SBAMSvc.exe
GFI AntiMalware Common SDK Merge Module by GFI Software (Florida) Inc. (Signed)
Overview
There are 8 versions of sbamsvc.exe in the wild, the latest version being 6.2.1.10. It is started as a Windows Service called 'XoftSpy AntiVirus Pro' with the name 'SBAMSvc' and described as “Manages your antispyware and antivirus application”. . In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). The average file size is about 3.46 MB. The file is a digitally signed and issued to GFI Software (Florida) Inc. by VeriSign. The programs VIPRE Internet Security, VIPRE Antivirus and OMG Total Protection have been observed as installing specific variations of sbamsvc.exe. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 105.29 MB with the maximum memory reaching around 135.2 MB. Addionally, typically read and write I/O disk operations is about 66.09 MB per minute for reads and 7.33 MB per minute for writes.
What is sbamsvc.exe?
GFI Software Anti Malware Service - GFI/VIPRE Antivirus combines antispyware and antivirus together which detects and removes viruses, spyware, rootkits, bots, Trojans and all other types of malware.
About sbamsvc.exe (from GFI Software (Florida) Inc.)
“Get everything you need to protect your PC with Vipre Internet Security. This anti-malware solution includes a firewall and spam blocker for highly efficient online security that won't slow down your ”
 Details
|
| File name: | sbamsvc.exe |
| Publisher: | GFI Software |
| Product name: | GFI AntiMalware Common SDK Merge Module |
| Description: | GFI Software Anti Malware Service |
| Typical file path: | C:\Program Files\gfi software\vipre\sbamsvc.exe |
| Certificate |
| Issued to: | GFI Software (Florida) Inc. |
| Authority (CA): | VeriSign |
| Expiration date: | Sunday, January 25, 2015 |
| Windows Service |
| Service name: | SBAMSvc |
| Display name: | XoftSpy AntiVirus Pro |
| Description: | “Manages your antispyware and antivirus application” |
| Type: | Win32OwnProcess |
Programs installed in
(Note, the programs listed below are for all versions of GFI AntiMalware Common SDK Merge Module.)
From the site: "The free download of Ascentive’s Registry Cleaner, Anti-Malware Software, and other trial products are intended to find issues, errors, threats, junk, and clutter that can be removed b...
“VIPRE Internet Security is the award-winning antivirus software that includes a firewall, a spam filter and bad website blocking into one powerful solution for complete protection against malware. Fro...”
“Vipre Antivirus is the essential antivirus software that protects against over 100,000 new web threats every day without slowing down your computer. It also eliminates conflicts during installation wi...”
“GFI VIPRE® Antivirus Business is a scalable Endpoint Solution that protects your networked machines from all types of malware and viruses and includes a firewall (Premium only). Its Bad URL Blocking f...”
AntiVirus software that uses the GFI AntiMalware engine with a custom UI.
“XoftSpy scans your computer's memory, registry, files & folders for Spyware, Adware, Spybots, Malware, Spy Pop-ups, Keyloggers, and Unwanted Toolbars.”
XoftSpy Detects & Removes Spyware, Adware, Hijackers & Other Malicious Files.
“ParetoLogic Internet Security provides premium protection against all kinds of cyber threats. Your email messages and contact list are protected by Anti-Phishing technology and advanced Email Security...”
“Scan, and remove malware from your Windows PC now with PC MRI Anti-Malware software. In minutes, you can remove malware and other errors from your computer that can slow it down. Easy to use features ...”
“Run the free scan to identify the issues affecting your system and register a full version of the software for just $29.97 semiannually to clean, fix and optimize identified issues with your computer ...”
“SparkTrust AntiVirus is a versatile protector. It searches your computer deeply to find and boot out all kinds of malicious and unwanted programs: viruses, adware, spyware, malware, pop-up generators,...”
“SparkTrust AntiVirus protects your computer by using a variety of proven and cutting edge detection methods to catch viruses and malware. It utilizes signature-based detection and, with free, frequent...”
“This program includes extensive protection by kicking out spyware, viruses, adware, Trojan downloads and other malware. Not only is it easy to use, it will install and set up quickly. It also has acti...”
“http://www.omgtechhelp.com”
“Several programs out there today advertise that they can help you remove the infections slowing your computer down. OMG Tech Help’s personnel have all the training to help you eliminate all the spywar...”
“This program includes extensive protection by kicking out spyware, viruses, adware, Trojan downloads and other malware. Not only is it easy to use, it will install and set up quickly. It also has acti...”
Behaviors
(Note, the behaviors below are for all versions of sbamsvc.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'SBAMSvc' (XoftSpy AntiVirus Pro)
- SBAMSvc
All file variations of sbamsvc.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
30.77% |
|
| Windows 7 Professional |
17.31% |
|
| Windows 7 Ultimate |
11.54% |
|
| Windows 8 Pro |
11.54% |
|
| Windows 8 Pro with Media Center |
11.54% |
|
| Microsoft Windows XP |
9.62% |
|
| Windows Vista Business |
3.85% |
|
| Windows 7 Ultimate N |
1.92% |
|
| Windows Vista Ultimate |
1.92% |
|
Distribution by country
United States installs about 73.08% of GFI AntiMalware Common SDK Merge Module.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
29.79% |
|
| Hewlett-Packard |
27.66% |
|
| GIGABYTE |
10.64% |
|
| Acer |
10.64% |
|
| ASUS |
8.51% |
|
| Samsung |
8.51% |
|
| Sony |
4.26% |
|
