McAfee Stinger is a standalone utility used to detect and remove specific viruses. It finds and removes threats identified below the”Threat List” option under Advanced menu choices in the Stinger application.

McAfee Stinger now finds and removes GameOver Zeus and CryptoLocker.

How can you use Stinger?
  • Once prompted, choose to save the file to a convenient location on your hard diskdrive, such as your Desktop folder.
  • When the downloading is complete, navigate to the folder that includes the downloaded Stinger document, and run it. If necessary, click on the”Customize my scan” link to add extra drives/directories for a scan.
  • Stinger has the capability to scan goals of Rootkits, which is not enabled by default.
  • Click on the Scan button to begin scanning the given drives/directories.
  • Stinger Requires GTI File Reputation and runs system heuristics at Medium level . If you select”High” or”Very High,” McAfee Labs recommends that you set the”On threat detection” activity to”Report” only for the first scan.

    Q: I know I have a virus, but Stinger didn’t find one. Why is this?
    An: Stinger isn’t a replacement for a full anti virus scanner. It is only designed to detect and remove specific threats.

    Q: Stinger found a virus that it couldn’t repair. Why is this?
    A: This is most likely due to Windows System Restore functionality having a lock onto the infected document. Windows/XP/Vista/7 users must disable system restore before scanning.

    Q: Where is the scanning log saved and how can I view them?
    A: By default the log file is stored in where Stinger.exe is conducted. Within Stinger, navigate to the log TAB along with the logs are displayed as list of the time stamp, clicking onto the log file name opens the document from the HTML format.

    Q: How Which would be the Quarantine files saved?

    Q: What is the”Threat List” option under Advanced menu used for?
    This listing doesn’t comprise the results of running a scan.

    Q: Why Are there any command-line parameters accessible when conducting Stinger?
    A: Yes, even the command-line parameters are displayed by going to the help menu in Stinger.

    Q: I conducted Stinger and now have a Stinger.opt file, what’s that?
    A: When Stinger conducts it generates the Stinger.opt file that saves the current Stinger configuration. After you conduct Stinger the next time, your previous configuration is utilized provided that the Stinger.opt file is in exactly the same directory as Stinger.

    Is this expected behaviour?
    A: When the Rootkit scanning option is chosen within Stinger tastes — VSCore documents (mfehidk.sys & mferkdet.sys) to a McAfee endpoint is going to be updated to 15.x. These files are set up only if newer than what’s on the system and is required to scan for the current generation of newer rootkits. In the event the rootkit scanning option is disabled inside Stinger — the VSCore upgrade won’t occur.

    Q: How Can Stinger work rootkit scanning when deployed via ePO?
    A: We’ve disabled rootkit scanning at the Stinger-ePO package to limit the auto update of VSCore parts when an admin deploys Stinger to tens of thousands of machines. To enable rootkit scanning in ePO style, please utilize the following parameters while assessing in the Stinger bundle in ePO:

    –reportpath=%yolk% –rootkit

    For detailed directions, please refer to KB 77981

    Q: What versions of Windows are supported by Stinger?
    Additionally, Stinger demands the machine to get Internet Explorer 8 or above.

    Q: Which are the prerequisites for Stinger to execute at a Win PE surroundings?
    A: whilst developing a custom Windows PE image, add support for HTML Application parts using the directions supplied within this walkthrough.

    Q: How How can I obtain assistance for Stinger?
    A: Stinger is not a supported application. McAfee Labs makes no guarantees concerning this product.

    Q: How do I add customized detections into Stinger?
    A: Stinger gets the option where a user may enter upto 1000 MD5 hashes as a custom blacklist. Throughout a system scan, even if any documents fit the habit blacklisted hashes – that the files will get deleted and detected. This feature is provided to assist power users who have isolated an malware sample(s) for which no detection is available yet from the DAT files or GTI File Reputation.

  • Input MD5 hashes to be detected either through the Input Hash button or click on the Load hash List button to point to a text file containing MD5 hashes to be included in the scanning.
  • During a scan, all documents which fit the hash is going to have detection title of Stinger! . Complete dat fix is used on the found file.
  • Files that are digitally signed using a valid certification or those hashes that are already marked as clean from GTI File Reputation will not be detected as part of their customized blacklist. This is a security feature to prevent customers from accidentally deleting documents.
  • Read more stinger.exe At website Articles

    Q: How can conduct Stinger without the Actual Protect component becoming installed?
    A: The Stinger-ePO package doesn’t fulfill Actual Protect. To Be Able to operate Stinger without Real Protect becoming installed, execute Stinger.exe –ePO