coreserviceshell.exe
Trend Micro Anti-Malware Solution Platform by Trend Micro (Signed)
Version: | 2.5.0.1331 |
MD5: | 1e7b61301e75b734bc2d60db0e15183b |
SHA1: | c116cc16fa92c27d75f1c1de000f6fcf996a7cf0 |
SHA256: | 18a06552ffbd9960061b8cc9d22186b694114026bdcd04e50fd30b812452c714 |
What is coreserviceshell.exe?
Trend Micro Anti-Malware Solution Platform is part of Trend Micro security framework which provides antivirus and and antimalware detection and removal.
About coreserviceshell.exe (from Trend Micro)
“Strong, fast and easy-to-use security Trend Micro Anti-Malware provides essential protection so you can email and surf the web hassle free. Trend Micro Anti-Malware uses cloud technology to proactivel”
Details
File name: | coreserviceshell.exe |
Publisher: | Trend Micro Inc. |
Product name: | Trend Micro Anti-Malware Solution Platform |
Typical file path: | C:\Program Files\trend micro\amsp\coreserviceshell.exe |
File version: | 2.5.0.1331 |
Product version: | 2.5 |
Size: | 303.66 KB (310,952 bytes) |
Certificate |
Issued to: | Trend Micro |
Authority (CA): | VeriSign |
Expiration date: | Thursday, February 16, 2012 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
“Strong, fast and easy-to-use security--Trend Micro Titanium Internet Security provides advanced protection for your family so you can connect with confidence. Titanium uses cloud technology to proactively stop viruses and spyware before they reach your computer, so it won't slow you down. It's the same technology we use to protect some of the world's biggest businesses, now available to you. Real-time updates keep your computer protecte...”
“Strong, fast and easy-to-use security--Trend Micro Titanium Internet Security provides advanced protection for your family so you can connect with confidence. Titanium uses cloud technology to proactively stop viruses and spyware before they reach your computer, so it won't slow you down. It's the same technology we use to protect some of the world's biggest businesses, now available to you. Real-time updates keep your computer protecte...”
“Trend Micro Titanium Maximum Security is all-in-one, easy-to-use protection for everything you and your family do online-email, socialize, bank, browse, shop, and more. It provides you with a friendly interface, simple screens, and clear reports. In addition to blocking viruses and malware, Titanium Maximum Security features the new Facebook Privacy Scanner that helps you identify settings that may leave your personal information vulner...”
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'Amsp' (Security Solution Platform)
- Amsp
Network connections
[TCP] a23-67-251-56.deploy.static.akamaitechnologies.com (23.67.251.56:80)
[TCP] 198.87.182.217:80
[TCP] a23-39-52-42.deploy.static.akamaitechnologies.com (23.39.52.42:443)
[TCP] a63.110.246.41.deploy.akamaitechnologies.com (63.110.246.41:80)
[TCP] a23-67-100-42.deploy.akamaitechnologies.com (23.67.100.42:443)
[TCP] a23-59-190-131.deploy.akamaitechnologies.com (23.59.190.131:80)
[TCP] a23-4-100-42.deploy.akamaitechnologies.com (23.4.100.42:443)
[TCP] a23-62-239-10.deploy.akamaitechnologies.com (23.62.239.10:80)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00418732% | |
Kernel CPU: | 0.00332574% | |
User CPU: | 0.00086158% | |
Kernel CPU time: | 277,562 ms/min | |
CPU cycles: | 10,085,811/sec | |
Context switches: | 753/sec | |
Memory |
Private memory: | 279.2 MB | |
Private (maximum): | 194.99 MB | |
Private (minimum): | 12.07 MB | |
Non-paged memory: | 279.2 MB | |
Virtual memory: | 817.31 MB | |
Virtual memory (peak): | 622.18 MB | |
Working set: | 68.4 MB | |
Working set (peak): | 212.1 MB | |
