home

debutsetup.exe

Debut

NCH Software

This is a setup and installation application. This file is installed with the program Debut Video Capture Software. The file has been seen being downloaded from www.techtudo.com.br and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
Debut

Description:
Debut Video Capture Software

Version:
1.88+

MD5:
cde773567ddf331d0a18e34b12e07cbc

SHA-1:
8235815e2570d9f20a1f4f49d7e176ba21e156d6

SHA-256:
7b04579a133bbf5de68b05990c88f2242b72c0356db526f885d92f4ad443a9de

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 12:35:36 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Crypt
t3scan.2.2.29

Trend Micro House Call
TROJ_GEN.F47V0604
7.2.362

File size:
1.5 MB (1,590,848 bytes)

Copyright:
NCH Software

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\users\{user}\appdata\local\temp\debutsetup.exe

Digital Signature
Signed by:
NCH Software

Authority:
Thawte, Inc.

Valid from:
5/19/2013 8:00:00 PM

Valid to:
8/7/2015 7:59:59 PM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A560820FA3E9AD8E5411734B1D40AD5

File PE Metadata
Compilation timestamp:
9/10/2013 8:59:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:0Hk1laLz4IZ/nTL6bAk1q/xW8Vj9THYUK:0Hk1oLz4IFnTL605c8Vj9T4UK

Entry address:
0x21D8

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, F4, 14, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, 3D, 03, 00, 00, 6A, 06, 53, FF, 15, 88, 10, 40, 00, FF, 15, 10, 10, 40, 00, 8B, C8, E8, 2E, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 14, 40, 00, 68, 80, 14, 40, 00, FF, 15, 1C, 10, 40, 00, 8D, 44, 24, 68, 50, FF, 15, 38, 10, 40, 00, F6, 84, 24, 94, 00, 00, 00, 01, 75, 0A, 66, C7, 84, 24, 98, 00, 00, 00, 01, 00, 8D, 84, 24, E0, 0C, 00, 00, 50, 68, 04, 01, 00, 00, FF, 15, 00, 10, 40, 00, 6A, 63...
 
[+]

Entropy:
7.9981

Developed / compiled with:
Microsoft Visual C++

The file debutsetup.exe has been discovered within the following programs.

ASUS Wireless Router RT-AC66U Manuals  by ASUS
8% remove it
Debut Video Capture Software  by NCH Software
During installation the program will offer the user to install the NCH Toolbar, an ad-supported web browser toolbar.
www.nch.com.au/index.html
20% remove it
 
Powered by Should I Remove It?

The file debutsetup.exe has been seen being distributed by the following 9 URLs.

http://www.techtudo.com.br/_/software/.../download

http://www.nch.com.au/.../debutsetup.exe

http://fs40.filehippo.com/8180/.../debutpsetup.exe

http://www.filehippo.com/download/file/.../

http://download.informer.com/.../debutpsetup.exe

http://download.informer.com/.../debutpsetup.exe

http://debut-video-capture-software.software.informer.com/.../

http://video.nchsoftware.com/.../debutpsetup.exe

http://www.nchsoftware.com/.../debutpsetup.exe

Scan debutsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.