» tsasetup.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

tsasetup.exe

File Type Assistant

Trusted Software ApS

The application tsasetup.exe by Trusted Software ApS has been detected as adware by 6 anti-malware scanners. The program is a setup application that uses the BundleInstaller installer. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program File Type Assistant by Trusted Software which is a potentially unwanted software program. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.

File name:

tsasetup.exe

Publisher:

Trusted Software ApS (signed and verified)

Product:

File Type Assistant

Version:

2012.11.9.0

MD5:

c5eaeb7c965118e65d586faf2028ab32

SHA-1:

05b809151a8bff56b9ccbbd872bb400cc948a50e

SHA-256:

94075b6678195342303fb40ed4fbb3243df3422e2302c890411773ab1f141b1d

Scanner detections:

6 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/19/2024 4:33:07 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/InstallCore.CK.8

7.11.94.138

AVG

InstallCore

2015.0.3400

ESET NOD32

Win32/FileTypeAssistant (variant)

8.9665

F-Prot

W32/Backdoor2.HTOA

v6.4.7.1.166

Reason Heuristics

PUP.Task.TrustedSoftware.I

14.8.8.1

Vba32 AntiVirus

Signed-Adware.InstallCore

3.12.22.3

File size:

1.2 MB (1,260,896 bytes)

Product version:

2012.11.9.0

File type:

Executable application (Win32 EXE)

Bundler/Installer:

BundleInstaller (using Inno Setup)

Language:

Language Neutral

Common path:

C:\Program Files\file type assistant\tsasetup.exe

Digital Signature

Signed by:

Trusted Software ApS

Authority:

The USERTRUST Network

Valid from:

11/11/2010 7:00:00 PM

Valid to:

11/11/2013 6:59:59 PM

Subject:

CN=Trusted Software ApS, O=Trusted Software ApS, STREET=Blomsterhaven 42, L=Holbaek, S=n/a, PostalCode=4300, C=DK

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

1DA7007608C324C640CE3FBCC9418735

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:qnaXMs66++J8sDVEyrGTfMdIUg7+HIeoTm+VKnmoMevBe:qacsbicVEyrqjU0XK3mohe

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Entropy:

7.9867

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Scheduled Task

Task name:

ProgramRefresh-ATFST

Trigger:

Daily (Runs daily at 6:01 AM)

Action:

tsasetup.exe \refresh \verysilent

The file tsasetup.exe has been discovered within the following program.

File Type Assistant by Trusted Software

File Type Assistant is typically bundled by various 3rd party software through modified installers of generally free open source software using the InstallIQ downloader.

www.trustedsoftware.com/utility-software/free-file-viewer.html

74% remove it

Remove tsasetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.