Trellix GetSusp Icon

Trellix GetSusp (formerly McAfee GetSusp) is a free security diagnostic tool that helps you to discover and quarantine undetected malware on a suspected machine. With a simple interface, this tool provides a very easy isolation process of suspicious files, so every user can use the tool without the need for technical knowledge.

Trellix GetSusp is a standalone tool that analyzes the system for viruses using clever heuristics signatures and presents the scan results in a matter of minutes. After the scan is complete, you just have to decide which files look suspicious or unusual and pick them from the report.

Then, the tool will automatically zip and submit (support files up to 50MB) them to Trellix Labs to do further comprehensive analysis against Trellix Global Threat Intelligence online database to determine if the sample is clean or not. Alternatively, you can upload files manually if you already know that a file is questionable.

GetSusp can only identify executable (.exe) files, it doesn’t provide support for other formats such as media files. Please note that the tool doesn’t support rootkit detection.

What is the difference between Trellix GetSusp and McAfee Stinger?

Trellix GetSusp is intended for users who suspect their computer has been infected with some sort of malware, and by using unique analyzing technology it can diagnose and discover if such malware exists. On the other hand, Trellix Stinger is designed to use when your computer has already been infected with malware for sure and uses specific or heuristic signatures to eliminate it.

Note: Most users should use the standard edition of Trellix GetSusp, unless you are a Trellix ePolicy Orchestrator (Trellix ePO) administrator, then you should use: GetSusp-ePO (ePolicy Orchestrator deployable version). Trellix ePolicy Orchestrator is a comprehensive centralized security management software with automated management capabilities, saving IT administrators time and money.

Trellix GetSusp Screenshot

Key Features:

  • Simple interface
  • Low on system resources
  • No tech knowledge required
  • Submit files or only a MD5 to Trellix Labs
  • Leverages Trellix’s GTI File Reputation
  • Different modes – GUI, command line and in ePO
  • Standalone – no installation required

Download Trellix GetSusp Free

Download x32

Download x64

Download Trellix GetSusp-ePO for ePO administrators

Download x32

Download x64

Last Update: October 31, 2023

Current Version:

License: Freeware

Languages: English

Supported Operating Systems:
Windows 7 / 8 / 8.1 / 10 / 11 / Windows Server 2008 R2 SP1 / Server 2012 / Server 2016

Developer: Trellix (formerly FireEye and McAfee Enterprise)


Not Available.