Has anyone tried Raptor from mcafee

Status
Not open for further replies.

Terry Ganzi

Level 26
Thread author
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
How to Use Raptor

McAfee Raptor is a real-time behavior detection technology that monitors suspicious activity on an endpoint. Raptor leverages machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.


How Do You Use Raptor?


  • Download the latest version of Raptor
  • At the prompt, save the file to a location on your system.



    ms-raptor-file-download-security-warning.png
  • Navigate to the folder that contains the downloaded Raptor file, and double-click raptor.exe.

    ms-raptor-sys-tray-icon.png
  • The Raptor icon is displayed in your system tray.
  • Once installed, Raptor monitors and detects files exhibiting malicious behaviors on the endpoint. Click Clean to remove malicious executables and its traces from your system.
    Note: If you wish to remove the malicious files a later point of time, click Dismiss.

    ms-raptor-detection-found.png
In the system tray, right-click the Raptor icon to perform these actions:

  • Start — Raptor starts monitoring system for malicious behaviors.
  • Stop — Raptor stops monitoring the system.
  • View Log — Displays detection details for malicious files found.
  • Quarantine — Creates backup of files that were repaired to restore if required.
  • About — Provides details about Raptor client and build version.
  • Remove Raptor — Uninstalls Raptor from an endpoint.
  • Exit — Quits Raptor program. Raptor will resume on the next system reboot.

Frequently Asked Questions

Q: How is Raptor different from Stinger?
A: Stinger is a standalone utility that uses signature files to detect and remove specific viruses. Raptor is a behavior detection technology that monitors suspicious activity to detect zero-day malware in real time.

Q: What are the requirements for Raptor?
A: Windows 7, 8, and 8.1 operating systems, and a working Internet connection.

Q: Where is the detection log saved and how can I view it?
A: The log file is saved under C:\Program Files\McAfee\Raptor. From the system tray, right-click the Raptor icon and select View Log to see log details.

Q: Where are the quarantine files stored?
A: The quarantine files are stored under C:\Program Files\McAfee\Raptor\RaptorQuarantine.

Q: If a user did not select Clean or Dismiss for a detection, what happens?
A: A user needs to respond within five minutes otherwise a default action of Dismiss is applied. There will be no trace of this detection except in the Raptor log file.

Q: Do I need to manually start Raptor after a system reboot?
A: Raptor automatically begins monitoring the system at boot.

Q: What is Raptor’s footprint on an endpoint?
A: Raptor install is approximately 1.5 MB and it takes up about 30MB of memory for monitoring the system.

Q: What user or system details are collected by Raptor?
A: Instead of sending the whole file, Raptor sends the behavioral trace of the file execution which is typically a few bytes of information. This is the minimum amount of information necessary for Raptor to determine the nature of the file. The behavioral trace information includes file name, file path, process ID, event, the OS version, and a randomly generated GUID of the machine.

Q: Is it possible for an administrator to view Raptor logs via McAfee ePO?
A: In the initial release, Raptor is being offered as a standalone tool. In future versions, Raptor can be deployed and managed from McAfee ePO, allowing administrators to view reports from a central console.

Q: How can I get support for Raptor?
A: Raptor is not a supported application. McAfee makes no guarantees about this product.

Q: Where can I send feedback to regarding Raptor?
A: Please provide your feedback via the McAfee Community Forum page for Raptor.

Q: How do I uninstall/remove Raptor from the system?
A: Right-click the Raptor icon running on the system tray and select the REMOVE Raptor option.

http://www.mcafee.com/us/downloads/free-tools/how-to-use-raptor.aspx
 

conceptualclarity

Level 21
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 23, 2013
1,072
I'm surprised I hadn't heard about this. Is it brand new?

Haven't really been many standalone behavior programs since ThreatFire, have there?

Is it compatible with an AV that has some degree of behavior protection, as most profess to these days?
 

Terry Ganzi

Level 26
Thread author
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
I'm surprised I hadn't heard about this. Is it brand new?

Haven't really been many standalone behavior programs since ThreatFire, have there?

Is it compatible with an AV that has some degree of behavior protection, as most profess to these days?

I is a beta program for Mcafee.:) & yes it can be used alone side an AV.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top