Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What's This?


  • Please log in to reply
4 replies to this topic

#1 Hwy14

Hwy14

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:AZ
  • Local time:04:07 PM

Posted 13 January 2016 - 08:55 PM

NDP451-KB2859818-Web.exe If anyone knows exactly what this is I would appreciate the sharing of your knowledge​. It and the "set-up" of it just showed up in my downloads folder. It calls itself "Speed Up My PC", smells like a highjacker to me. A web search gives mixed messages. Some sites claim it was developed by Microsoft and the façade looks legit.I can't seem to nail it down. I'm having symptoms of some letters being scrambled.as I type. I don't know if it's related. With so many new things in Windows 10 I'm not sure what Microsoft is throwing at me.

Please Advise

THANX 



BC AdBot (Login to Remove)

 


#2 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 3,060 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:07:07 PM

Posted 13 January 2016 - 08:58 PM

It probably is a hijack.

Never go for one of these things unless you do your homework


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

ljxaqg-6.png


#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:07 PM

Posted 13 January 2016 - 09:36 PM

There's a legitimate executable from the Microsoft Download Center called NDP451-KB2859818-Web.exe, it's the Microsoft .NET Framework 4.5.1 (Web Installer) for Windows Vista SP2, Windows 7 SP1, Windows 8, Windows Server 2008 SP2 Windows Server 2008 R2 SP1 and Windows Server 2012.

https://www.microsoft.com/en-ca/download/details.aspx?id=40773

However, it should be signed by Microsoft.
0Z7Zqww.png

Edit: Can you upload that executable on VirusTotal.com, and post the result URL?

Edited by Aura, 13 January 2016 - 09:37 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 Hwy14

Hwy14
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:AZ
  • Local time:04:07 PM

Posted 14 January 2016 - 12:15 AM

VirusTotal publisher could not be varified



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:07 PM

Posted 14 January 2016 - 06:19 AM

Can you post the result URL for it here please?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users