It False Or True Virus?

Report all your false positives from Anvi Smart Defender. We will deal with them as quickly as possible.

False Detect?

Postby Bhikank » 2012-02-19 9:06


I use AutoClick.exe.....Detected Dangerous....It True Virus Or Just False Detect???Because I Use It Everyday And No Error....thx....:)
So Far I Like This Antivirus.....:)
Bhikank
Member

Member
 
Posts: 2
Joined: 2012-02-18 21:17

It False Or True Virus?

Postby Bhikank » 2012-02-19 9:24

AutoClick.exe
https://www.virustotal.com/file/e7fc99b82c52128706118fa50cdd20341920297146924cdf01629db920c83d0a/analysis/
Bhikank
Member

Member
 
Posts: 2
Joined: 2012-02-18 21:17

Re: It False Or True Virus?

Postby aurora » 2012-02-19 10:03

The security rating is dangerous if AutoClick.exe is located in a subfolder of:
"C:\Windows"\AutoClick.exe
"C:\Program Files\AutoClick.exe"
"C:\Program Files\Common Files\AutoClick.exe"
"C:\Documents and Settings\AutoClick.exe"
"C:\Documents and Settings\Administrator\AutoClick.exe"
"C:\Documents and Settings\Administrator\My Documents\AutoClick.exe"
"C:\Windows\security"
"C:\DRIVERS\AutoClick.exe"


NOW IF ITS FONT IS LOWERCASE then read this, autoclick.exe Description:

Automatically click links and buttons on web pages - By: Vsisoftware.com from Vsisoftware.com This program is not important for your system process, but should not be terminated unless suspected to be causing problems. autoclick.exe Analysis results:
Is autoclick.exe virus file? 0
Is autoclick.exe trojan file? 0
Is autoclick.exe spyware file? 0
Security Risk points (from 5) 0

Now I do not know if you use that program or not so a big difference if its a process running and its has capital letters contained in it versus all lowercase letters. another thing to note the virus total scan results all the heavy hitters of antivirus vendors, Emsisoft, kaspersky ,bitdefender, norton vipre, avast, antivir , avg. panda etc. show nothing. most likely false alarm, but let Anvisoft analysts look at this for now.
aurora
Regular Member

Regular Member
 
Posts: 134
Joined: 2012-02-11 16:53

Re: False Detect?

Postby aurora » 2012-02-19 10:29

I f you use that product and its known too be safe then i would not worry. i responded to your post in false positives. before seeing this one , just an F.Y.I. :) need to keep all pertinent information in the more fitting topic forum false positives. this way you will have more accurate and quicker response. ;) Thank You
aurora
Regular Member

Regular Member
 
Posts: 134
Joined: 2012-02-11 16:53

Re: It False Or True Virus?

Postby Rats » 2012-02-19 12:47

Hi Bhikank

AutoClick.exe

Filename: AutoClick..exe
MD5: cbcfaeb22e4847a6b1c33bb520b6920a
SHA-1: 926688042fac9c639cd4762a77ae961427828b6f
File Size: 258048 Bytes
Command Line: "C:\AutoClick..exe"

Load-time Dlls

C:\​WINDOWS\​system32\​ntdll.dll 0x7C900000 0x000AF000
C:\​WINDOWS\​system32\​kernel32.dll 0x7C800000 0x000F6000
C:\​WINDOWS\​system32\​MFC42.DLL 0x73DD0000 0x000FE000
C:\​WINDOWS\​system32\​msvcrt.dll 0x77C10000 0x00058000
C:\​WINDOWS\​system32\​GDI32.dll 0x77F10000 0x00049000
C:\​WINDOWS\​system32\​USER32.dll 0x7E410000 0x00091000
C:\​WINDOWS\​system32\​ADVAPI32.dll 0x77DD0000 0x0009B000
C:\​WINDOWS\​system32\​RPCRT4.dll 0x77E70000 0x00092000
C:\​WINDOWS\​system32\​Secur32.dll 0x77FE0000 0x00011000
C:\​WINDOWS\​system32\​SHELL32.dll 0x7C9C0000 0x00817000
C:\​WINDOWS\​system32\​SHLWAPI.dll 0x77F60000 0x00076000
C:\​WINDOWS\​WinSxS\​X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\​COMCTL32.dll 0x773D0000 0x00103000
C:\​WINDOWS\​system32\​MSVCP60.dll 0x76080000 0x00065000

