Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

4.0.4280 20.00%
4.0.4196 20.00%
4.0.3909 20.00%
4.0.3904 20.00%
3.1.2850 20.00%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegDeleteKeyW, RegDeleteValueW, RegOpenKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, SetServiceStatus, DeregisterEventSource, ReportEventW, RegisterEventSourceW, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegCreateKeyExW, RegQueryValueExW, RegSetValueExW, RegQueryInfoKeyW, CopySid, GetLengthSid, IsValidSid, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, GetTokenInformation, CreateServiceW, DeleteService, ControlService, RegEnumKeyExW, OpenThreadToken, RegisterServiceCtrlHandlerExW, StartServiceCtrlDispatcherW, QueryServiceStatus, ChangeServiceConfig2W, ChangeServiceConfigW, CloseEventLog, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash, CryptReleaseContext, CryptAcquireContextW, RevertToSelf, CreateProcessAsUserW, ImpersonateLoggedOnUser, DuplicateTokenEx, FreeSid, EqualSid, AllocateAndInitializeSid, RegCreateKeyW, CryptDecrypt, CryptEncrypt, CryptDestroyKey, CryptDeriveKey, RegCloseKey
kernel32.dll
DllMain
ole32.dll
CoDisconnectObject, CoTaskMemRealloc, CoInitialize, CoUninitialize, CoRevokeClassObject, CoRegisterClassObject, CoTaskMemFree, StringFromGUID2, CoCreateInstance, CoInitializeSecurity, CoInitializeEx, CoCreateGuid, OleRun, CoTaskMemAlloc
psapi.dll
EmptyWorkingSet
sbap.dll
SBAPStart, SBAPSetExtensionList, SBAPStartETW, SBAPStopETW, SBAPIsStarted, SBAPSetPromptCallback, SBAPSetNotifyCallback, SBAPSetReportCallback, SBAPStop, SBAPSetLoggerCallback, SBAPClearCache, SBAPSetMonitorAction, SBAPSetMonitorActive, SBAPAddAllowedPid, SBAPIsETWRunning, SBAPSetUserKnownEntityCallback, SBAPUninstallDriver
sbarva.dll
_ArvaSetBodyScannerCB@4, _ArvaSetQuarantineCB@4
sbhips.dll
SBHIPS_Start, SBHIPS_ClearProgramList, SBHIPS_Pause, SBHIPS_Resume, SBHIPS_GetState, SBHIPS_Stop, SBHIPS_AddProgram
sbte.dll
SBCSGetQuarantineRecordW, SBCSGetQuarantineRecordSizeW, SBCSQueryQuarantineIDW, SBCSUnquarantineThreatW, SBCSQueryThreatDataW, SBCSGetDefReleaseDateW, SBCSGetDefVersionW, SBCSApplyDefinitionUpdateW, SBCSScanBuffer, SBCSClearIgnoredThreats, SBCSAddIgnoredThreat, SBCSClearThreatCategoryActions, SBCSAddThreatCategoryActionW, SBCSResetScanOptions, SBCSSetLowRiskThreatDetection, SBCSQuarantineBufferW, SBCSSetScanOption, SBCSClearPathsToScan, SBCSAddPathToScanW, SBCSRunCleanerW, SBCSGetCleanerResultsSizeW, SBCSQuarantineFile2W, SBCSQuarantineFileW, SBCSDeleteThreatW, SBCSOpenThreatEngineW, SBCSSetLoggerCallbackW, SBCSGetCleanerResultsW, SBCSPurgeQuarantine, SBCSGetFileSignatureW, SBCSScanFileTrace, SBCSClearUserKnownEntityList, SBCSAddUserKnownEntity, SBCSSetScanProgressDetailCallbackW, SBCSSetScanProgressStateCallback, SBCSSetCleanerProgressCallbackW, SBCSGetBootTimeRegistrationStatus, SBCSUnRegisterBootTimeScanner, SBCSRegisterBootTimeScanner, SBCSSetQuarantineActionCallbackW, SBCSEnableAV, SBCSEncryptFileW, SBCSCloseThreatEngine, SBCSRunScanner, SBCSGetScannerResultsW, SBCSGetScannerResultsSizeW, SBCSSetScanDescriptionW, SBCSEnableRootkitEngine
shell32.dll
ShellExecuteExW, SHCreateDirectoryExW, SHGetFolderPathW
shlwapi.dll
UrlGetPartW, PathRemoveFileSpecW, PathFileExistsW, PathAppendW
spursdownload.dll
ThreatUpdateViaProxy, ProxyGetNextVersionNumber, SetSpursLoggingCallback, GetNextVersionNumber, SpursDownload, SpursProxyDownload, ThreatUpdate
user32.dll
wsprintfW, TranslateMessage, DispatchMessageW, UnregisterClassA, GetMessageW, CharNextW, PostThreadMessageW, LoadStringW, CharUpperW, MessageBoxW, GetSystemMetrics, PeekMessageW, MsgWaitForMultipleObjects
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpQueryDataAvailable, WinHttpReadData, WinHttpSetCredentials, WinHttpQueryAuthSchemes, WinHttpQueryHeaders, WinHttpReceiveResponse, WinHttpOpenRequest, WinHttpOpen, WinHttpSendRequest, WinHttpConnect, WinHttpCloseHandle
winmm.dll
timeGetTime
ws2_32.dll
WSAGetOverlappedResult, WSAEnumNetworkEvents, WSAConnect, WSARecv, WSAResetEvent, WSAEventSelect, WSACloseEvent, WSASend, WSASocketW, WSACreateEvent, WSASetEvent

