How to Use GetSusp

McAfee GetSusp is intended for users who suspect undetected malware on their system. By using a combination of clever heuristics and querying McAfee's online database of known clean files to gather suspicious files, GetSusp eliminates the user's need for deep technical knowledge of computer systems to isolate undetected malware. McAfee GetSusp is recommended as a tool of first choice when analyzing a suspect machine.

For a list of Frequently Asked Questions on GetSusp, see article KB69385.

Features
  • Delivered as a single executable file with no installation required.

  • Option to run in different modes – GUI and command Line.

  • Can submit samples or only a MD5 list of the files to McAfee Labs for analysis.

  • Leverages GTI File Reputation to determine if the sample is suspicious.

  • Records system and installed McAfee product information date of execution and details of suspected files.

  • GetSusp supports Windows XP SP2, 2003 SP2, Vista SP1, 2008, 7 and 8.
How to use McAfee GetSusp
  1. Download the latest version of GetSusp. When prompted, choose to save the executable file to a convenient location on your hard disk. We recommend creating a folder specifically for GetSusp.

  2. Once downloaded, launch the GetSusp.exe file.



  3. The McAfee GetSusp Interface will be displayed.



  4. If necessary, click the preferences to specify your email address to receive an acknowledgement from McAfee Labs for sample submissions. By default, suspicious files are submitted to McAfee Labs in online mode.



  5. Click the Scan Now button to begin scanning the system. A EULA is prompted for user acceptance every time a scan is initiated. The license agreement must be accepted in order to proceed.



  6. A typical GetSusp system scan takes around three to five minutes. A summary is provided at the end of the scan, and the scan report is launched.



  7. Visit the McAfee malware community site or contact McAfee technical support for help in troubleshooting your machine or removing malware.