Run-time Dlls
C:\​WINDOWS\​system32\​UxTheme.dll 0x5AD70000 0x00038000
C:\​WINDOWS\​system32\​MSCTF.dll 0x74720000 0x0004C000

Registry Values Read:
HKLM\​SOFTWARE\​Microsoft\​CTF\​SystemShared\​ CUAS 0 1
HKLM\​SYSTEM\​Setup SystemSetupInProgress 0 1
HKLM\​Software\​Policies\​Microsoft\​Windows\​Safer\​CodeIdentifiers TransparentEnabled 1 1
HKLM\​System\​CurrentControlSet\​Control\​Terminal Server TSUserEnabled 0 1
HKU\​S-1-5-21-842925246-1425521274-308236825-500\​Keyboard Layout\​Toggle Language Hotkey 1 2
HKU\​S-1-5-21-842925246-1425521274-308236825-500\​Keyboard Layout\​Toggle Layout Hotkey 2 2

Memory Mapped Files:
C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll
C:\WINDOWS\WindowsShell.Manifest
C:\WINDOWS\system32\MFC42.DLL
C:\WINDOWS\system32\MSCTF.dll
C:\WINDOWS\system32\MSVCP60.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\UxTheme.dll
C:\WINDOWS\system32\imm32.dll
User avatar
Rats
Advanced Member

Advanced Member
 
Posts: 249
Joined: 2012-01-10 9:28
Location: 42 Evergreen Terrace

Re: It False Or True Virus?

Postby Rats » 2012-02-19 13:06

now let me explain

The file its self in not malicious> so its not really malware per say
So why is it detected then ?

The activity of the file is a security threat , to the user and the pc
this software is to automatically click the mouse so the user dose not have to click the mouse

The problem is this its can and will click on popup ads for everything including rouge programs 0 day with out user interaction
so if one get a 0 day popup and hovers the mouse over it or moves the mouse over by accident Bang infected

Also some malware have used this file a template using its auto click feature in incorporated in the malware

on the principle of security this file dose on help your pc security at all in fact form a security point of view
its dangerous to your pc security . although its not a infection its self it can and will lead the user sooner or later to become infected

So that's why this file is detected

you have to remember not all freeware is good ware but not all is malicious
some are just badly made ,
User avatar
Rats
Advanced Member

Advanced Member
 
Posts: 249
Joined: 2012-01-10 9:28
Location: 42 Evergreen Terrace

Re: It False Or True Virus?

Postby aurora » 2012-02-19 13:19

well without the actual pc in front of me, very hard to detemine what is going on in that machine. i cannot make that assumption based on one exe file not going to happen need to go into all sorts of things to dissect that pc properly. what Rats is saying is but one senario. and its a good one to heed. play with fire your going to get burned someday.
aurora
Regular Member

Regular Member
 
Posts: 134
Joined: 2012-02-11 16:53

Re: It False Or True Virus?

Postby Ivy » 2012-02-19 21:43

Suggest you consider the explanation Rats give.
Anvisoft--A leading Internet security solutions provider
User avatar
Ivy
Anvisoft Staff

Anvisoft Staff
 
Posts: 2413
Joined: 2012-01-16 21:05

Re: It False Or True Virus?

Postby aurora » 2012-02-19 22:32

sounds solid too me. but as a tech i do not assume anything each pc is a case by case determination, no two infections are alike similar yes but outcome even though infected not the same remedy will work everytime first off we have no logs reports or any knowledge of exactly what is occuring if anything. but if i was the user i would dispatch that application pronto and heed the advice given.
Last edited by aurora on 2012-02-20 9:07, edited 1 time in total.
aurora
Regular Member

Regular Member
 
Posts: 134
Joined: 2012-02-11 16:53

Re: It False Or True Virus?

Postby Ivy » 2012-02-20 4:14

When I try to download AutoClick and install AutoClick, it creats a lot of website on my toolbar, that's make me uncomfortable ;)
Anvisoft--A leading Internet security solutions provider
User avatar
Ivy
Anvisoft Staff

Anvisoft Staff
 
Posts: 2413
Joined: 2012-01-16 21:05

Next

Return to Report False Positives

Random Threads
ThreadThread StarterViews
Corvus.dll-false positiveNiloy284682
Omega Seamaster Planet Alta Qualita Uaireadóirí Macasamhail 4444 - €217.62 : jewelry tiffany, replicaomegawatch.cnandemanmitz0
False PositiveKruis3490
meilleure réplique oméga des montresnfernandesher0
Moncler Mäntel Frauenlragelollie0

Who is online

Users browsing this forum: No registered users