McAfee Stinger is a standalone energy utilized to spot and also eliminate particular viruses. It’& rsquo; s not a substitute for complete antivirus defense, yet a specialized device to assist managers and also users when handling contaminated system. Stinger uses next-generation check technology, including rootkit scanning, as well as check performance optimizations. It detects and also gets rid of risks determined under the “” Threat List”” alternative under Advanced food selection options in the Stinger application.
McAfee Stinger now discovers as well as gets rid of GameOver Zeus and CryptoLocker.
Exactly how do you use Stinger?
- Download the most recent variation of Stinger.
- When triggered, select to conserve the file to a convenient place on your hard disk, such as your Desktop computer folder.
- When the download is full, navigate to the folder that contains the downloaded and install Stinger data, and run it.
- The Stinger user interface will be presented.
- By default, Stinger scans for running procedures, loaded modules, computer registry, WMI and also directory locations known to be made use of by malware on a maker to keep scan times minimal. If required, click the “” Tailor my check”” web link to include extra drives/directories to your scan.
- Stinger has the ability to scan targets of Rootkits, which is not allowed by default.
- Click the Check switch to begin scanning the specified drives/directories.
- By default, Stinger will certainly repair any kind of infected files it discovers.
- Stinger leverages GTI File Credibility and runs network heuristics at Tool level by default. If you choose “” High”” or “” Extremely High,”” McAfee Labs recommends that you set the “” On risk detection”” activity to “” Record”” just for the initial check.
To find out more regarding GTI Documents Track record see the following KB articles
KB 53735 – FAQs for International Risk Knowledge Documents Online Reputation
KB 60224 – Just how to confirm that GTI Documents Track record is set up appropriately
KB 65525 – Recognition of generically detected malware (International Hazard Knowledge detections)
Read more stiner.exe At website Articles
Frequently Asked Questions
Q: I recognize I have a virus, yet Stinger did not detect one. Why is this?
A: Stinger is not a substitute for a complete anti-virus scanner. It is just developed to identify and get rid of details hazards.
Q: Stinger located a virus that it couldn'’ t repair. Why is this? A: This is more than likely as a result of Windows System Recover functionality having a lock on the infected documents. Windows/XP/Vista/ 7 users must disable system bring back before scanning.
Q: Where is the scan log saved and just how can I watch them?
A: By default the log data is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB and the logs are shown as checklist with time stamp, clicking on the log file name opens the data in the HTML format.
Q: Where are the Quarantine files kept?
A: The quarantine data are saved under C: \ Quarantine \ Stinger.
Q: What is the “” Danger Listing”” option under Advanced food selection made use of for?
A: The Hazard Checklist supplies a checklist of malware that Stinger is configured to detect. This checklist does not have the results from running a scan.
Q: Exist any command-line parameters readily available when running Stinger?
A: Yes, the command-line criteria are shown by mosting likely to the aid food selection within Stinger.
Q: I ran Stinger and also now have a Stinger.opt data, what is that?
A: When Stinger runs it develops the Stinger.opt documents that conserves the existing Stinger configuration. When you run Stinger the following time, your previous setup is utilized as long as the Stinger.opt documents is in the same directory as Stinger.
Q: Stinger updated parts of VirusScan. Is this anticipated habits?
A: When the Rootkit scanning choice is picked within Stinger preferences –– VSCore documents (mfehidk.sys & & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These data are installed only if newer than what'’ s on the system and also is required to check for today’& rsquo; s generation of newer rootkits. If the rootkit scanning alternative is handicapped within Stinger –– the VSCore update will certainly not happen.
Q: Does Stinger do rootkit scanning when deployed through ePO?
A: We’& rsquo; ve handicapped rootkit scanning in the Stinger-ePO bundle to limit the vehicle upgrade of VSCore elements when an admin deploys Stinger to thousands of makers. To enable rootkit scanning in ePO mode, please make use of the adhering to specifications while checking in the Stinger package in ePO:
— reportpath=%temp%– rootkit
For comprehensive directions, please describe KB 77981
Q: What versions of Windows are sustained by Stinger?
A: Windows XP SP2, 2003 SP2, Panorama SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. On top of that, Stinger requires the machine to have Net Explorer 8 or above.
Q: What are the demands for Stinger to perform in a Win PE setting?
A: While producing a custom-made Windows PE image, add assistance for HTML Application elements making use of the instructions supplied in this walkthrough.
Q: Just how can I obtain assistance for Stinger?
A: Stinger is not a sustained application. McAfee Labs makes no warranties about this item.
Q: How can I add customized discoveries to Stinger?
A: Stinger has the alternative where an individual can input upto 1000 MD5 hashes as a custom-made blacklist. During a system check, if any type of data match the custom-made blacklisted hashes – the data will certainly obtain spotted and deleted. This function is given to aid power customers who have separated a malware sample(s) for which no discovery is readily available yet in the DAT files or GTI Data Track Record. To take advantage of this feature:
- From the Stinger user interface goto the Advanced–> > Blacklist tab.
- Input MD5 hashes to be detected either by means of the Go into Hash switch or click the Tons hash Listing button to point to a text file having MD5 hashes to be included in the check. SHA1, SHA 256 or other hash kinds are unsupported.
- During a scan, documents that match the hash will certainly have a discovery name of Stinger!<>. Complete dat fixing is applied on the spotted file.
- Data that are electronically signed utilizing a valid certification or those hashes which are already marked as tidy in GTI Documents Credibility will not be spotted as part of the personalized blacklist. This is a security attribute to avoid individuals from accidentally removing files.
Q: Exactly how can run Stinger without the Genuine Protect component obtaining set up?
A: The Stinger-ePO package does not execute Genuine Protect. In order to run Stinger without Real Protect obtaining set up, implement Stinger.exe