Trusted Software ApS - 7% Detection Rate *

Did you just run into a download or a file on your computer that has been digitally signed by Trusted Software ApS? Some of the security products refers to the detected files as PUP.Optional.Installcore and ADWARE/InstallCore.Gen7. The detection rate for the Trusted Software ApS files collected here is 7%. Please read on for more details.

You will typically notice Trusted Software ApS when clicking to run the file. The publisher name shows up as the "Verified publisher" in the UAC dialog as the screengrab shows:

Screenshot where Trusted Software ApS appears as the verified publisher in the UAC dialog

You can view the additional details from the Trusted Software ApS digital signature with the following procedure:

  1. Open up Windows Explorer and locate the Trusted Software ApS file
  2. Right-click the file and select Properties
  3. Click the Digital Signatures tab
  4. Click the View Certificate button

Here's a screenshot of a file digitally signed by Trusted Software ApS:

Screenshot of the Trusted Software ApS certificate

As you can see in the screenshot above, the Windows OS states that "This digital signature is OK". This implies that the file has been published by Trusted Software ApS and that the file has not been tampered with.

If you click the View Certificate button shown in the screenshot above, you can examine all the details of the certificate, such as when it was issued, who issued the certificate, how long it is valid, and so on. You can also see the address for Trusted Software ApS, such as the street name, city and country.

UTN-USERFirst-Object, Thawte Code Signing CA - G2 and COMODO Code Signing CA 2 has issued the Trusted Software ApS certificates. You can also examine the details of the issuer by clicking the View Certificate button shown in the screenshot above.

Trusted Software ApS Files

The following are the Trusted Software ApS files I have gathered, thanks to the FreeFixer users.

Detection RatioFile Name
1/47~tmp.exe
1/54TSAssist.exe
1/50~tmp.exe
3/50~tmp.exe
14/47ICReinstall_SoftwareUpdateSetup.exe
4/47ICReinstall_RealPlayerSetup-14333767-none (1).exe
9/47ICReinstall_SoftwareUpdateSetup.exe
11/45ICReinstall_SoftwareUpdateSetup.exe
6/50ICReinstall_RealPlayerSetup-14333767-none.exe
4/48ICReinstall_MicrosoftSilverlightSetup-12430814-none.exe
1/57tsassist.exe
10/47SoftwareUpdateSetup.exe
15/46ICReinstall_SoftwareUpdateSetup.exe
4/47ICReinstall_SoftwareUpdateSetup.exe
6/50ICReinstall_AdobeReaderSetup-11727605-none.exe
5/50ICReinstall_RealPlayerSetup-14333767-none (2).exe
7/50ICReinstall_SoftwareUpdateSetup.exe
7/47ICReinstall_SoftwareUpdateSetup.exe
8/51ICReinstall_SoftwareUpdateSetup.exe
0/43tsassist.exe
0/48_iu14D2N.tmp
0/46tsassist.exe
0/50TSAssist.exe
0/46TSAssist.exe

Scanner and Detection Names

Here's the detection names for the Trusted Software ApS files. I've grouped the detection names by each scanner engine. Thanks to VirusTotal for the scan results.

ScannerDetection Names
AVGMalSign.Trusops.C4B
AntiVirADWARE/InstallCore.Gen7, APPL/InstallCore.AK
BkavW32.HfsAdware.B705, W32.Clodcf1.Trojan.66c1
ComodoApplicUnwnt, Application.Win32.InstallCore.BWAM
DrWebAdware.InstallCore.119, Adware.InstallCore.133, Trojan.Packed.25266
ESET-NOD32a variant of Win32/FileTypeAssistant.A, a variant of Win32/InstallCore.CF, a variant of Win32/InstallCore.DN, a variant of Win32/InstallCore.CH, a variant of Win32/InstallCore.BY, a variant of Win32/InstallCore.CX, a variant of Win32/InstallCore.DO, a variant of Win32/InstallCore.FJ, a variant of Win32/InstallCore.JE.gen, Win32/Injected.I
F-ProtW32/InstallCore.R4.gen!Eldorado, W32/InstallCore.R2.gen!Eldorado
IkarusSoftwareBundler
K7AntiVirusUnwanted-Program
K7GWUnwanted-Program ( 00495cd51 ), Unwanted-Program
MalwarebytesPUP.Optional.Installcore, PUP.Optional.TSA, PUP.Optional.Bundle
McAfeeArtemis!78CB4DC200F8, Artemis!91123204AC15, Artemis!057FF50CBE6E, Artemis!94CFC4EB223F
McAfee-GW-EditionArtemis!78CB4DC200F8, Artemis!91123204AC15, Artemis!057FF50CBE6E, Artemis!94CFC4EB223F
MicrosoftSoftwareBundler:Win32/DealPly
NormanInstallCore.UACS
Qihoo-360Win32/Virus.Adware.94c, HEUR/Malware.QVM20.Gen
RisingPE:Malware.XPACK-LNR/Heur!1.5594
SophosInstall Core
SymantecWS.Reputation.1
TrendMicroTROJ_GEN.R0CBC0OJD13
TrendMicro-HouseCallTROJ_GEN.F47V0304, TROJ_GEN.F47V0813, TROJ_GEN.R0CBH05JD13, TROJ_GEN.R0CBH05J613, TROJ_GEN.F47V0917
VBA32Signed-Adware.InstallCore, Downware.InstallCore
VIPREInstallCore.b (fs), Adware.Win32.InstallCore.ba (v)

* How the Detection Percentage is Calculated

The detection percentage is based on the fact that I have gathered 1574 scan results for the Trusted Software ApS files. 117 of these scan results came up with some sort of detection. If you like, you can review the full details of the scan reports by examining the files listed above.

Analysis Details

In the analysis on this page I grouped all certificates where the signer name is set to upper and lower case variants of Trusted Software ApS. These are the signer names:

The analysis is based on certificates with the following serial numbers:

Comments

No comments posted yet.

Leave a reply