mcshield.exe
Anti-Malware Core by McAfee (Signed)
Version: | Anti-Malware Core.1.0.0.1921.x86 |
MD5: | c022f0f5a5c137bf7579f851b6d819b1 |
SHA1: | ec781cfb6903162ae48103e7b3800bf556b1902c |
What is mcshield.exe?
McAfee On-Access Scanner service features true blocking On Access Scanning. It scans every file being accessed from or written to the machine and blocks infections if any. On Access Scanner can be configured to scan on Read Only, Write only or both. It can also be configured to scan files on network volumes.
Overview
mcshield.exe runs as a service under the name McAfee Anti-Malware Core (mfecore) with extensive SYSTEM privileges (full administrator access). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). The file is digitally signed by McAfee which was issued by the VeriSign certificate authority (CA).
Details
File name: | mcshield.exe |
Publisher: | McAfee, Inc. |
Product name: | Anti-Malware Core |
Description: | McAfee On-Access Scanner service |
Typical file path: | C:\Program Files\common files\mcafee\amcore\mcshield.exe |
File version: | Anti-Malware Core.1.0.0.1921.x86 |
Size: | 609 KB (623,616 bytes) |
Certificate |
Issued to: | McAfee |
Authority (CA): | VeriSign |
Effective date: | Friday, June 10, 2011 |
Digital DNA |
File packed: | No |
Code language: | Microsoft Visual C# / Basic .NET |
.NET CLR: | Yes |
.NET NGENed: | No |
More details
Behaviors
Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'mfecore' (McAfee Anti-Malware Core)
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00103215% | |
Kernel CPU: | 0.00080497% | |
User CPU: | 0.00022718% | |
Kernel CPU time: | 1,814,479 ms/min | |
Memory |
Private memory: | 192.11 MB | |
Private (maximum): | 172.85 MB | |
Private (minimum): | 168.46 MB | |
Non-paged memory: | 192.11 MB | |
Virtual memory: | 378.49 MB | |
Virtual memory (peak): | 390.43 MB | |
Working set: | 172.59 MB | |
Working set (peak): | 180.48 MB | |
Resource allocations |
Threads: | 38 | |
Handles: | 666 | |
Process properties
Integrety level: | System |
Platform: | 32-bit |
Command line: | "C:\Program Files\common files\mcafee\amcore\mcshield.exe" |
Owner: | SYSTEM |
Windows Service |
Service name: | mfecore |
Display name: | McAfee Anti-Malware Core |
Description: | “McAfee OnAccess Scanner” |
Type: | Win32OwnProcess |
Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
ncapi.dll (Anti-Malware Core by McAfee) |
Total CPU: | 1.83720990% | |
Kernel CPU: | 0.19118961% | |
User CPU: | 1.64602030% | |
CPU cycles: | 34,613,468/sec | |
Memory: | 92 KB | |
MCNormalizer.dat |
Total CPU: | 0.32755822% | |
Kernel CPU: | 0.08078108% | |
User CPU: | 0.24677714% | |
CPU cycles: | 6,004,097/sec | |
Memory: | 156 KB | |
ADVAPI32.dll |
Total CPU: | 0.07517000% | |
Kernel CPU: | 0.05879634% | |
User CPU: | 0.01637366% | |
CPU cycles: | 1,361,946/sec | |
Memory: | 792 KB | |
emmain.dll (Anti-Malware Core by McAfee) |
Total CPU: | 0.03268667% | |
Kernel CPU: | 0.00385118% | |
User CPU: | 0.02883550% | |
CPU cycles: | 655,719/sec | |
Memory: | 216 KB | |
MSVCR90.dll |
Total CPU: | 0.00774689% | |
Kernel CPU: | 0.00260552% | |
User CPU: | 0.00514137% | |
CPU cycles: | 162,068/sec | |
Memory: | 652 KB | |
ts.dat |
Total CPU: | 0.00051859% | |
Kernel CPU: | 0.00019447% | |
User CPU: | 0.00032412% | |
CPU cycles: | 9,872/sec | |
Memory: | 1.04 MB | |
mcshield.exe (main module) |
Total CPU: | 0.00009708% | |
Kernel CPU: | 0.00009708% | |
User CPU: | 0.00000000% | |
CPU cycles: | 3,544/sec | |
Memory: | 616 KB | |
RPCRT4.dll |
Total CPU: | 0.00003236% | |
Kernel CPU: | 0.00003236% | |
User CPU: | 0.00000000% | |
CPU cycles: | 133/sec | |
Memory: | 780 KB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
27.94% |
|
Windows 8.1 |
22.06% |
|
Windows 8.1 Single Language |
16.18% |
|
Windows 8 |
16.18% |
|
Windows 8 Single Language |
5.88% |
|
Windows 8.1 Pro with Media Center |
2.94% |
|
Windows 8 Pro |
2.94% |
|
Windows 7 Professional |
1.47% |
|
Windows 7 Ultimate |
1.47% |
|
Windows Vista Home Premium |
1.47% |
|
Windows 7 Starter |
1.47% |
|
Distribution by country
United States installs about 50.00% of Anti-Malware Core.
Distribution by PC manufacturer
PC Manufacturer | distribution |
ASUS |
29.13% |
|
Dell |
23.30% |
|
Acer |
12.62% |
|
Lenovo |
11.65% |
|
Hewlett-Packard |
11.65% |
|
Sony |
7.77% |
|
Toshiba |
3.88% |
|