Mouse Clicking
August 8th, 2016
Small free app:
http://download.cnet.com/Free-Mouse-Auto-Clicker/3000-2084_4-75221696.html
You don’t need to install it. Just extract the exe and there is a single file.
and we have a new winner in a mouse clicking contest … but don’t forget to disable your browser’s javascript plugin as this can cause the free app to not work as expected
you can also use autohotkey or any macro program.
little off-topic….… Buy gaming mouse. Then you can custom whatever you want
Sorry I didn’t get a chance to come back on here, i used Easy Auto clicker from Sourceforge in the end lol. Thanks all for you help and info
I hope you didn’t pick:
http://sourceforge.net/projects/hf-auto-clicker/
There are more than just those comments that suggest you have just installed malware. Using PEStudio you get:
http://s27.postimg.org/bdo4dsx2r/snap067.png or just copy/pasted for you:
The file uses the File Transfer Protocol (FTP),1
The count (17) of Authorization Functions has reached the maximum threshold (1) provided,1
The count (15) of Memory Management Functions has reached the maximum threshold (1) provided,1
The count (3) of Tool Help Functions has reached the maximum threshold (1) provided,1
The count (4) of Error Handling Functions has reached the maximum threshold (1) provided,1
The count (4) of Directory Management Functions has reached the maximum threshold (1) provided,1
The count (4) of Debugging Functions has reached the maximum threshold (1) provided,1
The count (7) of Console Functions has reached the maximum threshold (1) provided,1
The count (15) of COM Functions has reached the maximum threshold (10) provided,1
The count (8) of System Information Functions has reached the maximum threshold (5) provided,1
The count (7) of Clipboard Functions has reached the maximum threshold (3) provided,1
The count (14) of WinINet Functions has reached the maximum threshold (3) provided,1
The count (9) of Dynamic-Link Library Functions has reached the maximum threshold (1) provided,1
The count (30) of Process and Thread Functions has reached the maximum threshold (1) provided,1
The count (3) of SEH Functions has reached the maximum threshold (1) provided,1
The count (4) of Service Functions has reached the maximum threshold (1) provided,1
The count (23) of File Management Functions has reached the maximum threshold (1) provided,1
The count (334) of blacklisted strings has reached the maximum threshold (30) provided,1
The size (8960 Bytes) of the Digital Certificate has reached the minimum threshold (7168 bytes) provided,1
The count (38) of Ordinal imported functions has reached the maximum threshold (10) provided,1
The count (20) of deprecated imported functions has reached the maximum threshold (5) provided,1
The count (255) of imported blacklisted functions has reached the maximum threshold (1) provided,1
The file contains an Overlay (Signature: Unknown, Offset: 0x0009D600, Size: 131168 Bytes),1
The count (7) of Antidebug imported functions has reached the maximum threshold (1) provided,1
The file interacts with 2 Windows built-in Privileges,2
The file modifies the Windows Registry,2
The file accesses the Clipboard,2
The file interacts with the Service Control Manager (SCM),2
The file accesses the Desktop window,2
The file loads Libraries at runtime,2
The file starts child Processes,2
The file queries for files and streams,2
The file creates, modifies File(s),2
The file interacts with the Event Log,2
The file queries for Processes and Modules,2
The file accesses the Console,2
The file queries for (visible/invisible) window,2
The file uses the AutoIt scripting Engine,2
The file creates temporary file(s),2
The file Changes the Environment Variables,2
The file synthesizes mouse motion and button clicks,2
The file uses the Internet Control Message Protocol (ICMP),2
The file accesses the resources of an executable,2
The count (15) of Registry Functions has reached the maximum threshold (1) provided,2
The file ignores Data Execution Prevention (DEP) as Mitigation technique,2
The file ignores Address Space Layout Randomization (ASLR) as Mitigation technique,2
The file ignores Cookies placed on the Stack (GS) as Mitigation technique,2
The file is statically linked to the C Run-Time Libraries,2
Comments on Sourceforge are not good; surprise, the source code is also not available.
Access to clipboard / registry / FTP on a mouse-clicker? Not needed but it is there for some reason. I would find another solution.
Hi , as far as I was aware that program was clean. I got a bit worried when you mentioned this.. I have malwarebytes antimalware and antivirus software etc. both of which I just ran a full scan with, they came up clean as a whistle as I expected. PEStudio looks to be very useful so thanks for that, but why do I get different results to you??
Yeah, the av’s show as clean because it just has a FTP function and accesses the clipboard.
There are tons of apps that upload contents of a clipboard, like the ‘image hosting desktop uploaders’ as an example.
What link did you get your version of clicker from? Perhaps I found something different than the one you got.
It is from here http://sourceforge.net/projects/hf-auto-clicker/
That is where I got it from originally and again just now. I have also suggested it to a friend who I know to be running McAfee internet security and she is now using it too without issue so I hope it is OK. No idea where you got your executable from? I wondered if it was an old version lol.
If you think it is bad then I will get rid of it I guess.
Same source here. Here is a quick vid of exactly what I did.
http://youtu.be/O5FYXQJqFow
Oh I see the difference!
You just analysed the installation file. I actually analysed the actual exe.
Ah thanks for pointing that out and for all your help. So do you think that there is some bad stuff left in the auto clicker program from a past version? Or is is perfectly fine for malicious files to be installed on peoples systems and go completed undetected? You can see how many downloads that is getting per day!
The exe creates files in:
– your temp directory
– \user\current\Documents\AutomaticSolution Software\EasyAutoClicker\
Nothing else that I can see from a file pov.
For the registry, it does indeed make a change somewhere, but I don’t know what it is exactly as I’m using Sandboxie for this. Give me a few minutes and I’ll run it through a VM to see
Yes I have looked and in that folder is where the program has stored the config file for my chosen hotkey which begins the autoclicking process.
i dunno the software you use , but it might have more functions than just clicking , which requires clipboard access etc… , will give you the better details but with the accesses that software have , i dont think it is malicious , if you are not still comfortable , block its internet access through firewall. that PEStudio software seems like a hell of a software , why i didnt know it before
update for you.
I installed the program in a virtual machine and captured the changes it made (with internet access monitored) using Spoon IDE.
It made changes in the firefox profile (my default browser) and after I let it click for a bit, it attempted internet access to a ftp server. I didn’t allow the connection, so I don’t know what was going out/in.
For me…I wouldn’t trust it.
For complete removal of what it has done to your system, I would make sure that I cleared the browser cache, and also check to see if any unknown addons are sitting in the profile folder. Not all plugins in FF show up in the GUI!
for : the program doesn’t have any functions related to ftp or the clipboard!
“It made changes in the firefox profile (my default browser) and after I let it click for a bit, it attempted internet access to a ftp server. I didn’t allow the connection, so I don’t know what was going out/in. ”
thats a dangerous thing unless they gather anonymous information about clicking habits lol
OK thanks for your help again it is appreciated. I will clear it off of my system to be safe and check what you said and also tell my friend to do the same. I had the wrong idea and thought I could trust files on sourceforge in general. Didn’t even notice there was no source code.