amznsearchprotect.exe

Amazon Browser Settings

Browser Distribution Services Inc.

The executable amznsearchprotect.exe has been detected as malware by 1 anti-virus scanner. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. Additionally, the file is typically installed by a number of programs including Amazon Assistant by Amazon and Amazon Search by Amazon.
Publisher:
Distromatic  (signed by Browser Distribution Services Inc.)

Product:
Amazon Browser Settings

Version:
1.2.1.1414

MD5:
659e281bd04de1391f64519e7262e986

SHA-1:
68e454b7d082720855d9cacd56c9df306639c05d

SHA-256:
be2180ace74988b24f669e1f64a578ae513433709a3dda43f16b88f31a2baa6c

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/5/2024 8:05:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.13.22

File size:
3.3 MB (3,509,352 bytes)

Product version:
3.0.5.1338-fc43e392

Copyright:
Browser Distribution Services

Original file name:
distro-silent-installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\amazon browser settings\amznsearchprotect.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
12/17/2015 7:00:00 PM

Valid to:
12/17/2017 6:59:59 PM

Subject:
CN=Browser Distribution Services Inc., O=Browser Distribution Services Inc., L=Las Vegas, S=Nevada, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0E7157187A3C9C51E5535C5D49605D0C

File PE Metadata
Compilation timestamp:
3/14/2016 9:38:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x4554A0

Entry point:
60, BE, 00, E0, 72, 00, 8D, BE, 00, 30, CD, FF, C7, 87, A0, DB, 44, 00, FF, 2F, 04, 70, 57, EB, 11, 90, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.9909  (probably packed)

Code size:
1.2 MB (1,212,416 bytes)

Scheduled Task
Task name:
DistromaticSearchProtect-hourly

Trigger:
Daily (Runs daily at 6:32 PM)

Description:
Keeps browser search settings up to date and makes sure they are not changed by malware.


The file amznsearchprotect.exe has been discovered within the following programs.

Amazon Assistant  by Amazon
www.amazon.com/gp/BIT/theamazonapp
About 8% of users remove it
Amazon Search  by Amazon
About 2% of users remove it
 
Powered by Should I Remove It?

Remove amznsearchprotect.exe - Powered by Reason Core Security