Home 1 How to Utilize Stinger

How to Utilize Stinger

0
0

It detects and removes threats identified under the»Threat List» option under Advanced menu choices in the Stinger program.

McAfee Stinger now finds and eliminates GameOver Zeus and CryptoLocker.

How do you utilize Stinger?
  • When prompted, choose to save the document to a suitable place on your hard diskdrive, such as your Desktop folder.
  • Once the download is complete, browse to the folder that includes the downloaded Stinger file, and run it. If necessary, click on the»Customize my scan» link to include additional drives/directories to your scan.
  • Stinger has the capability to scan targets of Rootkits, which is not allowed by default.
  • Click on the Scan button to start scanning the specified drives/directories.
  • By default, Stinger will repair any infected files it finds.
  • Stinger Requires GTI File Reputation and operates network heuristics at Medium level . If you choose»High» or»Very High,» McAfee Labs recommends you place the»On hazard detection» actions to»Report» just for the initial scan.

    To learn more about GTI File Reputation watch the following KB articles

    KB 53735 — FAQs for International Threat Intelligence File Reputation

    KB 60224 — How to verify that GTI File Reputation is installed properly

    KB 65525 — Identification of generically found malware (Global Threat Intelligence detections)

  • Often Asked Questions

    Q: I understand I have a virus, however, Stinger did not detect one. Why is this?
    An: Stinger is not a substitute for an entire anti virus scanner. It’s only supposed to detect and remove specific threats.

    Q: Stinger found a virus that it could not repair. Why is this?
    A: This is probably due to Windows System Restore functionality using a lock onto the infected file. Windows/XP/Vista/7 users should disable system restore prior to scanning.

    Q: How Where’s your scanning log stored and how can I see them?
    Within Stinger, navigate into the log TAB and the logs are displayed as record of time stamp, clicking on the log file name opens the file in the HTML format.

    Q: Which are the Quarantine documents stored?

    This listing doesn’t include the results of running a scan.

    Q: Why Are there any command-line parameters available when conducting Stinger?
    A: Yes, the command-line parameters have been shown by going to the help menu in Stinger.

    Q: I ran Stinger and now have a Stinger.opt record, what is that?
    A: When Stinger conducts it creates the Stinger.opt record that saves the existing Stinger configuration. After you operate Stinger the next time, your previous configuration is utilized provided that the Stinger.opt file is in exactly the exact same directory as Stinger.

    Is this expected behavior?
    A: as soon as the Rootkit scanning option is selected within Stinger tastes — VSCore files (mfehidk.sys & mferkdet.sys) to a McAfee endpoint is going to be upgraded to 15.x. These documents are installed only if newer than what’s about the system and is required to scan for today’s generation of newer rootkits. In the event the rootkit scanning option is disabled inside Stinger — that the VSCore update won’t happen.

    Q: How Does Stinger work rootkit scanning when deployed via ePO?
    A: We’ve disabled rootkit scanning at the Stinger-ePO bundle to set a limit on the vehicle upgrade of VSCore components as soon as an admin deploys Stinger to tens of thousands of machines. To enable rootkit scanning in ePO style, please use the following parameters while checking in the Stinger package in ePO:

    —reportpath=%yolk% —rootkit

    For detailed directions, please refer to KB 77981

    Q: How What versions of Windows are encouraged by Stinger?
    A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7, 8, 10, 10, 2012, 2016, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2. Moreover, Stinger requires the system to get Web Explorer 8 or above.

    Q: Which are the requirements for Stinger to execute at a Win PE environment?
    A: when developing a custom Windows PE picture, add support to HTML Application components utilizing the directions given within this walkthrough.

    Q: How do I obtain help for Stinger?
    A: Stinger isn’t a supported application. McAfee Labs makes no warranties relating to this product.

    Q: How can I add custom made detections to Stinger?
    A: Stinger gets the choice where a user may input upto 1000 MD5 hashes as a customized blacklist. During a system scan, even if any files match the habit blacklisted hashes — that the files will get detected and deleted. This attribute is provided to help power users who have isolated an malware sample(s) that no detection is available yet from the DAT files or GTI File Reputation.

  • Input MD5 hashes to be detected either via the Input Hash button or click on the Load hash List button to point to a text file containing MD5 hashes to be included in the scanning. SHA1, SHA 256 or other hash kinds are jobless.
  • During a scan, files which match the hash is going to have detection name of Stinger! . Full dat fix is used on the found file.
  • Files that are digitally signed with a valid certificate or people hashes which are already marked as blank in GTI File Reputation won’t be detected as a member of their customized blacklist. This is a security feature to prevent customers from accidentally deleting documents.
  • Read about stinger exe At website

    Q: How How can conduct Stinger with no Actual Protect component getting installed?
    A: The Stinger-ePO package doesn’t fulfill Actual Protect. To Be Able to run Stinger without Real Protect becoming installed, do Stinger.exe —ePO

    Admin Уважаемые посетители, если у Вас возникли какие-либо вопросы, Вы можете их задать в комментариях. Мы обязательно Вам ответим в течении суток.

    Напишите свой комментарий

    Ваш e-mail не будет опубликован. Обязательные поля помечены *