It’s not a substitute for full antivirus protection, but also a specialized instrument to assist administrators and users when dealing with contaminated system. Stinger uses next-generation scanning technologies, including rootkit scanning, and scan performance optimizations.
McAfee Stinger now detects and removes GameOver Zeus and CryptoLocker.
How do you use Stinger?
Q: I understand I have a virus, but Stinger didn’t detect one. What’s this?
A: Stinger isn’t a substitute for a full anti-virus scanner. It’s only supposed to detect and remove certain threats.
Q: Stinger found a virus that it couldn’t fix. Why is this?
A: That is probably due to Windows System Restore performance having a lock onto the infected file. Windows/XP/Vista/7 users should disable system restore before scanning.
Q: Where’s the scan log saved and how do I see them?
Inside Stinger, navigate to the log TAB along with the logs will be displayed as listing with time stamp, clicking onto the log file name opens the document from the HTML format.
Q: Where are the Quarantine files saved?
A: The quarantine documents are saved under C:\Quarantine\Stinger.
Q: What is your”Threat List” option under Advanced menu used for?
A: The Threat List provides a listing of malware which Stinger is configured to detect. This listing doesn’t include the results from running a scan.
Q: Why Are there some command-line parameters accessible when running Stinger?
A: Yes, even the command-line parameters have been exhibited by going to the help menu within Stinger.
Q: I conducted Stinger and finally have a Stinger.opt record, what is that?
A: When Stinger conducts it generates the Stinger.opt document that saves the existing Stinger configuration. When you run Stinger the second time, your previous configuration is used provided that the Stinger.opt document is in the same directory as Stinger.
Q: Stinger updated parts of VirusScan. Is this expected behaviour?
A: as soon as the Rootkit scanning alternative is selected within Stinger preferences — VSCore documents (mfehidk.sys & mferkdet.sys) on a McAfee endpoint is going to be updated to 15.x. These files are set up only if newer than what’s about the system and is required to scan for today’s creation of newer rootkits. In case the rootkit scanning alternative is disabled inside Stinger — that the VSCore update will not happen.
Q: How Can Stinger perform rootkit scanning when installed via ePO?
A: We have disabled rootkit scanning in the Stinger-ePO package to restrict the vehicle upgrade of VSCore components when an admin deploys Stinger to tens of thousands of machines. To enable rootkit scanning in ePO manner, please use the following parameters while assessing in the Stinger bundle in ePO:
Q: How What versions of Windows are encouraged by Stinger?
Furthermore, Stinger demands the device to get Internet Explorer 8 or over.
Q: What are the requirements for Stinger to perform at a Win PE surroundings?
A: when creating a custom Windows PE image, add support for HTML Application parts utilizing the instructions provided within this walkthrough.
Q: How How do I get support for Stinger?
An: Stinger is not a supported program. McAfee Labs makes no guarantees relating to this product.
Q: How do I add customized detections to Stinger?
A: Stinger gets the option where a user may enter upto 1000 MD5 hashes as a custom blacklist. During a system scan, if any files match the custom blacklisted hashes – that the files will get deleted and noticed. This feature is provided to help power users who have isolated an malware sample(s) that no detection is available yet from the DAT files or GTI File Reputation. SHA1, SHA 256 or other hash types are jobless.
Q: How do conduct Stinger without the Real Protect component becoming installed?
A: The Stinger-ePO package does not execute Real Protect. To Be Able to operate Stinger with no Real Protect getting installed, do Stinger.exe –ePO