ThreatFire
What is ThreatFire? (from PC Tools Software)
Traditional antivirus solutions cannot protect you until after they have discovered a new threat and produced a signature to counter it. ThreatFire does not rely on signatures, but instead provides behavior-based protection. It is designed to be used alongside your existing antivirus software and it fills the gap in pr... Read more
Overview
ThreatFire is a software program developed by PC Tools Software. During setup, the program creates a startup registration point in Windows in order to automatically start when any user boots the PC. Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. Manually stopping the service has been seen to cause the program to stop functing properly. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The software is designed to connect to the Internet and adds a Windows Firewall exception in order to do so without being interfered with. The primary executable is named TFUD.exe. The setup package generally installs about 47 files and is usually about 19.29 MB (20,231,126 bytes). Relative to the overall usage of users who have this installed on their PCs, most are running Windows 7 (SP1) and Windows XP. While about 55% of users of ThreatFire come from the United States, it is also popular in Germany and United Kingdom.
Program details
URL: www.threatfire.com
Help link: www.threatfire.com/support
Installation folder: C:\Program Files\ThreatFire\
Uninstaller: "C:\Program Files\ThreatFire\unins000.exe"
Estimated size: 19.29 MB
Files installed by ThreatFire
Program executable: | TFUD.exe |
Name: | ThreatFire |
| ThreatFire Smart Update |
Path: | C:\Program Files\ThreatFire\TFUD.exe |
MD5: | 1443c6170a96be009b148881b49be73c |
Additional files:
-
engine.dll - PC Tools Engine DLL for Windows NT/2000/XP/Vista
-
TFWSC.dll - PCTWSC Dynamic Link Library
-
PM64.exe - ThreatFire (PC Tools Process Manager)
-
TFAPI.dll - PC Tools ThreatFire API
-
TFAVE.dll - PC Tools ThreatFire Log
-
TFCfg.dll - PC Tools ThreatFire Config
-
TFCM.dll
-
TFCR.dll - ThreatFire TFCR
-
TFCRDlg.dll - Custom Rule Dialogs
-
TFCRUI.dll - ThreatFire TFCRUI
-
TFCRW.dll - ThreatFire CHRW
-
TFDBM.dll - PC Tools ThreatFire Database Manager
-
TFE.dll - PC Tools ThreatFire Engine
-
TFGui.exe - File Description
-
TFHS.exe - PC Health Scan
-
TFLog.dll
-
TFMisc.dll - PC Tools ThreatFire
-
TFMon.dll - ThreatFire Monitor Interface
-
TFNI.dll - PC Tools ThreatFire Non-Interactive Process
-
TFNotice.exe - PC Tools ThreatFire Notice
-
TFO.dll - TFO
-
TFPA.dll - PC Tools ThreatFire Process Activity
-
TFQT.dll - PC Tools ThreatFire Quarantine
-
TFRC.exe - PC Tools ThreatFire Report Card
-
TFRes-en.dll - PC Tools ThreatFire resources
-
TFRK.dll - PC Tools ThreatFire Detector
-
TFScan.dll - PC Tools ThreatFireRootkit Scan
-
TFServer.dll - PC Tools ThreatFire TFServer
-
TFService.exe - PC Tools ThreatFire Service
-
TFSF.dll - FileDescription
-
TFTM.dll - TFTM
-
TFTray.exe - PC Tools ThreatFire Tray App
-
TFUD.exe - ThreatFire Smart Update
-
TFUN.exe - ThreatFire Update Engine
-
TFUndo.dll
-
TFVS.exe - PC Tools ThreatFire Virus Scanner
-
TFWAH.dll
-
TFWAH64.exe
-
TFWS.dll - Web Services
-
TFWSC.exe - ThreatFire WSC Interface
-
unins000.exe - Inno Setup (Setup/Uninstall)
Behaviors exhibited
Scheduled Task
- TFGui.exe is scheduled as a task with the class '{8540361E-0457-4990-86D6-44FA0E145470}' (runs on registration).
Service
- TFService.exe runs as a service named 'ThreatFire' (ThreatFire) "The ThreatFire engine responsible for monitoring your system for viruses, spyware, and other malware. Turning this service off makes your machine vulnerable to such attacks.".
Startup File (User Run)
- TFTray.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'ThreatFire' and executes as C:\Program Files\ThreatFire\TFTray.exe.
Startup File (All Users Run)
- TFTray.exe is loaded in the all users (HKLM) registry as a startup file name 'ThreatFire' which loads as C:\Program Files\ThreatFire\TFTray.exe.
Windows Firewall Allowed Program
- TFGui.exe is added as a firewall exception for 'C:\Sicherheit\ThreatFire\TFGui.exe'.
Resource utilization averages
Show technical details
TFService.exe |
Memory: | 14.69 MB | |
Total CPU: | 0.0024059580% | |
Kernel CPU: | 0.00055794% | |
User CPU: | 0.00184802% | |
Switches/sec: | 107 | |
TFTray.exe |
Memory: | 3.36 MB | |
Total CPU: | 0.0015502797% | |
Kernel CPU: | 0.00078129% | |
User CPU: | 0.00076899% | |
Switches/sec: | 1 | |
How do I remove ThreatFire?
You can uninstall ThreatFire from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program ThreatFire, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove ThreatFire.
HOW IT STARTS
Automatically starts? Yes
(Found in the run registry)
|
|
USER ACTIONS
|
Uninstall it 4%
Keep it 96%
|
|
|
GLOBAL RANK
#7,095
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
71.55% |
|
Windows XP |
12.88% |
|
Windows Vista |
8.92% |
|
Windows 10 |
6.65% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
44.30% |
|
Windows 7 Professional |
12.93% |
|
Windows 7 Ultimate |
12.84% |
|
Microsoft Windows XP |
12.84% |
|
Windows Vista Home Premiu... |
7.74% |
|
Windows 10 Home |
1.79% |
|
Geography
55.03% of installs come from the United States
Which countries install it?
United States |
55.03% |
Germany |
19.40% |
United Kingdom |
3.88% |
France |
2.10% |
Canada |
2.10% |
Italy |
2.10% |
Netherlands |
1.78% |
Australia |
1.64% |
Austria |
1.18% |
Sweden |
0.92% |
Belgium |
0.85% |
Brazil |
0.66% |
India |
0.59% |
South Africa |
0.53% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
26.94% |
|
Dell |
21.77% |
|
Acer |
16.44% |
|
GIGABYTE |
6.70% |
|
Toshiba |
6.39% |
|
ASUS |
5.48% |
|
Intel |
4.57% |
|
American Megatrends |
2.74% |
|
Medion |
2.74% |
|
Lenovo |
1.83% |
|
Sahara |
1.67% |
|
Gateway |
1.52% |
|
Common models |
HP Pavilion dv6 Notebook ... |
6.00% |
|
HP Pavilion dv7 Notebook ... |
5.00% |
|
HP Pavilion g6 Notebook P... |
3.00% |
|
HP Pavilion g7 Notebook P... |
3.00% |
|
Dell Inspiron 530 |
2.33% |
|
MEDIONPC MS-7502 |
2.33% |
|
About PC Tools Software
PC Tools, a subsidiary of Symantec Corporation, develops security utilities for consumers and enterprises whose products include Spyware Doctor which provides spyware protection to secure Windows personal computers, Registry Mechanic, a registry cleaner to fix Windows errors, PC Tools AntiVirus which offers protection against virus infections and File Recover, which recovers files from hard drives, floppy drives, and fixed media.
Publisher URL: www.pctools.com