Page faults: | 20,219,918/min | |
I/O |
I/O read transfer: | 23.91 MB/sec | |
I/O read operations: | 7,285/sec | |
I/O write transfer: | 1.07 MB/sec | |
I/O write operations: | 386/sec | |
I/O other transfer: | 160.19 KB/sec | |
I/O other operations: | 8,373/sec | |
Resource allocations |
Threads: | 275 | |
Handles: | 2474 | |
Process properties
Integrety level: | System |
Platform: | 64-bit |
Command lines: |
- "C:\Program Files\trend micro\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=rb -dt=60000 -ad
- "C:\Program Files\nttw\security\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=rb -dt=60000 -ad
- "C:\Program Files\trend micro\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=nb -dt=60000 -ad
|
Owner: | SYSTEM |
Windows Service |
Service name: | Amsp |
Display name: | Security Solution Platform |
Description: | “Manages security modules” |
Type: | Win32OwnProcess |
Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
ntdll.dll |
Total CPU: | 0.45918764% | |
Kernel CPU: | 0.12903970% | |
User CPU: | 0.33014794% | |
CPU cycles: | 9,937,400/sec | |
Memory: | 1.66 MB | |
tmsysevt.dll (Trend Micro Eyes by Trend Micro) |
Total CPU: | 0.28658520% | |
Kernel CPU: | 0.11017083% | |
User CPU: | 0.17641436% | |
CPU cycles: | 7,980,182/sec | |
Context switches: | 449/sec | |
Memory: | 172 KB | |
dlti.dll (Dynamic Layer Threat Inspector by Trend Micro) |
Total CPU: | 0.17513126% | |
Kernel CPU: | 0.00414795% | |
User CPU: | 0.17098331% | |
CPU cycles: | 6,981,772/sec | |
Context switches: | 1/sec | |
Memory: | 1.71 MB | |
MSVCR80.dll |
Total CPU: | 0.09647466% | |
Kernel CPU: | 0.01574473% | |
User CPU: | 0.08072994% | |
CPU cycles: | 2,576,095/sec | |
Context switches: | 14/sec | |
Memory: | 804 KB | |
tmles64.dll (Endoint Correlation Engine by Trend Micro) |
Total CPU: | 0.01788169% | |
Kernel CPU: | 0.00629045% | |
User CPU: | 0.01159124% | |
CPU cycles: | 522,468/sec | |
Memory: | 484 KB | |
tmfbeng.dll (Trend Micro Feedback Engine by Trend Micro) |
Total CPU: | 0.00094185% | |
Kernel CPU: | 0.00032199% | |
User CPU: | 0.00061985% | |
CPU cycles: | 23,760/sec | |
Memory: | 656 KB | |
coreServiceShell.exe (main module) |
Total CPU: | 0.00084747% | |
Kernel CPU: | 0.00073319% | |
User CPU: | 0.00011428% | |
CPU cycles: | 22,720/sec | |
Memory: | 320 KB | |
CRYPT32.dll |
Total CPU: | 0.00082736% | |
Kernel CPU: | 0.00062052% | |
User CPU: | 0.00020684% | |
CPU cycles: | 25,018/sec | |
Memory: | 1.82 MB | |
dre.dll (Damage Recovery Engine by Trend Micro) |
Total CPU: | 0.00046114% | |
Kernel CPU: | 0.00031172% | |
User CPU: | 0.00014942% | |
CPU cycles: | 24,709/sec | |
Memory: | 1.53 MB | |
sechost.dll |
Total CPU: | 0.00016924% | |
Kernel CPU: | 0.00016924% | |
User CPU: | 0.00000000% | |
CPU cycles: | 28,367/sec | |
Context switches: | 1/sec | |
Memory: | 288 KB | |
ole32.dll |
Total CPU: | 0.00003459% | |
Kernel CPU: | 0.00000692% | |
User CPU: | 0.00002767% | |
CPU cycles: | 1,808/sec | |
Memory: | 2.01 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
58.21% |
|
Windows 7 Ultimate |
10.45% |
|
Windows 8 |
10.45% |
|
Windows 7 Home Basic |
7.46% |
|
Windows 7 Professional |
4.48% |
|
Microsoft Windows XP |
2.99% |
|
Windows 8 Pro |
2.99% |
|
Windows 7 Starter |
1.49% |
|
Windows 7 Ultimate N |
1.49% |
|
Distribution by country
United States installs about 46.27% of Trend Micro Anti-Malware Solution Platform.
Distribution by PC manufacturer
PC Manufacturer | distribution |
ASUS |
21.21% |
|
Hewlett-Packard |
18.18% |
|
Dell |
15.15% |
|
Sony |
12.12% |
|
Toshiba |
9.09% |
|
NEC |
9.09% |
|
Acer |
6.06% |
|
Lenovo |
6.06% |
|
GIGABYTE |
3.03% |
|