- Apr 25, 2013
- 5,356
Raptor BETA is a real-time behavior detection technology that monitors suspicious activity on an endpoint. Raptor leverages machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.
Raptor BETA is available as a free tool and is also bundled with Stinger. McAfee plans to incorporate Raptor into future anti-malware products.
http://www.mcafee.com/us/downloads/free-tools/raptor.aspx
Raptor BETA is available as a free tool and is also bundled with Stinger. McAfee plans to incorporate Raptor into future anti-malware products.
How Do You Use Raptor?
Frequently Asked Questions
Q: How is Raptor different from Stinger?
A: Stinger is a standalone utility that uses signature files to detect and remove specific viruses. Raptor is a behavior detection technology that monitors suspicious activity to detect zero-day malware in real time.
Q: What are the requirements for Raptor?
A: Windows 7, 8, and 8.1 operating systems, and a working Internet connection.
Q: Where is the detection log saved and how can I view it?
A: The log file is saved under C:\Program Files\McAfee\Raptor. From the system tray, right-click the Raptor icon and select View Log to see log details.
Q: Where are the quarantine files stored?
A: The quarantine files are stored under C:\Program Files\McAfee\Raptor\RaptorQuarantine.
Q: If a user did not select Clean or Dismiss for a detection, what happens?
A: A user needs to respond within five minutes otherwise a default action of Dismiss is applied. There will be no trace of this detection except in the Raptor log file.
Q: Do I need to manually start Raptor after a system reboot?
A: Raptor automatically begins monitoring the system at boot.
Q: What is Raptor’s footprint on an endpoint?
A: Raptor install is approximately 1.5 MB and it takes up about 30MB of memory for monitoring the system.
Q: What user or system details are collected by Raptor?
A: Instead of sending the whole file, Raptor sends the behavioral trace of the file execution which is typically a few bytes of information. This is the minimum amount of information necessary for Raptor to determine the nature of the file. The behavioral trace information includes file name, file path, process ID, event, the OS version, and a randomly generated GUID of the machine.
Q: Is it possible for an administrator to view Raptor logs via McAfee ePO?
A: In the initial release, Raptor is being offered as a standalone tool. In future versions, Raptor can be deployed and managed from McAfee ePO, allowing administrators to view reports from a central console.
Q: How can I get support for Raptor?
A: Raptor is not a supported application. McAfee makes no guarantees about this product.
Q: Where can I send feedback to regarding Raptor?
A: Please provide your feedback via the McAfee Community Forum page for Raptor.
Q: How do I uninstall/remove Raptor from the system?
A: Right-click the Raptor icon running on the system tray and select the REMOVE Raptor option.
- Download the latest version of Raptor
- At the prompt, save the file to a location on your system.
- Navigate to the folder that contains the downloaded Raptor file, and double-click raptor.exe.
- The Raptor icon is displayed in your system tray.
- Once installed, Raptor monitors and detects files exhibiting malicious behaviors on the endpoint. Click Clean to remove malicious executables and its traces from your system.
Note: If you wish to remove the malicious files a later point of time, click Dismiss.
- Start — Raptor starts monitoring system for malicious behaviors.
- Stop — Raptor stops monitoring the system.
- View Log — Displays detection details for malicious files found.
- Quarantine — Creates backup of files that were repaired to restore if required.
- About — Provides details about Raptor client and build version.
- Remove Raptor — Uninstalls Raptor from an endpoint.
- Exit — Quits Raptor program. Raptor will resume on the next system reboot.
Frequently Asked Questions
Q: How is Raptor different from Stinger?
A: Stinger is a standalone utility that uses signature files to detect and remove specific viruses. Raptor is a behavior detection technology that monitors suspicious activity to detect zero-day malware in real time.
Q: What are the requirements for Raptor?
A: Windows 7, 8, and 8.1 operating systems, and a working Internet connection.
Q: Where is the detection log saved and how can I view it?
A: The log file is saved under C:\Program Files\McAfee\Raptor. From the system tray, right-click the Raptor icon and select View Log to see log details.
Q: Where are the quarantine files stored?
A: The quarantine files are stored under C:\Program Files\McAfee\Raptor\RaptorQuarantine.
Q: If a user did not select Clean or Dismiss for a detection, what happens?
A: A user needs to respond within five minutes otherwise a default action of Dismiss is applied. There will be no trace of this detection except in the Raptor log file.
Q: Do I need to manually start Raptor after a system reboot?
A: Raptor automatically begins monitoring the system at boot.
Q: What is Raptor’s footprint on an endpoint?
A: Raptor install is approximately 1.5 MB and it takes up about 30MB of memory for monitoring the system.
Q: What user or system details are collected by Raptor?
A: Instead of sending the whole file, Raptor sends the behavioral trace of the file execution which is typically a few bytes of information. This is the minimum amount of information necessary for Raptor to determine the nature of the file. The behavioral trace information includes file name, file path, process ID, event, the OS version, and a randomly generated GUID of the machine.
Q: Is it possible for an administrator to view Raptor logs via McAfee ePO?
A: In the initial release, Raptor is being offered as a standalone tool. In future versions, Raptor can be deployed and managed from McAfee ePO, allowing administrators to view reports from a central console.
Q: How can I get support for Raptor?
A: Raptor is not a supported application. McAfee makes no guarantees about this product.
Q: Where can I send feedback to regarding Raptor?
A: Please provide your feedback via the McAfee Community Forum page for Raptor.
Q: How do I uninstall/remove Raptor from the system?
A: Right-click the Raptor icon running on the system tray and select the REMOVE Raptor option.
