It detects and removes threats identified below the”Threat List” option under Advanced menu choices in the Stinger program.
McAfee Stinger now finds and eliminates GameOver Zeus and CryptoLocker.
How do you utilize Stinger?
- Download the most recent version of Stinger.
- When prompted, choose to save the document to a convenient place on your hard disk, such as the Desktop folder.
- Once the download is complete, navigate to the folder that comprises the downloaded Stinger record, and execute it.
- The Stinger interface will be displayed.
- By default, Stinger scans for running procedures, loaded modules, registry, WMI and directory locations known to be used by malware onto a machine to keep scan times minimum. If needed, click the”Customize my scan” link to add extra drives/directories to your scan.
- Stinger has the capacity to scan targets of Rootkits, which isn’t allowed by default.
- Click on the Scan button to begin scanning the given drives/directories.
- Stinger Requires GTI File Reputation and conducts network heuristics at Moderate level by default. If you select”High” or”Very High,” McAfee Labs recommends you put the”On threat detection” action to”Report” only for the initial scan.
To Find out More about GTI File Reputation visit the following KB articles
KB 53735 – FAQs for International Threat Intelligence File Reputation
KB 60224 – The best way to confirm that GTI File Reputation is installed properly
KB 65525 – Identification of generically found malware (Global Threat Intelligence detections)
Read about mcafee stinger At website
Frequently Asked Questions
Q: I understand I have a virus, but Stinger didn’t detect one. What’s this?
A: Stinger isn’t a replacement for a full anti virus scanner. It is simply supposed to detect and remove specific threats.
Q: Stinger discovered a virus that it couldn’t fix. Why is this?
A: This is most likely due to Windows System Restore functionality having a lock on the infected document. Windows/XP/Vista/7 consumers should disable system restore before scanning.
Q: Where is your scan log stored and how can I view them?
Within Stinger, navigate into the log TAB and the logs will be displayed as list of the time stamp, clicking on the log file name opens the file from the HTML format.
Q: Which are the Quarantine files saved?
This listing does not include the results from running a scan.
Q: Why Are there any command-line parameters accessible when conducting Stinger?
A: Yes, even the command-line parameters have been exhibited by going to the help menu inside Stinger.
Q: I ran Stinger and now have a Stinger.opt file, what is that?
A: When Stinger runs it generates the Stinger.opt record which saves the current Stinger configuration. When you conduct Stinger the second time, your prior configuration is used as long as the Stinger.opt document is in precisely the same directory as Stinger.
Q: Stinger updated components of VirusScan. Is this expected behavior?
A: whenever the Rootkit scanning alternative is selected within Stinger preferences — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be upgraded to 15.x. These files are set up only if newer than what’s on the system and is needed to scan for today’s generation of newer rootkits. If the rootkit scanning alternative is disabled within Stinger — that the VSCore upgrade will not occur.
Q: How Does Stinger perform rootkit scanning when installed through ePO?
A: We’ve disabled rootkit scanning in the Stinger-ePO bundle to set a limit on the vehicle upgrade of VSCore components as soon as an admin deploys Stinger to thousands of machines. To Allow rootkit scanning in ePO manner, please use the following parameters while assessing in the Stinger bundle in ePO:
–reportpath=%temp% –rootkit
For detailed directions, please refer to KB 77981
Q: What versions of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Additionally, Stinger demands the system to have Web Explorer 8 or above.
Q: What are the prerequisites for Stinger to do in a Win PE surroundings?
A: whilst creating a custom Windows PE image, add support to HTML Application components using the instructions offered within this walkthrough.
Q: How How can I get support for Stinger?
A: Stinger is not a supported program. McAfee Labs makes no warranties relating to this product.
Q: how How do I add custom detections into Stinger?
A: Stinger gets the option where a user may enter upto 1000 MD5 hashes as a customized blacklist. During a system scan, even if any files fit the habit blacklisted hashes – that the documents will get deleted and detected. This attribute is provided to assist power users who have isolated a malware sample(s) that no detection is available however in the DAT files or GTI File Reputation. To leverage this attribute:
- In the Stinger interface goto the Advanced –> Blacklist tab.
- Input MD5 hashes to be discovered either via the Input Signal Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be contained in the scanning.
- During a scan, all documents that match the hash is going to have detection name of Stinger! . Full dat repair is put on the file.
- Documents that are digitally signed with a valid certificate or those hashes that are marked as clean in GTI File Reputation will not be detected as part of the custom blacklist. This is a security feature to prevent users from accidentally deleting files.
Q: How How do run Stinger with no Real Protect component becoming installed?
A: The Stinger-ePO bundle does not execute Real Protect. So as to operate Stinger without Real Protect getting installed, execute Stinger.exe –ePO