home

sbrc.exe

GFI AntiMalware Active Protection SDK Merge Module

GFI Software (Florida) Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SBRegRebootCleaner’.
Publisher:
GFI Software  (signed by GFI Software (Florida) Inc.)

Product:
GFI AntiMalware Active Protection SDK Merge Module

Description:
Registry Cleaner

Version:
6.0.5449

MD5:
9c41a96a0ad0ea643cc3cadc9d8afb78

SHA-1:
787ee9c5aa9bd54399c6d235a40522249f120ce6

SHA-256:
c35bdd41bc16a67838357d513bb8c2eabb8b95be44635b901d7d9f392a2196ca

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 9:45:16 PM UTC  (today)

File size:
197 KB (201,728 bytes)

Product version:
6.0.5449

Copyright:
Copyright (c) 2012 GFI Software. All rights reserved.

Trademarks:
GFI Software is a registered trademark.

Original file name:
sbrc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ad-aware antivirus\sbrc.exe

Digital Signature
Signed by:
GFI Software (Florida) Inc.

Authority:
VeriSign, Inc.

Valid from:
1/26/2012 12:00:00 AM

Valid to:
1/25/2015 11:59:59 PM

Subject:
CN=GFI Software (Florida) Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GFI Software (Florida) Inc., L=Clearwater, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54323DBF4B8E5CFDD565697A3B7EBDDA

File PE Metadata
Compilation timestamp:
9/20/2012 4:27:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:zfovn/1Z5Z9uD3lmh7MC5hVVVMaHBi6GiCMMDW0iTPAsfksSb:zfk/IjAptJ/MaHBiti+DWFP75w

Entry address:
0xE8FE

Entry point:
E8, 5D, A4, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, B4, B8, 42, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, F0, 40, 42, 00, 33, C0, 39, 5D, 28, 53, 53, FF, 75, 18, 0F, 95, C0, FF, 75, 14, 8D, 04, C5, 01, 00, 00, 00, 50, FF, 75, 24, FF, D6, 8B, F8, 89...
 
[+]

Code size:
139 KB (142,336 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SBRegRebootCleaner

Command:
"C:\Program Files\ad-aware antivirus\sbrc.exe"


Scan sbrc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.