Fight Malware With a Stinger Missile

Category: Anti-Virus

The “free virus scan” offer is a favorite hacker ploy to get unsuspecting victims to download and run malware disguised as security software. Such traps are so common that users are very reluctant to try any free anti-malware tool. But not every sheepskin contains a wolf. Here’s a bona fide, effective, and totally free anti-malware tool that you should know about...

What is McAfee Stinger?

Mcafee, of course, is one of the oldest and largest anti-malware developers. McAfee Stinger has been around since at least 2006, but it's still alive and well. A surprising number of people turned to Stinger in April 2014, when the Heartbleed vulnerability threw the world into a panic.

According to Mcafee, Stinger was run daily on more than 200,000 computers during the first week after Heartbleed hit the headlines. That daily use number plummeted to 50,000 the following week, indicating how quickly panic subsides.

But those numbers are impressive for a utility that isn’t marketed and isn’t even supported by its developer. Stinger must have something going for it; let’s see what that is.

McAfee Stinger

First, Stinger is not a vaccine that wards off malware; it is an antibiotic for killing infections you’ve already caught. So Stinger does not run constantly, chewing up system resources. It’s best to keep a copy of Stinger on a CD or USB stick along with other rescue and disinfection tools.

Second, Stinger is dead simple to use. It’s a standalone, one-file program that you just click to run; no installation is required. There are no tricky “opt-in” screens that try to sneak toolbars onto your system, either. Instructions for downloading and running Stinger are here.

Stinger’s default scan (Medium sensitivity) option is quick and superficial. It scans for rootkits, pokes around in the Windows registry, and looks at the favorite hiding places of malware. Stinger scans for about 6,000 known malware varieties and their variants. The "Raptor" component of Stinger analyzes the behavior of currently running programs to check for suspicious activity. Raptor updates its knowledge of new and emerging threats by consulting an online McAfee database, which enables it to detect zero-day malware.

Targeting Malware: Locked and Loaded...

For a more thorough scan, you can set the “GTI File Reputation” sensitivity level, which requires a bit of explanation. Mcafee, like other large anti-malware developers, gathers real-time intelligence on emerging threats from the many installations of its security software on computers all over the world. A “threat report” includes the name of the file that is suspected of bearing the threat and the strength of the suspicion. When Stinger encounters a file on your device whose name matches one on the GTI File Reputation list, it evaluates the threat and decides whether to take action or not.

In my experience, no anti-malware program will find every possible threat. So I recommend that you run a Deep Scan with two or more of the security tools listed in my companion article HOWTO: Deep Scan for Malware. Do this a few times a year, or if you suspect a malware problem.

The action that Stinger takes when it finds an infected file is also under the user’s control. A file may be simply reported as suspicious, quarantined for later inspection, deleted immediately, renamed to a non-executable form (e. g., *.bak), or a repair may be attempted.

A quick scan of my desktop machine using the default settings took only 7 minutes, looked into about 28,000 files, and turned up nothing. I don't stash a lot of stuff on my primary work computer, so I asked a computer-savvy friend with a large collection of files to run a full scan of his system with the highest sensitivity setting. He reported that Stinger took 9 hours, 13 minutes to plow through 3,782,218 files (about 250 GB) and found one that contains a Trojan. (A quick scan didn't find that file.)

Customize Your Malware Scan

You can customize a scan to something in between these extremes, specifying where to scan, how deeply to scan, and what to do when an infection is detected. But since Stinger is a tool that you'd use only once in a while, or if you suspect a problem, I recommend that you use the highest sensitivity settings and choose the Repair option. (Click the Settings link at the top right of the Stinger screen.)

IMPORTANT: Make sure you click the "Customize my scan" link on the main screen, and select the C: drive and any other drives you want to scan. If you don't, Stinger will only scan the folders it thinks are most likely to contain malware. I also recommend that you temporarily disable your primary anti-virus protection while Stinger is running, to avoid any conflicts between the two. This should also make Stinger complete its scan faster.

Remember that Stinger is not a substitute for real-time anti-malware and security software shields. But as a malware detection and remediation utility, it does a good job. See the sidebar above for some other on-demand "deep scan" tools you can use for additional peace of mind.

Your thoughts on this topic are welcome. Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 25 Nov 2014

For Fun: Buy Bob a Snickers.

