SBAMTray.exe
VIPRE Antivirus by GFI Software (Florida) Inc. (Signed)
| Version: | 6.2.4.7 |
| MD5: | 05a3e904be7075d4c1115317b3d757a1 |
| SHA1: | 0a2eeb36d40af30797381d4a90fc3fd6e8a66341 |
Overview
sbamtray.exe executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program VIPRE Antivirus published by GFI Software. The file is digitally signed by GFI Software (Florida) Inc. which was issued by the VeriSign certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7600.0).
Details
| File name: | sbamtray.exe |
| Publisher: | ThreatTrack Security, Inc. |
| Product name: | VIPRE Antivirus |
| Description: | SBAMTray Application |
| Typical file path: | C:\Program Files\gfi software\vipre\sbamtray.exe |
| File version: | 6.2.4.7 |
| Size: | 3.01 MB (3,155,776 bytes) |
| Build date: | 4/18/2013 11:43 AM |
| Certificate |
| Issued to: | GFI Software (Florida) Inc. |
| Authority (CA): | VeriSign |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
“Vipre Antivirus is the essential antivirus software that protects against over 100,000 new web threats every day without slowing down your computer. It also eliminates conflicts during installation with Vipre Easy Install, protects against email viruses and phishing scams and scans USB sticks and other removable drives for malicious software. Vipre Antivirus keeps your personal and financial information safe from identity theft, cybercr...”
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'SBAMTray' → "C:\Program Files\GFI Software\VIPRE\SBAMTray.exe"
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00026330% | |
| Kernel CPU: | 0.00003572% | |
| User CPU: | 0.00022758% | |
| Kernel CPU time: | 3,198 ms/min | |
| Memory |
| Private memory: | 2.98 MB | |
| Private (maximum): | 2.24 MB | |
| Private (minimum): | 1.59 MB | |
| Non-paged memory: | 2.98 MB | |
| Virtual memory: | 93.59 MB | |
| Virtual memory (peak): | 97.6 MB | |
| Working set: | 2.16 MB | |
| Working set (peak): | 8.11 MB | |
| Resource allocations |
| Threads: | 5 | |
| Handles: | 136 | |
| GUI GDI count: | 90 | |
| GUI GDI peak: | 93 | |
| GUI USER count: | 26 | |
| GUI USER peak: | 27 | |
Process properties
| Tray notification: | Yes |
| Integrety level: | Undefined |
| Platform: | 64-bit |
| Command line: | "C:\Program Files\gfi software\vipre\sbamtray.exe" |
| Owner: | User |
Threads
Averages
| ntdll.dll |
| Total CPU: | 0.13119977% | |
| Kernel CPU: | 0.05247991% | |
| User CPU: | 0.07871986% | |
| CPU cycles: | 3,822,916/sec | |
| Memory: | 1.68 MB | |
| SBAMTray.exe (main module) |
| Total CPU: | 0.00376215% | |
| Kernel CPU: | 0.00140159% | |
| User CPU: | 0.00236057% | |
| CPU cycles: | 185,952/sec | |
| Memory: | 3.06 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
100.00% |
|
