home

debutsetup.exe

Debut

NCH Software

This is a setup and installation application. This file is installed with multiple programs including Debut Videorekorder and Debut Video Capture Software. The file has been seen being downloaded from www.automaticgeek.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
Debut

Description:
Debut Video Capture Software

Version:
1.82+

MD5:
866d6c0e7214241a86cabbc339f603aa

SHA-1:
b3f76fb12066dc4f51780f3f9daba5a9018f359f

SHA-256:
a63b98f3de0078bd04c7e4a2d16c19c4c72ebf0ff497303808fc3437ea98826c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/18/2024 9:45:24 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0604
7.2.337

File size:
1.5 MB (1,540,672 bytes)

Copyright:
NCH Software

File type:
Executable application (Win32 EXE)

Language:
Anglictina (Austrálie)

Common path:
C:\users\{user}\appdata\local\temp\debutsetup.exe

Digital Signature
Signed by:
NCH Software

Authority:
Thawte, Inc.

Valid from:
5/20/2013 2:00:00 AM

Valid to:
8/8/2015 1:59:59 AM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A560820FA3E9AD8E5411734B1D40AD5

File PE Metadata
Compilation timestamp:
9/27/2012 1:51:13 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:Y7H0Y5dFpKjBFfPS+XZwGKRxAs5Yx/Dx9WDZ6BuI1vhZWvP+AwnRcn7TtMW2bHAm:wHB5tiBFCqNlx/DxmZo/JUwny7l2bv+K

Entry address:
0x21D8

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, F4, 14, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, 3D, 03, 00, 00, 6A, 06, 53, FF, 15, 88, 10, 40, 00, FF, 15, 4C, 10, 40, 00, 8B, C8, E8, 2E, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 14, 40, 00, 68, 80, 14, 40, 00, FF, 15, 00, 10, 40, 00, 8D, 44, 24, 68, 50, FF, 15, 24, 10, 40, 00, F6, 84, 24, 94, 00, 00, 00, 01, 75, 0A, 66, C7, 84, 24, 98, 00, 00, 00, 01, 00, 8D, 84, 24, E0, 0C, 00, 00, 50, 68, 04, 01, 00, 00, FF, 15, 14, 10, 40, 00, 6A, 63...
 
[+]

Developed / compiled with:
Microsoft Visual C++

The file debutsetup.exe has been discovered within the following programs.

Debut Video Capture Software  by NCH Software
During installation the program will offer the user to install the NCH Toolbar, an ad-supported web browser toolbar.
www.nch.com.au/index.html
20% remove it
Debut Videorekorder  by NCH Software
www.nchsoftware.com/capture/de/support.html
About 8% of users remove it
Internet Download Manager  by Tonec Inc.
Internet Download Manager (also called IDM) is a shareware download manager. It is only available for the Microsoft Windows operating system.
www.internetdownloadmanager.com
30% remove it
 
Powered by Should I Remove It?

The file debutsetup.exe has been seen being distributed by the following 5 URLs.

http://www.automaticgeek.com/FreeAps/.../debutpsetup.exe

http://www.nch.com.au/.../debutsetup.exe

http://dl.cdn.chip.de/downloads/.../debutpsetup_1.82.exe

http://www.nchsoftware.com/.../debutpsetup.exe

http://www.filehippo.com/download/file/.../

Scan debutsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.