coreserviceshell.exe
Trend Micro Anti-Malware Solution Platform by Trend Micro (Signed)
Version: | 3.0.0.1249 |
MD5: | e1d8f96772f6bbe990b435580ca9c33b |
SHA1: | 5e3ef03092c1bcf7865ef0425f40ad8774152e00 |
SHA256: | 13eaf541bab26eab758521eae7fc70d591b2bd2f6cb33e78d7f58fb169dddf0c |
What is coreserviceshell.exe?
Trend Micro Anti-Malware Solution Platform is part of Trend Micro security framework which provides antivirus and and antimalware detection and removal.
About coreserviceshell.exe (from Trend Micro)
“Strong, fast and easy-to-use security Trend Micro Anti-Malware provides essential protection so you can email and surf the web hassle free. Trend Micro Anti-Malware uses cloud technology to proactivel”
Details
File name: | coreserviceshell.exe |
Publisher: | Trend Micro Inc. |
Product name: | Trend Micro Anti-Malware Solution Platform |
Typical file path: | C:\Program Files\trend micro\amsp\coreserviceshell.exe |
File version: | 3.0.0.1249 |
Product version: | 3.0 |
Size: | 298.59 KB (305,760 bytes) |
Build date: | 7/15/2013 12:26 PM |
Certificate |
Issued to: | Trend Micro |
Authority (CA): | VeriSign |
Expiration date: | Thursday, February 16, 2012 |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
“Safeguards against email phishing scams with the best phishing detection rates, guarding against identity theft. Blocks viruses and dangerous links with the fastest protection against new web threats. Protects against spyware by identifying dangerous links in websites, social networks, emails and instant messaging. Identifies safe and dangerous links in search engines so you can browse without having to worry about online threats. Tren...”
“Strong, fast and easy-to-use security--Trend Micro Titanium Internet Security provides advanced protection for your family so you can connect with confidence. Titanium uses cloud technology to proactively stop viruses and spyware before they reach your computer, so it won't slow you down. It's the same technology we use to protect some of the world's biggest businesses, now available to you. Real-time updates keep your computer protecte...”
“Trend Micro Titanium Maximum Security is all-in-one, easy-to-use protection for everything you and your family do online-email, socialize, bank, browse, shop, and more. It provides you with a friendly interface, simple screens, and clear reports. In addition to blocking viruses and malware, Titanium Maximum Security features the new Facebook Privacy Scanner that helps you identify settings that may leave your personal information vulner...”
“Blocks viruses, spyware, worms and Trojans, preventing infection of your computer. Trend Micro Titanium Security protects your privacy on Facebook, Twitter and Google+ by identifying privacy settings that may leave your personal information publicly available and vulnerable to identity theft.
Trend Micro Titanium Security is the fastest in protecting against new web threats, unlike other security solutions that leave you exposed lon...”
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'Amsp' (Security Solution Platform)
- Amsp
Network connections
[TCP] a23-214-180-117.deploy.static.akamaitechnologies.com (23.214.180.117:443)
[TCP] ec2-107-23-37-165.compute-1.amazonaws.com (107.23.37.165:80)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00133383% | |
Kernel CPU: | 0.00077032% | |
User CPU: | 0.00056351% | |
Kernel CPU time: | 589,335 ms/min | |
CPU cycles: | 1,063,580/sec | |
Memory |
Private memory: | 336.14 MB | |
Private (maximum): | 189.05 MB | |
Private (minimum): | 23.51 MB | |
Non-paged memory: | 336.14 MB | |
Virtual memory: | 1.23 GB | |
Virtual memory (peak): | 490.62 MB | |
Working set: | 127.21 MB | |
