How to Utilize Stinger

McAfee Stinger is a standalone utility used to detect and remove certain viruses. Stinger uses next-generation scan technology, including rootkit scanning, and scan performance optimizations.

McAfee Stinger now finds and removes GameOver Zeus and CryptoLocker.

How can you utilize Stinger?

  1. Download the most recent version of Stinger.
  2. When prompted, choose to save the file to a convenient place on your hard diskdrive, such as the Desktop folder.
  3. Once the downloading is complete, navigate to the folder which includes the downloaded Stinger document, and run it.
  4. The Stinger interface will be shown. If needed, click on the”Customize my scanning” link to include extra drives/directories to a scan.
  5. Stinger has the capability to scan goals of Rootkits, which isn’t allowed by default.
  6. Click the Scan button to begin scanning the specified drives/directories.
  7. By default, Stinger will repair any infected files it finds.
  8. Stinger leverages GTI File Reputation and operates community heuristics at Moderate level by default. If you select”High” or”Very High,” McAfee Labs recommends that you put the”On threat detection” activity to”Report” only for the first scan.

    Q: I know I have a virus, however, Stinger didn’t find one. Why is this?
    An: Stinger is not a substitute for a full anti-virus scanner. It’s just supposed to find and remove specific threats.

    Q: Stinger discovered a virus that it couldn’t repair.Join Us website Why is this?
    A: That is most likely because of Windows System Restore functionality using a lock onto the infected document. Windows/XP/Vista/7 users must disable system restore prior to scanning.

    Q: how Where’s your scanning log stored and how can I see them?
    Inside Stinger, browse into the log TAB and the logs have been displayed as list of the time stamp, clicking onto the log file name opens the file from the HTML format.

    Q: Where would be the Quarantine files saved?

    Q: What is your”Threat List” option under Advanced menu employed for?
    A: The Threat List provides a list of malware that Stinger has been configured to discover. This listing doesn’t contain the results of running a scan.

    Q: Are there some command-line parameters available when running Stinger?
    A: Yes, the command-line parameters are exhibited by going to the help menu inside Stinger.

    Q: I ran Stinger and finally have a Stinger.opt file, what is that?
    A: When Stinger runs it creates the Stinger.opt document that saves the existing Stinger configuration. After you run Stinger the second time, your previous configuration is utilized as long as the Stinger.opt document is in the same directory as Stinger.

    Q: Stinger updated components of VirusScan. Is this expected behavior?
    A: as soon as the Rootkit scanning option is chosen within Stinger preferences — VSCore documents (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be upgraded to 15.x. These documents are installed only if newer than what’s on the machine and is needed to scan for today’s generation of newer rootkits. In the event the rootkit scanning alternative is disabled within Stinger — that the VSCore update will not happen.

    Q: How Does Stinger perform rootkit scanning when deployed via ePO?
    A: We have disabled rootkit scanning from the Stinger-ePO bundle to set a limit on the auto update of VSCore components as soon as an admin deploys Stinger to thousands of machines. To Allow rootkit scanning in ePO manner, please use these parameters while assessing in the Stinger bundle in ePO:

    –reportpath=%yolk% –rootkit

    For detailed instructions, please refer to KB 77981

    Q: How What versions of Windows are backed by Stinger?
    A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Additionally, Stinger requires the device to get Internet Explorer 8 or above.

    Q: What are the requirements for Stinger to do at a Win PE surroundings?
    A: whilst creating a custom Windows PE image, add support to HTML Application parts utilizing the directions offered in this walkthrough.

    Q: How How do I get help for Stinger?
    An: Stinger isn’t a supported program. McAfee Labs makes no warranties relating to this product.

    Q: How do I add custom detections to Stinger?
    A: Stinger has the option where a user can enter upto 1000 MD5 hashes as a customized blacklist. Throughout a system scan, even if any documents fit the custom blacklisted hashes – that the documents will get detected and deleted. This feature is provided to assist power users who have isolated a malware sample(s) that no detection is available however from the DAT files or GTI File Reputation. To leverage this attribute:

    1. From the Stinger port goto the Advanced –> Blacklist tab.
    2. Input MD5 hashes to be detected either via the Enter Hash button or click on the Load hash List button to point to a text file containing MD5 hashes to be included in the scanning. SHA1, SHA 256 or other hash types are jobless.
    3. During a scan, files that fit the hash is going to have detection title of Stinger! . Full dat fix is used on the detected file.
    4. Files which are digitally signed with a valid certification or people hashes that are marked as blank from GTI File Reputation will not be detected as part of the customized blacklist. This is a security feature to prevent customers from accidentally deleting documents.

    Q: How can conduct Stinger without the Actual Protect component getting installed?
    A: The Stinger-ePO package does not fulfill Actual Protect. To Be Able to conduct Stinger with no Real Protect getting installed, execute Stinger.exe –ePO

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Main Menu