tsasetup.exe

File Type Assistant

FTA APS

The application tsasetup.exe by FTA APS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program File Type Assistant by Trusted Software which is a potentially unwanted software program.
Publisher:
FTA APS  (signed and verified)

Product:
File Type Assistant

Version:
2014.5.21.0

MD5:
838729a7a3686391ca45591cb6392792

SHA-1:
290af1a16652fc7449be7db3049456ae60604556

SHA-256:
9347ed268e7242b54cea62894c1959c9c0fa7aafdd05b439f1bca0577a10faf9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/15/2024 9:36:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.20.14

File size:
1.4 MB (1,512,640 bytes)

Product version:
2014.5.21.0

Copyright:
Copyright © 2010-2014 FTA ApS

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\Program Files\file type assistant\tsasetup.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/4/2014 2:00:00 AM

Valid to:
4/5/2015 1:59:59 AM

Subject:
CN=FTA APS, O=FTA APS, STREET=Bysoestrade 2B st., L=Holbaek, S=DK, PostalCode=4300, C=DK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A8BF96664C5D11A73AA0900284E705CE

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9904

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Scheduled Task
Task name:
ProgramRefresh-ATFST

Trigger:
Daily (Runs daily at 16:19)


The file tsasetup.exe has been discovered within the following program.

File Type Assistant  by Trusted Software
File Type Assistant is typically bundled by various 3rd party software through modified installers of generally free open source software using the InstallIQ downloader.
www.trustedsoftware.com/utility-software/free-file-viewer.html
74% remove it
 
Powered by Should I Remove It?

Remove tsasetup.exe - Powered by Reason Core Security