Prev Article:
Learn the Secrets of Gmail Labs

The Top Twenty
Next Article:
Geekly Update - 26 November 2014

Most recent comments on "Fight Malware With a Stinger Missile"

Posted by:

Dell Hill
25 Nov 2014

Over the years, I have used "Stinger" on dozens of malware bitten machines. It's a blessing when you reach the point of not knowing "what else to do".

Posted by:

Bob K
25 Nov 2014

Another great tool, that I've never heard of. I am running it as I write this.
Thank you Bob!

Posted by:

asus fan
25 Nov 2014

Thanks for the reminder. I completely forgot about McAfee Stinger as another effective option for removing aggressive malware that others miss.

Posted by:

Nancy Teppler
25 Nov 2014

Excellent advice, thank you. I will keep this information for future reference.

Posted by:

Craig Beard
25 Nov 2014

Bob - You suggest keeping a copy of Stinger on a USB stick. Can it be run from there?


Posted by:

Linda Herrin
25 Nov 2014

Do I need to deactivate the malware program I am currently using before installing/using Stinger?

EDITOR'S NOTE: You don't have to, but I recommend it.

Posted by:

Harish Dobhal
25 Nov 2014


Posted by:

Mac 'n' Cheese
25 Nov 2014

Hi, Bob,

1. You recommend keeping Stinger on a USB drive or CD. But the Stinger installation page suggests that we download the latest version of Stinger. How does that instruction affect your recommendation?

2. Can Stinger be run in the background, while I'm doing other things?

3. How would you compare McAfee's Stinger and Malwarebyte's Chameleon?


Posted by:

25 Nov 2014

Great article, Bob! (as always... hmm, I suppose that's becoming a bit boring for you, but I can't help it ;) )

Please tell me you'll update your Free AV articles to include this little jewel! (I frequently point my friends to that article)

Posted by:

26 Nov 2014

Bob - I've collected and used most of your recommended antivirus and cleanup utilities for several years on my customers' computers and our family machines. Some of the programs go into our [Weekly Security Maintenance] folder, while others go into our [Once-a-Month, Overnight Scans] folder. I fired this one up over 5 hours ago, on a Seagate 750 Gb hybrid hard drive. (Even now, it's still tearing through files... so we KNOW which folder it'll call home!) But surprisingly, while running in the background, it only slows the loading of graphically diverse web pages a bit, so that isn't much of a problem. I generally prefer to close all programs before launching standalone scanners, anyway. (And if I had remembered to disable our antivirus program, as you said to do, I'm sure it would be running faster yet!) So far, it's playing well with AVG Antivirus (Free version). If it chokes at some point, it'll be my own fault. Thank you again for your continuing series of great articles on so many tech topics, that can benefit pros and average users alike.

Posted by:

26 Nov 2014

Thank you so much. On my PC(W7) with Avast free SW, it found 13 Trojan's.
It's great.

Posted by:

26 Nov 2014

Thanks Bob. It nice to know, of another means to help eliminate "stuff", from the Bad Guys!

I downloaded the executable file. In reading another comment, which they had a 750GB Hybrid Drive, I have elected to do my scanning, tonight while I sleep or am not using my computer. I have a 1TB Hard Drive and this scan, I did try to use it, just now ... Is a slower scan. I like to have my scanning done, when my computer is not in use.

Once again Bob, you are not only thinking of yourself, but your readers as well. I have always hated when someone knows what to do and doesn't share it with others. I learned to share my information, when I worked in surgery. For me, sharing always benefited the patients and that was why all of the staff members, were working in surgery ... To do excellent patient care, to the best of our abilities.

Posted by:

Burt Tyrell
26 Nov 2014

thank you Bob for another golden nugget , Excellent article yet again .and of course well explained ,Best wishes Burt

Posted by:

06 Dec 2014

Thanks Bob. My computer is generally squeaky clean because of all of your help through the years.

Posted by:

13 Dec 2014

great news have an older person who doesn't remember to run anti virus scans. her computer presently won't complete a scan or connect to internet. hopefuly I will now wage war on the viruses she has

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- Fight Malware With a Stinger Missile (Posted: 25 Nov 2014)
Copyright © 2005 - Bob Rankin - All Rights Reserved