clearscreenplayer.exe

ClearScreen Player

ClearScreen

The application clearscreenplayer.exe by ClearScreen has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ClearScreen Player’. This file is typically installed with the program ClearScreen Player.
Publisher:
ClearScreen  (signed and verified)

Product:
ClearScreen Player

Version:
1.8.2.1

MD5:
74b3af20972c64485627533e48e0b3fb

SHA-1:
ab4b2a76809b2d77eff8ed8b2bcd45e9c79e0690

SHA-256:
2bbd3e003e8faffe446f94626595d145a32072708eb2d5d05a5dbc8f2b63099c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/26/2024 9:07:54 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ClearScreen (M)
16.11.7.16

File size:
429.4 KB (439,712 bytes)

Product version:
1.8.2.1

Copyright:
ClearScreen Player

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\clearscreenplayer\clearscreenplayer.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
3/21/2016 5:00:00 PM

Valid to:
3/22/2017 4:59:59 PM

Subject:
CN=ClearScreen, O=ClearScreen, L=BELLEVUE, S=Washington, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1DD0D047E22C82940EC21274225F72FE

File PE Metadata
Compilation timestamp:
4/20/2016 2:41:56 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:uQbDPNq5JGmn7/w9KfDVHkZ521Okuld3IUwqsa/Rwlp:n/1q5JpBkjcrC3r9TZo

Entry address:
0x250C8

Entry point:
E8, 10, 05, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 83, 25, E4, EE, 45, 00, 00, 83, EC, 2C, 53, 33, DB, 43, 09, 1D, D0, D2, 45, 00, 6A, 0A, E8, 04, A9, 01, 00, 85, C0, 0F, 84, 74, 01, 00, 00, 83, 65, EC, 00, 33, C0, 83, 0D, D0, D2, 45, 00, 02, 33, C9, 56, 57, 89, 1D, E4, EE, 45, 00, 8D, 7D, D4, 53, 0F, A2, 8B, F3, 5B, 89, 07, 89, 77, 04, 89, 4F, 08, 89, 57, 0C, 8B, 45, D4, 8B, 4D, E0, 89, 45, F4, 81, F1, 69, 6E, 65, 49, 8B, 45, DC, 35, 6E, 74, 65, 6C, 0B, C8, 8B, 45, D8, 35, 47, 65, 6E, 75, 0B, C8, F7, D9...
 
[+]

Entropy:
6.4380

Code size:
275 KB (281,600 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ClearScreen Player

Command:
"C:\Program Files\clearscreenplayer\clearscreenplayer.exe" \autostart=1


The file clearscreenplayer.exe has been discovered within the following program.

ClearScreen Player  by ClearScreen Player
About 8% of users remove it
 
Powered by Should I Remove It?

Remove clearscreenplayer.exe - Powered by Reason Core Security