forcefield.exe
ZoneAlarm Browser Security by Check Point Software Technologies Ltd. (Signed)
Warning 4 antivirus scanners has detected malware in various versions of forcefield.exe.
Overview
There are 9 versions of forcefield.exe in the wild, the latest version being 1, 5, 395, 0. forcefield.exe is run as a standard windows process with the logged in user's account privileges. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 932.15 KB. The file is a digitally signed and issued to Check Point Software Technologies Ltd. by VeriSign. Numerous variations of forcefield.exe have been installed with both ZoneAlarm Toolbar and Audio 180%. During the process's lifecycle, the typical CPU resource utilization is about 0.0043% including both foreground and background operations, the average private memory consumption is about 19.4 MB. Addionally, typically read and write I/O disk operations is about 1.04 KB per minute for reads and 12.98 KB per minute for writes.
What is forcefield.exe?
Check Point's ZoneAlarm ForceField is designed to secure Web browsing sessions through the use of browser virtualization, inline download scanning and DNS validation services.
About forcefield.exe (from Check Point Software Technologies Ltd.)
“Get ZoneAlarm ForceField for your browser. ForceField works hard at Web safety so you don't have to, but you should continue to browse with common sense in mind.”
 Details
|
| File name: | forcefield.exe |
| Publisher: | Check Point Software Technologies |
| Product name: | ZoneAlarm Browser Security |
| Typical file path: | C:\Program Files\checkpoint\zaforcefield\forcefield.exe |
| Certificate |
| Issued to: | Check Point Software Technologies Ltd. |
| Authority (CA): | VeriSign |
| Expiration date: | Monday, May 5, 2014 |
Programs installed in
(Note, the programs listed below are for all versions of ZoneAlarm Browser Security.)
The ZoneAlarm Security Toolbar installs a OurToolbar toolbar in your Web browser that collects and stores information about your web browsing and sends this information to OurToolbar so they can sugg...
“The full version of "Audio 180%" under tidier interface offers a total of ten tools to help you around all common tasks get the job done with audio and sound. using the audio player you give songs and...”
Behaviors
(Note, the behaviors below are for all versions of forcefield.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'ISW' → "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| ByteHero |
1.0.0.1 |
Virus.Win32.Heur.j |
1, 5, 395, 0 |
| ByteHero |
1.0.0.1 |
Virus.Win32.Heur.j |
1, 5, 388, 0 |
| ByteHero |
1.0.0.1 |
Virus.Win32.Heur.j |
1, 5, 393, 18 |
| ByteHero |
1.0.0.1 |
Virus.Win32.Heur.j |
1, 5, 393, 22 |
All file variations of forcefield.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
51.85% |
|
| Microsoft Windows XP |
14.81% |
|
| Windows Vista Home Basic |
7.41% |
|
| Windows 8 Pro |
7.41% |
|
| Windows 7 Professional |
7.41% |
|
| Windows 7 Ultimate N |
3.70% |
|
| Windows Vista Ultimate |
3.70% |
|
| Windows 7 Ultimate |
3.70% |
|
Distribution by country
United States installs about 55.56% of ZoneAlarm Browser Security.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
80.00% |
|
| Acer |
20.00% |
|
