tsassist.exe

The File Type Assistant

FTA APS

The application tsassist.exe, “Find software to open your files” by FTA APS has been detected as a potentially unwanted program by 2 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named ProgramUpdateCheck triggered to execute each time a user logs in. This file is typically installed with the program File Type Assistant by Trusted Software which is a potentially unwanted software program. While running, it connects to the Internet address file.org on port 80 using the HTTP protocol.
Publisher:
FTA APS  (signed and verified)

Product:
The File Type Assistant

Description:
Find software to open your files

Version:
2014.5.21.0

MD5:
bc644ffc1fc5466d4d672c8ed1cb94b0

SHA-1:
3f6617da02bbef9a72646509e4f8a3615e814de8

SHA-256:
e400e4bf821ad58fa9a5a0d601b4a737d257dbf7adcf9ddd9f3f2f8996543996

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:24:58 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/FileTypeAssistant (variant)
8.9852

Reason Heuristics
PUP.FTAAPS
15.4.24.0

File size:
2.7 MB (2,834,840 bytes)

Product version:
2014.5.21.0

Copyright:
(C) 2010-2014 FTA ApS

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\file type assistant\tsassist.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/3/2014 8:00:00 PM

Valid to:
4/4/2015 7:59:59 PM

Subject:
CN=FTA APS, O=FTA APS, STREET=Bysoestrade 2B st., L=Holbaek, S=DK, PostalCode=4300, C=DK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A8BF96664C5D11A73AA0900284E705CE

File PE Metadata
Compilation timestamp:
5/21/2014 7:42:36 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:XDL88Iyfw9XMAiGg1i+lSejKrqR5F31CnZdO6TSTGSZOqo:XDL8piGg1iab31CnZnSZOqo

Entry address:
0x1848

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, A0, 60, 00, A1, 9F, A0, 60, 00, C1, E0, 02, A3, A3, A0, 60, 00, 52, 6A, 00, E8, 3F, 72, 20, 00, 8B, D0, E8, FE, 69, 1F, 00, 5A, E8, 20, 69, 1F, 00, E8, 4B, 6B, 1F, 00, 6A, 00, E8, 84, 86, 1F, 00, 59, 68, 48, A0, 60, 00, 6A, 00, E8, 19, 72, 20, 00, A3, A7, A0, 60, 00, 6A, 00, E9, 4F, 2E, 20, 00, E9, B6, 86, 1F, 00, 33, C0, A0, 91, A0, 60, 00, C3, A1, A7, A0, 60, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, EC, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.6857

Code size:
2 MB (2,134,016 bytes)

Scheduled Task
Task name:
ProgramUpdateCheck

Trigger:
Logon (Runs on logon)

Action:
tsassist.exe \chkupd


The file tsassist.exe has been discovered within the following program.

File Type Assistant  by Trusted Software
File Type Assistant is typically bundled by various 3rd party software through modified installers of generally free open source software using the InstallIQ downloader.
www.trustedsoftware.com/utility-software/free-file-viewer.html
74% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to file.org  (66.39.64.146:80)

Remove tsassist.exe - Powered by Reason Core Security