Stinger to implement in a Win PE atmosphere?
A: While producing a custom Windows PE photo, include support for HTML Application parts utilizing the guidelines offered in this walkthrough.
Q: Just how can I get assistance for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no warranties concerning this item.
Q: Just how can I add custom-made detections to Stinger?
A: Stinger has the choice where a customer can input upto 1000 MD5 hashes as a custom-made blacklist. During a system check, if any type of data match the customized blacklisted hashes – the documents will certainly get identified as well as erased. This feature is supplied to help power individuals who have actually separated a malware example(s) for which no discovery is readily available yet in the DAT files or GTI File Reputation. To take advantage of this function:
- From the Stinger user interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be discovered either via the Enter Hash switch or click the Lots hash Listing button to point to a text file consisting of MD5 hashes to be consisted of in the check. SHA1, SHA 256 or various other hash types are in need of support.
- Throughout a scan, data that match the hash will certainly have a detection name of Stinger!<>. Full dat fixing is applied on the found data.
- Files that are digitally authorized utilizing a valid certificate or those hashes which are currently marked as clean in GTI Documents Online reputation will not be discovered as part of the personalized blacklist. This is a security function to prevent customers from accidentally removing files.
Q: Just how can run Stinger without the Real Protect part getting installed?
A: The Stinger-ePO bundle does not implement Real Protect. In order to run Stinger without Real Protect obtaining installed, carry out Stinger.exe