ThreatBook Agent

A guide to uninstall ThreatBook Agent from your PC

You can find on this page detailed information on how to remove ThreatBook Agent for Windows. It was created for Windows by Beijing ThreatBook Technology Co., Ltd. You can find out more on Beijing ThreatBook Technology Co., Ltd or check for application updates here. Further information about ThreatBook Agent can be found at https://threatbook.cn/. Usually the ThreatBook Agent program is placed in the C:\Program Files (x86)\Threatbook\Agent directory, depending on the user's option during install. C:\Program Files (x86)\Threatbook\Agent\uninst.exe is the full command line if you want to uninstall ThreatBook Agent. The program's main executable file is called tbAgent.exe and it has a size of 488.78 KB (500512 bytes).

ThreatBook Agent contains of the executables below. They occupy 4.42 MB (4637728 bytes) on disk.

• CtrlSC.exe (266.77 KB)
• safeSrv.exe (552.28 KB)
• tbAgent.exe (488.78 KB)
• tbAgentSrv.exe (430.28 KB)
• tbCommonHelper_x64.exe (513.28 KB)
• tbGuard.exe (620.78 KB)
• tbHelper.exe (908.28 KB)
• uninst.exe (506.28 KB)
• Tbhpca.exe (242.30 KB)

...click to view all...

This web page is about ThreatBook Agent version 2.6.6.1400 only. You can find below info on other releases of ThreatBook Agent:

• 2.4.6.1700
• 2.4.0.1700
• 2.5.4.1100
• 2.6.6.1300
• 2.4.2.1500
• 2.5.2.1200
• 2.2.6.1300
• 2.3.2.1800
• 2.2.5.1040
• 2.4.0.1500
• 2.6.3.1000
• 2.6.4.1300
• 2.2.9.1000
• 2.4.0.1450
• 2.4.2.1600
• 2.5.7.1200
• 2.1.0.2011
• 2.4.8.1200
• 2.2.9.1100
• 2.6.0.1100
• 2.4.4.1700
• 2.3.8.1400
• 2.2.5.1016

...click to view all...
Some files and registry entries are usually left behind when you uninstall ThreatBook Agent.

You should delete the folders below after you uninstall ThreatBook Agent:

• C:\Program Files (x86)\Threatbook\Agent

Files remaining:

• C:\Program Files (x86)\Threatbook\Agent\7z.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\AmNvLMon.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\AmNvLMon64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\ca.dat
• C:\Program Files (x86)\Threatbook\Agent\cardinal\lb.dat
• C:\Program Files (x86)\Threatbook\Agent\cardinal\qrotload.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RNdrCfg.dat
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RNdrMonitor_x64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RNdrMonitor_x86.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RpsGRdn.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RpsGRdn64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RSvNrSor.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\RSvNrSor64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\samVigiL64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbAmsiProv.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbAmsiProv64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinal.dat
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinal_Win7_X64.sys
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinal_Win7_X86.sys
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinal_Win8_X64.sys
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinal_Win8_X86.sys
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbCardinalDll.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbcDetor64.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\Tbhpca.exe
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbIjSecBase.dll
• C:\Program Files (x86)\Threatbook\Agent\cardinal\TbIjSecBase64.dll
• C:\Program Files (x86)\Threatbook\Agent\CtrlSC.dll
• C:\Program Files (x86)\Threatbook\Agent\CtrlSC.exe
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\agent.common.attr
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\agent.module.attr
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\baseInfo
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\bdsetting
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\clouddetect
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\dbMgr
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\plugbase
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\PlugDisplay
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\PlugEndpointAsset
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\plugsaasedr
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\PlugSecurityBase
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\product
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\proxyInfo
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\quarantinePolicy
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\scanAuxilary
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\terminal.device.info
• C:\Program Files (x86)\Threatbook\Agent\data\bundle\venus
• C:\Program Files (x86)\Threatbook\Agent\data\content\avSetting
• C:\Program Files (x86)\Threatbook\Agent\data\content\endpoint_register
• C:\Program Files (x86)\Threatbook\Agent\data\content\heliosSetting
• C:\Program Files (x86)\Threatbook\Agent\data\content\onAccessSetting
• C:\Program Files (x86)\Threatbook\Agent\data\content\popup_window
• C:\Program Files (x86)\Threatbook\Agent\data\content\tdSetting
• C:\Program Files (x86)\Threatbook\Agent\data\content\ti_collector
• C:\Program Files (x86)\Threatbook\Agent\data\content\trident
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\AUX_MISKILLING_tbagent_edr
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\AUX_QUARANTINE
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\CQData
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\crDATA
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\csDATA
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\ExcMon
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\Moneta3
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\ProtectionLog
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\Store_E0
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\Store_SDC
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\Store_SEJ0
• C:\Program Files (x86)\Threatbook\Agent\data\ddb\tbsfp
• C:\Program Files (x86)\Threatbook\Agent\data\gol\AegisCore\2025080809_tbAgent.exe_W0_AegisCore_16396.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\AegisCore\2025080812_tbAgent.exe_W0_AegisCore_24308.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\AegisCore\2025081215_tbAgent.exe_W0_AegisCore_4444.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\AegisCore\2025081315_tbAgent.exe_W0_AegisCore_8584.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\gateway_saas\2025080809_tbAgentSrv.exe_Master_gateway_saas_18932.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\PlugSaaSEdr\2025080809_tbAgent.exe_W0_PlugSaaSEdr_16396.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\PlugSaaSEdr\2025080812_tbAgent.exe_W0_PlugSaaSEdr_24308.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\PlugSaaSEdr\2025081215_tbAgent.exe_W0_PlugSaaSEdr_4444.log
• C:\Program Files (x86)\Threatbook\Agent\data\gol\PlugSaaSEdr\2025081315_tbAgent.exe_W0_PlugSaaSEdr_8584.log
• C:\Program Files (x86)\Threatbook\Agent\data\param\urgentHotfixParam
• C:\Program Files (x86)\Threatbook\Agent\data\PidGuidMapping.dat
• C:\Program Files (x86)\Threatbook\Agent\data\updroots.cab
• C:\Program Files (x86)\Threatbook\Agent\framework\cacert.pem
• C:\Program Files (x86)\Threatbook\Agent\framework\gateway.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\gateway_saas.dll
• C:\Program Files (x86)\Threatbook\Agent\framework\NetConfig.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.PlugDisplay.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.PlugEndpointAsset.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.Pluglc.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.PlugSaaSEdr.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.PlugSecurityBase.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.Plugtd.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\plugconf\conf.PlugTrident.xml
• C:\Program Files (x86)\Threatbook\Agent\framework\strategy\agent_strategy
• C:\Program Files (x86)\Threatbook\Agent\framework\tbTrident.dll
• C:\Program Files (x86)\Threatbook\Agent\framework\tbTrident.xml
• C:\Program Files (x86)\Threatbook\Agent\general\ActionLog\ActionLog.dll
• C:\Program Files (x86)\Threatbook\Agent\general\ActionLog\ActionLog.xml
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\backup\Security-bookmark.xml
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\libevtom.dll
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\libntwom.dll
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\libpsom.dll
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\lightmi.xml
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\MICore.dll
• C:\Program Files (x86)\Threatbook\Agent\general\LightMI\providers\EvtProvider.xml

Many times the following registry data will not be uninstalled:

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TBAgent

Open regedit.exe in order to delete the following registry values:

• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\safeSrv\ImagePath
• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tbAgentSrv\ImagePath
• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tbGuardSrv\ImagePath

How to delete ThreatBook Agent using Advanced Uninstaller PRO

ThreatBook Agent is an application marketed by the software company Beijing ThreatBook Technology Co., Ltd. Frequently, people try to erase this program. This can be difficult because removing this by hand takes some knowledge related to removing Windows applications by hand. One of the best EASY solution to erase ThreatBook Agent is to use Advanced Uninstaller PRO. Here is how to do this:





1. If you don't have Advanced Uninstaller PRO already installed on your system, add it. This is a good step because Advanced Uninstaller PRO is a very useful uninstaller and general utility to maximize the performance of your computer.

DOWNLOAD NOW

• go to Download Link
• download the setup by clicking on the DOWNLOAD button
• install Advanced Uninstaller PRO

2. Start Advanced Uninstaller PRO. It's recommended to take your time to admire Advanced Uninstaller PRO's design and wealth of functions available. Advanced Uninstaller PRO is a very useful system optimizer.

3. Press the General Tools category


4. Press the Uninstall Programs button


5. All the applications existing on the computer will be shown to you

6. Scroll the list of applications until you find ThreatBook Agent or simply activate the Search feature and type in "ThreatBook Agent". If it exists on your system the ThreatBook Agent program will be found automatically. Notice that after you click ThreatBook Agent in the list , some information regarding the application is shown to you:

• Safety rating (in the left lower corner). This tells you the opinion other people have regarding ThreatBook Agent, ranging from "Highly recommended" to "Very dangerous".
• Reviews by other people - Press the Read reviews button.
• Details regarding the application you want to uninstall, by clicking on the Properties button.

For instance you can see that for ThreatBook Agent:

• The publisher is: https://threatbook.cn/
• The uninstall string is: C:\Program Files (x86)\Threatbook\Agent\uninst.exe

7. Press the Uninstall button. A confirmation window will come up. Confirm the removal by clicking the Uninstall button. Advanced Uninstaller PRO will then uninstall ThreatBook Agent.


8. After uninstalling ThreatBook Agent, Advanced Uninstaller PRO will offer to run an additional cleanup. Press Next to start the cleanup. All the items of ThreatBook Agent which have been left behind will be detected and you will be asked if you want to delete them. By removing ThreatBook Agent with Advanced Uninstaller PRO, you can be sure that no Windows registry items, files or folders are left behind on your PC.

Your Windows PC will remain clean, speedy and ready to take on new tasks.

Disclaimer

This page is not a recommendation to remove ThreatBook Agent by Beijing ThreatBook Technology Co., Ltd from your computer, nor are we saying that ThreatBook Agent by Beijing ThreatBook Technology Co., Ltd is not a good application for your PC. This page simply contains detailed info on how to remove ThreatBook Agent in case you want to. The information above contains registry and disk entries that other software left behind and Advanced Uninstaller PRO discovered and classified as "leftovers" on other users' computers.