videopad.exe

NCH Software

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler named videopadShakeIcon triggered by a time event. The file has been seen being downloaded from download1915.mediafire.com and multiple other hosts.
Publisher:
NCH Software

Description:
VideoPad Video Editor

Version:
2.12

MD5:
80bd27cf0e89f4a86f7983edc625fbc9

SHA-1:
6f79e7eabd86598a83570eeab772c2593979979a

SHA-256:
35c8deedc16d7629643670cc5a05a9a478524425f39bf43c1e43d921175b2a12

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/26/2024 3:27:06 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Conduit
4.0.3.14328

ESET NOD32
Win32/Toolbar.Conduit (variant)
8.9520

File size:
2.2 MB (2,293,764 bytes)

Copyright:
NCH Software

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\Program Files\nch software\videopad\videopad.exe

File PE Metadata
Compilation timestamp:
8/17/2010 8:06:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:Aa5R6nUf0hSgvBaKAAAAAAAAAKAAAAAAAAAA3AAAAAAAAAAwAAAAAAAAAAZ3:J/6pFvBaKAAAAAAAAAKAAAAAAAAAA3Ap

Entry address:
0x1B5ADE

Entry point:
E8, F6, 95, 00, 00, E9, 16, FE, FF, FF, 51, 53, 8B, 5C, 24, 0C, 56, 57, 33, F6, 33, FF, 3B, 1C, FD, 38, A3, 45, 00, 74, 06, 47, 83, FF, 17, 72, F1, 83, FF, 17, 0F, 83, 77, 01, 00, 00, 55, 6A, 03, E8, 16, 98, 00, 00, 83, F8, 01, 59, 0F, 84, 31, 01, 00, 00, 6A, 03, E8, 05, 98, 00, 00, 85, C0, 59, 75, 0D, 83, 3D, 34, A3, 45, 00, 01, 0F, 84, 18, 01, 00, 00, 81, FB, FC, 00, 00, 00, 0F, 84, 3F, 01, 00, 00, 68, F0, 20, 40, 00, BB, 14, 03, 00, 00, 53, BD, 98, 28, 5D, 00, 55, E8, 40, 80, 00, 00, 83, C4, 0C, 85, C0...
 
[+]

Scheduled Task
Task name:
videopadShakeIcon

Path:
\NCH Software\videopadShakeIcon

Trigger:
Time (Next runs on 24.05.2014 at 10:27)

Action:
videopad.exe -shakeicon


The file videopad.exe has been discovered within the following program.

VideoPad Video Editor  by NCH Software
From the EULA: " During installation of this download you will be given the option to install closely related programs from the NCH Software suite. These are optional and you can select what you want depending on your requirements."
www.nchsoftware.com
20% remove it
 
Powered by Should I Remove It?

The file videopad.exe has been seen being distributed by the following 6 URLs.

http://download1915.mediafire.com/sugma47jc4rg/.../videopad.exe

http://download1669.mediafire.com/xkvs5nyd165g/.../videopad.exe

http://download1954.mediafire.com/uzh6lbi4063g/.../videopad.exe

http://download1484.mediafire.com/73utukcl4jqg/.../videopad.exe

Scan videopad.exe - Powered by Reason Core Security