How to Utilize Stinger

Stinger uses next-generation scanning technologies, including rootkit scanning, and scan performance optimizations.

McAfee Stinger now finds and eliminates GameOver Zeus and CryptoLocker.

How can you use Stinger?

  1. Download the most recent version of Stinger.
  2. Once prompted, choose to save the file to a suitable place in your hard disk, such as your Desktop folder.
  3. Once the downloading is complete, navigate to the folder that comprises the downloaded Stinger record, and execute it.
  4. The Stinger interface will be displayed. If necessary, click the”Customize my scanning” link to add extra drives/directories to a scan.
  5. Stinger has the capacity to scan targets of Rootkits, which isn’t allowed by default.
  6. Click on the Scan button to start scanning the specified drives/directories.
  7. By default, Stinger will repair any infected files that it finds.
  8. Stinger Requires GTI File Reputation and operates network heuristics at Medium level by default. If you choose”High” or”Very High,” McAfee Labs recommends you place the”On threat detection” activity to”Report” just for the first scan.

    Q: I know I have a virus, however, Stinger didn’t find one. Why is this?
    An: Stinger is not a replacement for an entire anti virus scanner. It is just designed to find and remove certain threats.

    Q: Stinger found a virus it couldn’t fix. What’s this?
    A: That is most likely because of Windows System Restore functionality using a lock on the infected document.At site stinger deutsch from Our Articles Windows/XP/Vista/7 consumers must disable system restore prior to scanning.

    Q: how Where is your scan log stored and how do I view them?
    A: By default the log file is saved in where Stinger.exe is run. Within Stinger, browse into the log TAB along with the logs are all displayed as list with time stamp, clicking on the log file name opens the file from the HTML format.

    Q: How Where are the Quarantine documents stored?

    This listing does not contain the results from running a scan.

    Q: Why Are there some command-line parameters accessible when running Stinger?
    A: Yes, even the command-line parameters have been shown by going to the help menu within Stinger.

    Q: I conducted Stinger and finally have a Stinger.opt file, what is that?
    A: When Stinger conducts it creates the Stinger.opt document which saves the current Stinger configuration. After you run Stinger the second time, your previous configuration is utilized provided that the Stinger.opt file is in exactly the identical directory as Stinger.

    Is this expected behaviour?
    A: whenever the Rootkit scanning alternative is chosen within Stinger preferences — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be upgraded to 15.x. These documents are set up only if newer than what’s on the system and is required to scan for the current creation of newer rootkits. If the rootkit scanning option is disabled within Stinger — the VSCore update won’t happen.

    Q: How Does Stinger work rootkit scanning when installed through ePO?
    A: We have disabled rootkit scanning at the Stinger-ePO package to set a limit on the auto update of VSCore parts as soon as an admin deploys Stinger to tens of thousands of machines. To Allow rootkit scanning in ePO manner, please use the following parameters while assessing in the Stinger package in ePO:

    –reportpath=%yolk% –rootkit

    Q: What versions of Windows are supported by Stinger?
    Moreover, Stinger requires the system to get Internet Explorer 8 or above.

    Q: Which are the prerequisites for Stinger to perform in a Win PE surroundings?
    A: While developing a custom Windows PE image, add support to HTML Application components using the instructions offered within this walkthrough.

    Q: How do I get help for Stinger?
    A: Stinger is not a supported program. McAfee Labs makes no guarantees relating to this product.

    Q: how How can I add custom detections to Stinger?
    A: Stinger has the option where a user may enter upto 1000 MD5 hashes as a custom blacklist. During a system scan, even if any files match the habit blacklisted hashes – that the documents will get deleted and noticed. This feature is provided to help power users that have isolated an malware sample(s) for which no detection can be found yet from the DAT documents or GTI File Reputation. To leverage this attribute:

    1. In the Stinger interface goto the Advanced –> Blacklist tab.
    2. Input MD5 hashes to be detected either through the Enter Hash button or click on the Load hash List button to point to a text file containing MD5 hashes to be contained in the scan.
    3. During a scan, all files which fit the hash is going to have detection title of Stinger! . Complete dat repair is used on the found file.
    4. Files which are digitally signed using a valid certification or those hashes which are marked as blank in GTI File Reputation will not be detected as a member of the custom blacklist. This is a safety feature to prevent customers from accidentally deleting files.

    Q: How How can conduct Stinger without the Actual Protect component becoming installed?
    A: The Stinger-ePO bundle does not execute Real Protect. So as to operate Stinger with no Real Protect becoming installed, execute Stinger.exe –ePO