Nextup – 30% Detection Rate – PUA.Verti / NextUp / Rocketfuel Installer

Hi there! Another short post this evening. Just wanted to give you the heads up on a publisher called Nextup.

Nextup UAC

If you have a Nextup file on your machine you may have noticed that Nextup is displayed as the publisher in the UAC dialog when double-clicking on the file. To get more details on the publisher, you can view the certificate by right-clicking on the file, and looking under the Digital Signatures tab. According to the embedded certificate we can see that Nextup seems to be located in Bellevue, Washington in US and that the certificate is issued by COMODO Code Signing CA 2.

Nextup certificate

After uploading the Nextup file – MediaPlayerClassicInstaller.exe – to VirusTotal, it was clear that it’s probably better to delete the file than running it. The detection rate was 30% and some of the detection names were: PUA.Verti, NextUp and Rocketfuel Installer (fs).

Nextup virustotal

Did you also run into a download that was signed by Nextup? What kind of download was it and was it detected by the anti-virus progams at VirusTotal? Please share by posting a comment.

Thanks for reading.