US Patent 11349860 Malicious software detection and mitigation

An example method includes obtaining, by a processor on an end user device, from an operating system of the end user device, a permission to access the operating system by a malicious software management application, receiving, by the processor via the malicious software management application from the operating system, a first set of click information indicative of a set of clicks detected by an input-output interface of the end user device and a second set of click information indicative of a set of clicks detected by a web browser of the end user device, identifying, by the processor via the malicious software management application based on the first and second sets of click information, a presence of a click generating application on the end user device, and initiating, by the processor via the malicious software management application based on the presence of the click generating application, a mitigation action.