Working set (peak): | 277.85 MB | |
Page faults: | 60,665,871/min | |
I/O |
I/O read transfer: | 75.69 MB/sec | |
I/O read operations: | 26,323/sec | |
I/O write transfer: | 1.61 MB/sec | |
I/O write operations: | 232/sec | |
I/O other transfer: | 4.27 MB/sec | |
I/O other operations: | 45,018/sec | |
Resource allocations |
Threads: | 128 | |
Handles: | 3178 | |
Process properties
Integrety level: | System |
Platform: | 64-bit |
Command lines: |
- "C:\Program Files\trend micro\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=rb -dt=60000 -ad -bt=0
- "C:\Program Files\trend micro\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=qb -dt=60000 -ad -bt=0
|
Owner: | SYSTEM |
Windows Service |
Service name: | Amsp |
Display name: | Security Solution Platform |
Description: | “Manages security modules” |
Type: | Win32OwnProcess |
Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
TmpxCtl.dll |
Total CPU: | 0.18155390% | |
Kernel CPU: | 0.17038917% | |
User CPU: | 0.01116473% | |
CPU cycles: | 11,425,444/sec | |
Memory: | 676 KB | |
TmSysEvt.dll |
Total CPU: | 0.13811662% | |
Kernel CPU: | 0.06611598% | |
User CPU: | 0.07200064% | |
CPU cycles: | 5,133,609/sec | |
Memory: | 216 KB | |
MSVCR110.dll |
Total CPU: | 0.05202049% | |
Kernel CPU: | 0.01466389% | |
User CPU: | 0.03735660% | |
CPU cycles: | 1,558,459/sec | |
Context switches: | 1/sec | |
Memory: | 848 KB | |
DLTI.dll |
Total CPU: | 0.03286365% | |
Kernel CPU: | 0.00064356% | |
User CPU: | 0.03222008% | |
CPU cycles: | 2,632,777/sec | |
Context switches: | 1/sec | |
Memory: | 2.41 MB | |
tmles64.dll (Endoint Correlation Engine by Trend Micro) |
Total CPU: | 0.00439209% | |
Kernel CPU: | 0.00223457% | |
User CPU: | 0.00215752% | |
CPU cycles: | 256,582/sec | |
Memory: | 420 KB | |
ntdll.dll |
Total CPU: | 0.00058569% | |
Kernel CPU: | 0.00050380% | |
User CPU: | 0.00008189% | |
CPU cycles: | 14,414/sec | |
Memory: | 1.66 MB | |
coreServiceShell.exe (main module) |
Total CPU: | 0.00035015% | |
Kernel CPU: | 0.00035015% | |
User CPU: | 0.00000000% | |
CPU cycles: | 11,446/sec | |
Memory: | 312 KB | |
TmpeSAL.dll |
Total CPU: | 0.00027985% | |
Kernel CPU: | 0.00004721% | |
User CPU: | 0.00023264% | |
CPU cycles: | 9,192/sec | |
Memory: | 248 KB | |
tmfbeng.dll (Trend Micro Feedback Engine by Trend Micro) |
Total CPU: | 0.00019706% | |
Kernel CPU: | 0.00016558% | |
User CPU: | 0.00003148% | |
CPU cycles: | 7,967/sec | |
Memory: | 656 KB | |
tmtdi.dll (Trend Micro Network Security Components by Trend Micro) |
Total CPU: | 0.00007708% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00007708% | |
CPU cycles: | 7,706/sec | |
Memory: | 408 KB | |
dre.dll (Damage Recovery Engine by Trend Micro) |
Total CPU: | 0.00006295% | |
Kernel CPU: | 0.00004459% | |
User CPU: | 0.00001836% | |
CPU cycles: | 32,264/sec | |
Memory: | 1.31 MB | |
sechost.dll (Host for SCM/SDDL/LSA Lookup APIs by Microsoft) |
Total CPU: | 0.00002097% | |
Kernel CPU: | 0.00001048% | |
User CPU: | 0.00001048% | |
CPU cycles: | 42,455/sec | |
Memory: | 124 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
58.21% |
|
Windows 7 Ultimate |
10.45% |
|
Windows 8 |
10.45% |
|
Windows 7 Home Basic |
7.46% |
|
Windows 7 Professional |
4.48% |
|
Microsoft Windows XP |
2.99% |
|
Windows 8 Pro |
2.99% |
|
Windows 7 Starter |
1.49% |
|
Windows 7 Ultimate N |
1.49% |
|
Distribution by country
United States installs about 46.27% of Trend Micro Anti-Malware Solution Platform.
Distribution by PC manufacturer
PC Manufacturer | distribution |
ASUS |
21.21% |
|
Hewlett-Packard |
18.18% |
|
Dell |
15.15% |
|
Sony |
12.12% |
|
Toshiba |
9.09% |
|
NEC |
9.09% |
|
Acer |
6.06% |
|
Lenovo |
6.06% |
|
GIGABYTE |
3.03% |
|