home

printpdfsetup.exe

BoltPDF

NCH Software

This is a setup and installation application. This is installed with Bolt PDF Printer. The file has been seen being downloaded from api.edmodo.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
BoltPDF

Description:
Bolt PDF Printer

Version:
1.20+

MD5:
d32553746d2431a71bee240af5461d77

SHA-1:
db3edace62bb2188dd72aa74e84d845cf3f153a6

SHA-256:
bb2722de0b79deccbb8e0a4ba23c22969a91d2a23b1561530579b34a85f2a78c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:04:10 AM UTC  (today)

File size:
1.1 MB (1,154,600 bytes)

Product version:
1.20+

Copyright:
NCH Software

Original file name:
BoltPDF.exe

File type:
Executable application (Win32 EXE)

Language:
English (Australia)

Common path:
C:\users\{user}\downloads\printpdfsetup.exe

Digital Signature
Signed by:
NCH Software

Authority:
Thawte, Inc.

Valid from:
5/20/2013 8:00:00 AM

Valid to:
8/8/2015 7:59:59 AM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A560820FA3E9AD8E5411734B1D40AD5

File PE Metadata
Compilation timestamp:
12/18/2014 8:47:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:VKbDYghhg17WC8zZqwGuVUJQ2Vs9qK82PxIWFJQlD5toPFy6JN5:Abkg817LiZmbQ2Ow25IUQp5iPFycf

Entry address:
0x11D4

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, F4, 14, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, 3D, 03, 00, 00, 6A, 06, 53, FF, 15, 8C, 20, 40, 00, FF, 15, 2C, 20, 40, 00, 8B, C8, E8, 2E, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 24, 40, 00, 68, 80, 24, 40, 00, FF, 15, 08, 20, 40, 00, 8D, 44, 24, 68, 50, FF, 15, 50, 20, 40, 00, F6, 84, 24, 94, 00, 00, 00, 01, 75, 0A, 66, C7, 84, 24, 98, 00, 00, 00, 01, 00, 8D, 84, 24, E0, 0C, 00, 00, 50, 68, 04, 01, 00, 00, FF, 15, 28, 20, 40, 00, 6A, 63...
 
[+]

Entropy:
7.9964

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 KB (1,536 bytes)

The file printpdfsetup.exe has been discovered within the following program.

Bolt PDF Printer  by NCH Software
During installation the program will offer the user to install the NCH Toolbar, an ad-supported web browser toolbar.
www.nchsoftware.com/pdfprinter/index.html
18% remove it
 
Powered by Should I Remove It?

The file printpdfsetup.exe has been seen being distributed by the following 3 URLs.

https://api.edmodo.com/files/.../download?f=9l127x7xvd8gp35sjhuu25qh5

http://www.nch.com.au/.../printpdfsetup.exe

http://www.nchsoftware.com/.../printpdfsetup.exe

Scan printpdfsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.