McAfee Stinger is a standalone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but a specialized tool to assist administrators and users when dealing with infected system. Stinger utilizes next-generation scan technology, including rootkit scanning, and scan performance optimizations. It detects and removes threats identified under the "Threat List" option under Advanced menu options in the Stinger application.
Frequently Asked Questions
Q: I know I have a virus, but Stinger did not detect one. Why is this?
A: Stinger is not a substitute for a full anti-virus scanner. It is only designed to detect and remove specific threats.
Q: Stinger found a virus that it couldn't repair. Why is this?
A: This is most likely due to Windows System Restore functionality having a lock on the infected file. Windows/XP/Vista/7 users should disable system restore prior to scanning.
Q: Where is the scan log saved and how can I view them?
A: By default the log file is saved from where Stinger.exe is run. Within Stinger, navigate to the log TAB and the logs are displayed as list with time stamp, clicking on the log file name opens the file in the HTML format.
Q: Where are the Quarantine files stored?
A: The quarantine files are stored under C:\Quarantine\Stinger.
Q: What is the "Threat List" option under Advanced menu used for?
A: The Threat List provides a list of malware that Stinger is configured to detect. This list does not contain the results from running a scan.
Q: Are there any command-line parameters available when running Stinger?
A: Yes, the command-line parameters are displayed by going to the help menu within Stinger.
Q: I ran Stinger and now have a Stinger.opt file, what is that?
A: When Stinger runs it creates the Stinger.opt file that saves the current Stinger configuration. When you run Stinger the next time, your previous configuration is used as long as the Stinger.opt file is in the same directory as Stinger.
Q: Stinger updated components of VirusScan. Is this expected behavior?
A: When the Rootkit scanning option is selected within Stinger preferences – VSCore files (mfehidk.sys & mferkdet.sys) on a McAfee endpoint will be updated to 15.x. These files are installed only if newer than what's on the system and is needed to scan for today’s generation of newer rootkits. If the rootkit scanning option is disabled within Stinger– the VSCore update will not occur.
Q: Does Stinger perform rootkit scanning when deployed via ePO?
A: We’ve disabled rootkit scanning in the Stinger-ePO package to limit the auto update of VSCore components when an admin deploys Stinger to thousands of machines. To enable rootkit scanning in ePO mode, please use the following parameters while checking in the Stinger package in ePO:
For detailed instructions, please refer to KB77981
Q: What versions of Windows are supported by Stinger?
A: Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7 and 8. In addition, Stinger requires the machine to have Internet Explorer version 8 or above.
Q: What are the requirements for Stinger to execute in a Win PE environment?
A: While creating a custom Windows PE image, add support for HTML Application components using the instructions provided in this walkthrough.
Q: How can I get support for Stinger?
A: Stinger is not a supported application. McAfee Labs makes no guarantees about this product.
Q: Where can I send feedback to regarding Stinger?
A: Provide your feedback on the McAfee Community Forum page.