Hi there! If you’ve been following my recent posts here on the FreeFixer blog, you know that I’ve been looking at files that have a valid digital signature and bundle various types of potentially unwanted programs. This morning I found another publisher named Click Yes. The following screenshot shows the User Account Control dialog when running the Click Yes file:
By looking at the certificate we can see that Click Yes appears to be located in Dublin, Ireland. The certificate is quite new. It’s validity period started yesterday, on the 21st of October.
The VirusTotal report shows that the Click Yes file should probably be avoided, since setup.exe is detected as APPL/Downloader.Gen by Avira, Trojan.Packed.29192 by DrWeb and Win32/OutBrowse.AY by ESET-NOD32. The detection rate is only 6% which is quite low.
Did you also find a Click Yes file? What kind of download was it? If you remember the download link, please post it in the comments below and I’ll upload it to VirusTotal to see if the detection rate is improved.
Hope this blog post helped you avoid some unwanted software on your machine.
Thanks for reading.