The Windows Club

McAfee Real Protect: Real-time Behavior Detection technology based tool for Windows

Many may feel the need for a second line of defense on your Windows computer and computer networks, so that you have increased security. By second line of defense, we mean an antimalware that can be run in addition to the main security software. There are many tools such as Microsoft EMET, that can help you. McAfee has now released a new tool called Real Protect, formerly called Raptor, that monitors your computer to block malware before it can do any damage.

McAfee Real Protect or McAfee Raptor, is a real-time behavior detection technology that monitors suspicious activity on an endpoint, by leveraging machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.

McAfee Real Protect Review

Real Protect, unlike Stinger, employs behavior analytics to figure out malware and isolate them. According to McAfee, Real Protect is a real-time behavior detection technology that monitors activity on the endpoint and if it finds anything suspicious, it blocks them right away.

You can view the blocked items in the window presented by McAfee Real Protect. You can then check the items and choose to clean them instantly or clean them at a later time by clicking on the Dismiss button. The items you quarantine will be available in the Quarantine Window which is displayed when you click on Quarantine in the context menu brought up by right clicking on the Raptor icon in the System Tray.

According to McAfee, Real Protect leverages machine learning and behavioral based classification in the cloud to detect zero-day malware in real time. Right now, the tool is in Beta and available free, and also comes as a bundle with Stinger. McAfee plans to include Real Protect into its future antimalware software.

The best things about McAfee Real Protect is that you do not have to worry about regular definition updates. Once installed, McAfee Real Protect lies in the Notification Area and keeps the system protected. A pop-up window will appear, if it identifies any malware, which you can clean by clicking on the Clean button.

You can also view the Quarantined items using the context menu that appears when you right-click on the system tray icon. You can then delete the items or restore them by selecting the item and clicking on delete or on restore.

McAfee Real Protect is different from the Stinger software.

Though McAfee Stinger bundles Real Protect into the package, it is essentially a standalone package that works using signature files to detect and remove malware. Real Protect, on the other hand, studies the behavior of programs running on the computer and isolates malware based on suspicious actions.

You can view the Real Protect log by right-clicking on the Real Protect System Tray icon and then by clicking on View Log. You can also open the location C:\Program Files\McAfee\ to view the log file in Notepad.

The user has to be alert and needs to take action within 10 minutes, after the malware is found, otherwise the items are just dismissed and will continue to run on the machine. It is always better to click on the “Clean button to clean the affected processes before they can damage your computer in any way.

The footprint of Real Protect is pretty small. It takes seconds to install the software. All you need to do is to download the Raptor installer and run it. The program is automatically installed in the Program Files folder. As soon as the program is installed, it appears in the Windows System Tray. It starts automatically with every boot.

You can download it from here. Read more on it here.

UPDATE: Please read the comment below. McAfee Real Protect or Raptor, like McAfee Stinger installs the McAfee Validation Trust Protection Service, which is difficult to remove, even after the tool is uninstalled. You may want to run McAfee Consumer Products Removal tool to remove this service.