SBAMSvc.exe

Sunbelt AntiMalware Common SDK Merge Module by Sunbelt Software (Signed)

Remove SBAMSvc.exe
Version:   4.0.4196
MD5:   c7d53053541a448febb1373abbaf79ef
SHA1:   f66ab84c5f0cd64b99dbf4b101c0f67328820e5e
SHA256:   b3ef24e9d2058add9e8829a9b973c618744906a03d849a009eabc495387003b9

What is SBAMSvc.exe?

Sunbelt Software Anti Malware Service for GFI (Sunbelt)/VIPRE Antivirus combines antispyware and antivirus together which detects and removes viruses, spyware, rootkits, bots, Trojans and all other types of malware. Sunbelt AntiMalware Common SDK is an anti-malware plugin framework that third party software developers can use to add antimalware solutions to their products.

About SBAMSvc.exe (from Sunbelt Software)

Get everything you need to protect your PC with Vipre Internet Security (Sunbelt Software/ GFI). This anti-malware solution includes a firewall and spam blocker for highly efficient online security th

DetailsDetails

File name:SBAMSvc.exe
Publisher:Sunbelt Software
Product name:Sunbelt AntiMalware Common SDK Merge Module
Description:Sunbelt Software Anti Malware Service
Typical file path:C:\Program Files\sunbelt software\vipre\sbamsvc.exe
File version:4.0.4196
Size:2.67 MB (2,804,280 bytes)
Certificate
Issued to:Sunbelt Software
Authority (CA):VeriSign
Effective date:Tuesday, October 20, 2009
Expiration date:Saturday, October 27, 2012
Digital DNA
Entropy:6.313187
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Ascentive
  53% remove
From the site: "The free download of Ascentive’s Registry Cleaner, Anti-Malware Software, and other trial products are intended to find issues, errors, threats, junk, and clutter that can be removed by single or multiple Ascentive products after paid activation. The free scans do not require payment and are set to run automatically every 7 days for your convenience. Uninstall is easy and can be done at any time using “Add/Remove Program...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'SBAMSvc' (Fix-It)
  • SBAMSvc
  • 'SBAMSvc' (VIPRE Antivirus)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00031384%
0.028634%
Kernel CPU:0.00018106%
0.013761%
User CPU:0.00013278%
0.014873%
Kernel CPU time:150 ms/min
100,923,805ms/min
Memory
Private memory:11.98 MB
21.59 MB
Private (maximum):17.3 MB
Private (minimum):260 KB
Non-paged memory:11.98 MB
21.59 MB
Virtual memory:85.34 MB
140.96 MB
Virtual memory (peak):88.34 MB
169.69 MB
Working set:332 KB
18.61 MB
Working set (peak):17.79 MB
37.95 MB
Resource allocations
Threads:16
12
Handles:260
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:"C:\Program Files\ascentive\spyware striker\sbamsvc.exe"
Owner:SYSTEM
Windows Service
Service name:SBAMSvc
Display name:Fix-It
Description:“Manages your anti-malware application.”
Type:Win32OwnProcess
Parent process:services.exe (Services and Controller app by Microsoft)

ResourcesThreads

Averages
 
sechost.dll
Total CPU:0.00014504%
0.272967%
Kernel CPU:0.00008461%
0.107585%
User CPU:0.00006043%
0.165382%
CPU cycles:4,836/sec
5,741,424/sec
Memory:100 KB
1.16 MB
SBAMSvc.exe (main module)
Total CPU:0.00003384%
Kernel CPU:0.00001934%
User CPU:0.00001450%
CPU cycles:960/sec
Memory:2.68 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 8 20.00%
Windows XP Professional 20.00%
Windows 7 Ultimate N 20.00%
Microsoft Windows XP 20.00%
Windows 8 Pro with Media Center 20.00%

Distribution by countryDistribution by country

France installs about 25.00% of Sunbelt AntiMalware Common SDK Merge Module.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE