Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

4.0.4280 20.00%
4.0.4196 20.00%
4.0.3909 20.00%
4.0.3904 20.00%
3.1.2850 20.00%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegDeleteKeyW, RegDeleteValueW, RegOpenKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, SetServiceStatus, DeregisterEventSource, ReportEventW, RegisterEventSourceW, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegCreateKeyExW, RegQueryValueExW, RegSetValueExW, RegQueryInfoKeyW, CopySid, GetLengthSid, IsValidSid, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, GetTokenInformation, CreateServiceW, DeleteService, ControlService, RegEnumKeyExW, OpenThreadToken, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW, QueryServiceStatus, ChangeServiceConfig2W, ChangeServiceConfigW, CloseEventLog, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash, CryptReleaseContext, CryptAcquireContextW, RevertToSelf, CreateProcessAsUserW, ImpersonateLoggedOnUser, DuplicateTokenEx, FreeSid, EqualSid, AllocateAndInitializeSid, RegCreateKeyW, CryptDecrypt, CryptEncrypt, CryptDestroyKey, CryptDeriveKey, RegCloseKey
kernel32.dll
DllMain
ole32.dll
CoDisconnectObject, CoTaskMemRealloc, CoInitialize, CoUninitialize, CoRevokeClassObject, CoRegisterClassObject, CoTaskMemFree, StringFromGUID2, CoCreateInstance, CoInitializeSecurity, CoInitializeEx, CoCreateGuid, OleRun, CoTaskMemAlloc
psapi.dll
EmptyWorkingSet
sbap.dll
SBAPStart, SBAPSetExtensionList, SBAPStartETW, SBAPStopETW, SBAPIsStarted, SBAPSetPromptCallback, SBAPSetNotifyCallback, SBAPSetReportCallback, SBAPStop, SBAPSetLoggerCallback, SBAPClearCache, SBAPSetMonitorAction, SBAPSetMonitorActive, SBAPAddAllowedPid, SBAPIsETWRunning, SBAPSetUserKnownEntityCallback, SBAPUninstallDriver
sbarva.dll
_ArvaSetBodyScannerCB@4, _ArvaSetQuarantineCB@4
sbhips.dll
SBHIPS_Start, SBHIPS_ClearProgramList, SBHIPS_Pause, SBHIPS_Resume, SBHIPS_GetState, SBHIPS_Stop, SBHIPS_AddProgram
sbte.dll
SBCSGetQuarantineRecordW, SBCSGetQuarantineRecordSizeW, SBCSQueryQuarantineIDW, SBCSUnquarantineThreatW, SBCSQueryThreatDataW, SBCSGetDefReleaseDateW, SBCSGetDefVersionW, SBCSApplyDefinitionUpdateW, SBCSScanBuffer, SBCSClearIgnoredThreats, SBCSAddIgnoredThreat, SBCSClearThreatCategoryActions, SBCSAddThreatCategoryActionW, SBCSResetScanOptions, SBCSSetLowRiskThreatDetection, SBCSQuarantineBufferW, SBCSSetScanOption, SBCSClearPathsToScan, SBCSAddPathToScanW, SBCSRunCleanerW, SBCSGetCleanerResultsSizeW, SBCSQuarantineFile2W, SBCSQuarantineFileW, SBCSDeleteThreatW, SBCSOpenThreatEngineW, SBCSSetLoggerCallbackW, SBCSGetCleanerResultsW, SBCSPurgeQuarantine, SBCSGetFileSignatureW, SBCSScanFileTrace, SBCSClearUserKnownEntityList, SBCSAddUserKnownEntity, SBCSSetScanProgressDetailCallbackW, SBCSSetScanProgressStateCallback, SBCSSetCleanerProgressCallbackW, SBCSGetBootTimeRegistrationStatus, SBCSUnRegisterBootTimeScanner, SBCSRegisterBootTimeScanner, SBCSSetQuarantineActionCallbackW, SBCSEnableAV, SBCSEncryptFileW, SBCSCloseThreatEngine, SBCSRunScanner, SBCSGetScannerResultsW, SBCSGetScannerResultsSizeW, SBCSSetScanDescriptionW, SBCSEnableRootkitEngine
shell32.dll
ShellExecuteExW, SHCreateDirectoryExW, SHGetFolderPathW
shlwapi.dll
UrlGetPartW, PathRemoveFileSpecW, PathFileExistsW, PathAppendW
spursdownload.dll
ThreatUpdateViaProxy, ProxyGetNextVersionNumber, SetSpursLoggingCallback, GetNextVersionNumber, SpursDownload, SpursProxyDownload, ThreatUpdate
user32.dll
wsprintfW, TranslateMessage, DispatchMessageW, UnregisterClassA, GetMessageW, CharNextW, PostThreadMessageW, LoadStringW, CharUpperW, MessageBoxW, GetSystemMetrics, PeekMessageW, MsgWaitForMultipleObjects
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpQueryDataAvailable, WinHttpReadData, WinHttpSetCredentials, WinHttpQueryAuthSchemes, WinHttpQueryHeaders, WinHttpReceiveResponse, WinHttpOpenRequest, WinHttpOpen, WinHttpSendRequest, WinHttpConnect, WinHttpCloseHandle
winmm.dll
timeGetTime
ws2_32.dll
WSAGetOverlappedResult, WSAEnumNetworkEvents, WSAConnect, WSARecv, WSAResetEvent, WSAEventSelect, WSACloseEvent, WSASend, WSASocketW, WSACreateEvent, WSASetEvent

