Select Page

McAfee Stinger is a standalone utility used to detect and remove certain viruses. It detects and eliminates threats identified under the”Threat List” option under Advanced menu choices in the Stinger program.

McAfee Stinger now finds and eliminates GameOver Zeus and CryptoLocker.

How can you use Stinger?

  1. Download the latest version of Stinger.
  2. When prompted, choose to save the document to a suitable location in your hard diskdrive, like the Desktop folder.
  3. Once the downloading is complete, browse to the folder that includes the downloaded Stinger record, and execute it.
  4. The Stinger interface will be displayed.
  5. By default, Stinger scans for running processes, loaded modules, registry, WMI and directory locations known to be used by malware onto a system to maintain scan times minimal. If necessary, click the”Customize my scan” link to include additional drives/directories for your scan.
  6. Stinger has the capacity to scan targets of Rootkits, which isn’t enabled by default.
  7. Click the Scan button to start scanning the given drives/directories.
  8. Stinger Requires GTI File Reputation and conducts community heuristics at Moderate level . If you choose”High” or”Very High,” McAfee Labs recommends you place the”On threat detection” actions to”Report” only for the initial scan.

    Q: I understand I have a virus, however, Stinger didn’t find one. Why is this?
    An: Stinger isn’t a substitute for a full anti-virus scanner. It is only designed to detect and remove certain threats.

    Q: Stinger discovered a virus it couldn’t repair. What’s this?
    A: That is probably because of Windows System Restore functionality having a lock to the infected file. Windows/XP/Vista/7 consumers should disable system restore before scanning.

    Q: how Where is the scan log stored and how do I see them?
    Within Stinger, navigate to the log TAB and the logs are all displayed as list of the time stamp, clicking on the log file name opens the document from the HTML format.

    Q: Which are the Quarantine files saved?
    A: The quarantine documents are stored under C:\Quarantine\Stinger.

    Q: What is your”Threat List” option under Advanced menu used for?
    This listing does not contain the results from running a scan.

    Q: Are there any command-line parameters available when conducting Stinger?
    A: Yes, even the command-line parameters are exhibited by going to the help menu in Stinger.

    Q: I conducted Stinger and now have a Stinger.opt file, what is that?
    A: When Stinger runs it creates the Stinger.opt file which saves the existing Stinger configuration. After you operate Stinger the second time, your prior configuration is employed as long as the Stinger.opt file is in precisely the identical directory as Stinger.

    Is this expected behaviour?
    A: When the Rootkit scanning alternative is chosen within Stinger tastes — VSCore documents (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be updated to 15.x. These files are installed only if newer than what’s on the machine and is required to scan for the current creation of newer rootkits. In case the rootkit scanning option is disabled inside Stinger — the VSCore update will not happen.

    Q: Can Stinger perform rootkit scanning when deployed through ePO?
    A: We’ve disabled rootkit scanning at the Stinger-ePO package to set a limit on the auto update of VSCore components once an admin deploys Stinger to thousands of machines. To enable rootkit scanning in ePO manner, please use these parameters while assessing in the Stinger package in ePO:

    –reportpath=%yolk% –rootkit

    For detailed instructions, please refer to KB 77981

    Q: What versions of Windows are encouraged by Stinger?
    A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Moreover, Stinger requires the machine to have Internet Explorer 8 or above.

    Q: Which are the prerequisites for Stinger to perform at a Win PE environment?
    A: whilst developing a custom Windows PE image, add support to HTML Application components utilizing the directions supplied within this walkthrough.

    Q: How can I get service for Stinger?
    A: Stinger is not a supported program. McAfee Labs makes no guarantees about this item.

    Q: How do I add custom detections to Stinger?
    A: Stinger has the option where a user may input upto 1000 MD5 hashes as a custom blacklist. Throughout a system scan, if any files fit the habit blacklisted hashes – that the files will get detected and deleted. This feature is provided to help power users that have isolated a malware sample(s) that no detection can be found however in the DAT documents or GTI File Reputation. SHA1, SHA 256 or other hash types are jobless.

  9. During a scan, files which fit the hash will have a detection name of Stinger! . Full dat fix is applied on the detected file.
  10. Documents that are digitally signed with a valid certification or people hashes which are marked as clean in GTI File Reputation won’t be detected as a member of their custom made blacklist. This is a safety feature to prevent customers from accidentally deleting files.

you can find more here from Our Articles

Q: How How can run Stinger without the Actual Protect component becoming installed?
A: The Stinger-ePO package doesn’t fulfill Actual Protect. To Be Able to run Stinger with no Real Protect becoming installed, do Stinger.exe –ePO