tsassist.exe

The File Type Assistant

Trusted Software ApS

The application tsassist.exe, “Find software to open your files” by Trusted Software ApS has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named ProgramUpdateCheck triggered to execute each time a user logs in.
Publisher:
Trusted Software ApS  (signed and verified)

Product:
The File Type Assistant

Description:
Find software to open your files

Version:
2014.3.25.0

MD5:
28f859ee69c732dbecf538985a87f17e

SHA-1:
14b83063319dad18dd18fe43460c9ffddc953a2c

SHA-256:
40cfb07ea76c32e97be6ed83ee831ce35a26189dd2f4d49cab0aaf0359d8ea6c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/27/2024 1:21:19 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TrustedS (M)
16.7.3.17

File size:
2.8 MB (2,912,703 bytes)

Product version:
2014.3.25.0

Copyright:
(C) 2010-2014 Trusted Software ApS

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\file type assistant\tsassist.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
3/24/2014 5:00:00 PM

Valid to:
3/24/2016 4:59:59 PM

Subject:
CN=Trusted Software ApS, O=Trusted Software ApS, L=Holbæk, S=DK, C=DK

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
12FE568131862C85A5B239B2F3CFF137

File PE Metadata
Compilation timestamp:
3/25/2014 2:28:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:mEcAUmTcfP2CkijQ9+YFSCwHOEuX3m58l4ONTxTjS6KXwRz:mEAmijQ9Ofu3m58lRS67Rz

Entry address:
0x1848

Entry point:
E9, 6E, ED, 19, 00, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, A0, 60, 00, A1, 9F, A0, 60, 00, C1, E0, 02, A3, A3, A0, 60, 00, 52, 6A, 00, E8, 37, 72, 20, 00, 8B, D0, E8, F6, 69, 1F, 00, 5A, E8, 18, 69, 1F, 00, E8, 43, 6B, 1F, 00, 6A, 00, E8, 7C, 86, 1F, 00, 59, 68, 48, A0, 60, 00, 6A, 00, E8, 11, 72, 20, 00, A3, A7, A0, 60, 00, 6A, 00, E9, 47, 2E, 20, 00, E9, AE, 86, 1F, 00, 33, C0, A0, 91, A0, 60, 00, C3, A1, A7, A0, 60, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, EC, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.7468

Packer / compiler:
Xtreme-Protector v1.05

Code size:
2 MB (2,134,016 bytes)

Scheduled Task
Task name:
ProgramUpdateCheck

Trigger:
Logon (Runs on logon)


Remove tsassist.exe - Powered by Reason Core Security