SBAMSvc.exe

Sunbelt AntiMalware Common SDK Merge Module by Sunbelt Software (Signed)

Remove SBAMSvc.exe
Version:   3.1.2850
MD5:   3b713e68ae36b3afc1c630d8c031bccd
SHA1:   8d9e93c3630ca15fe567c86788af33a9cbd37763
SHA256:   48e73f2f6c4595d9c02c2d837007365517a02a4bdd2449ac0ec0f703e43e1264

What is SBAMSvc.exe?

Sunbelt Software Anti Malware Service for GFI (Sunbelt)/VIPRE Antivirus combines antispyware and antivirus together which detects and removes viruses, spyware, rootkits, bots, Trojans and all other types of malware. Sunbelt AntiMalware Common SDK is an anti-malware plugin framework that third party software developers can use to add antimalware solutions to their products.

About SBAMSvc.exe (from Sunbelt Software)

Get everything you need to protect your PC with Vipre Internet Security (Sunbelt Software/ GFI). This anti-malware solution includes a firewall and spam blocker for highly efficient online security th

DetailsDetails

File name:SBAMSvc.exe
Publisher:Sunbelt Software
Product name:Sunbelt AntiMalware Common SDK Merge Module
Description:Sunbelt Software Anti Malware Service
Typical file path:C:\Program Files\sunbelt software\vipre\sbamsvc.exe
File version:3.1.2850
Size:988.36 KB (1,012,080 bytes)
Build date:2/20/2010 12:05 AM
Certificate
Issued to:Sunbelt Software
Authority (CA):VeriSign
Effective date:Tuesday, October 20, 2009
Expiration date:Saturday, October 27, 2012
Digital DNA
Entropy:6.313187
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'SBAMSvc' (Fix-It)
  • SBAMSvc
  • 'SBAMSvc' (VIPRE Antivirus)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00019164%
0.028634%
Kernel CPU:0.00010047%
0.013761%
User CPU:0.00009117%
0.014873%
Kernel CPU time:107,984,375 ms/min
100,923,805ms/min
Memory
Private memory:206.33 MB
21.59 MB
Private (maximum):132.13 MB
Private (minimum):34.45 MB
Non-paged memory:206.33 MB
21.59 MB
Virtual memory:359.94 MB
140.96 MB
Virtual memory (peak):370.88 MB
169.69 MB
Working set:119.67 MB
18.61 MB
Working set (peak):215.82 MB
37.95 MB
Resource allocations
Threads:27
12
Handles:563
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:"C:\Program Files\common files\antivirus\sbamsvc.exe"
Owner:User
Windows Service
Service name:SBAMSvc
Display name:Fix-It
Description:“Manages your anti-malware application.”
Type:Win32OwnProcess
Parent process:services.exe (by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 8 20.00%
Windows XP Professional 20.00%
Windows 7 Ultimate N 20.00%
Microsoft Windows XP 20.00%
Windows 8 Pro with Media Center 20.00%

Distribution by countryDistribution by country

France installs about 25.00% of Sunbelt AntiMalware Common SDK Merge Module.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE