It is not a substitute for full antivirus protection, but a technical instrument to assist administrators and users when dealing with contaminated system. Stinger utilizes next-generation scanning technologies, including rootkit scanning, and scan performance optimizations.

McAfee Stinger now detects and eliminates GameOver Zeus and CryptoLocker.

How can you utilize Stinger?
  • Once prompted, choose to save the file to a suitable location on your hard disk, such as the Desktop folder.
  • Once the downloading is complete, navigate to the folder which contains the downloaded Stinger file, and execute it.
  • The Stinger interface will be shown. If needed, click the»Customize my scanning» link to include extra drives/directories to your scan.
  • Stinger has the capability to scan targets of Rootkits, which isn’t allowed by default.
  • Click the Scan button to start scanning the given drives/directories.
  • By default, Stinger will repair any infected files it finds.
  • Stinger Requires GTI File Reputation and operates community heuristics at Moderate level . If you choose»High» or»Very High,» McAfee Labs recommends that you put the»On threat detection» action to»Report» just for the initial scan.

    Q: I understand I have a virus, however, Stinger didn’t detect one. Why is this?
    A: Stinger isn’t a substitute for an entire anti virus scanner. It is just designed to find and remove certain link website

    Q: Stinger found a virus it couldn’t repair. What’s this?
    A: This is probably because of Windows System Restore performance having a lock onto the infected file. Windows/XP/Vista/7 users must disable system restore prior to scanning.

    Q: Where’s your scanning log saved and how can I see them?
    A: By default the log file is saved from where Stinger.exe is run. Within Stinger, browse into the log TAB and the logs are all displayed as listing with the time stamp, clicking onto the log file name opens the document from the HTML format.

    Q: How Where would be the Quarantine documents stored?

    Q: what’s the»Threat List» option under Advanced menu employed for?
    A: The Threat List provides a list of malware which Stinger has been configured to discover. This list doesn’t comprise the results from running a scan.

    Q: Are there some command-line parameters accessible when running Stinger?
    A: Yes, the command-line parameters are shown by going to the help menu within Stinger.

    Q: I ran Stinger and now have a Stinger.opt file, what is that?
    A: When Stinger conducts it creates the Stinger.opt file which saves the current Stinger configuration. After you conduct Stinger the next time, your prior configuration is used provided that the Stinger.opt document is in exactly the same directory as Stinger.

    Is this expected behavior?
    A: as soon as the Rootkit scanning option is chosen within Stinger preferences — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint will be updated to 15.x. These files are set up only if newer than what’s about the machine and is required to scan for the current generation of newer rootkits. In case the rootkit scanning alternative is disabled inside Stinger — the VSCore upgrade won’t occur.

    Q: Can Stinger work rootkit scanning when installed through ePO?
    A: We’ve disabled rootkit scanning from the Stinger-ePO bundle to set a limit on the vehicle upgrade of VSCore components when an admin deploys Stinger to tens of thousands of machines. To Allow rootkit scanning in ePO mode, please use the following parameters while checking in the Stinger bundle in ePO:

    —reportpath=%temp% —rootkit

    Q: What versions of Windows are supported by Stinger?
    A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Additionally, Stinger demands the machine to have Web Explorer 8 or above.

    Q: Which are the requirements for Stinger to do at a Win PE environment?
    A: when creating a custom Windows PE image, add support to HTML Application components utilizing the directions supplied within this walkthrough.

    Q: How How can I get service for Stinger?
    A: Stinger isn’t a supported application. McAfee Labs makes no warranties concerning this product.

    Q: How do I add custom detections into Stinger?
    A: Stinger has the choice where a user may input upto 1000 MD5 hashes as a custom made blacklist. Throughout a system scan, if any files fit the habit blacklisted hashes — the documents will get detected and deleted. This feature is provided to assist power users who have isolated a malware sample(s) that no detection is available yet from the DAT documents or GTI File Reputation. To leverage this feature:

    1. From the Stinger port goto the Advanced —> Blacklist tab.
    2. Input MD5 hashes to be discovered either via the Input Signal Hash button or click the Load hash List button to point to a text file containing MD5 hashes to be contained in the scanning. SHA1, SHA 256 or other hash kinds are unsupported.
    3. During a scan, documents which fit the hash will have a detection name of Stinger! . Full dat fix is used on the file.
    4. Files which are digitally signed using a valid certification or people hashes that are already marked as clean from GTI File Reputation won’t be detected as part of their customized blacklist. This is a safety feature to prevent users from accidentally deleting files.

    Q: How do run Stinger without the Actual Protect component becoming installed?
    A: The Stinger-ePO package does not execute Real Protect. In order to run Stinger with no Real Protect getting installed, execute Stinger.exe —ePO

  • Опубликовано в 1