home

tmp0000001357737124d4e333e7

MiniLite

合肥智明星通软件科技有限公司

The file tmp0000001357737124d4e333e7 by 合肥智明星通软件科技有限公司 has been detected as a potentially unwanted program by 5 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.
Publisher:
MiniLite system  (signed by 合肥智明星通软件科技有限公司)

Product:
MiniLite

Description:
MiniLiteSvc.exe

Version:
6.6.2.2771

MD5:
59878242642cc8b7c1fe94d95308cff5

SHA-1:
4d1761b201275da8dffb41f4bcf30854184da391

SHA-256:
90080256b99fcfb5aed583fd72ce9bf0caeb24af5f546a7961d3e599a69826cc

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
6/27/2025 5:22:07 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SearchProtect-DH [Adw]
160518-2

Emsisoft Anti-Malware
Application.Elex.K
11.5.0.6191

ESET NOD32
Win32/ELEX.EW potentially unwanted application
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.225.227.0

Norman
Application.Elex.K
28.05.2016 13:03:37

File size:
512 KB (524,288 bytes)

Product version:
6.6.2.2771

Copyright:
Copyright (C) of MiniLite 2002

Original file name:
ProtectSvc.exe

Language:
Chinese

Common path:
C:\windows\temp\tmp0000001357737124d4e333e7

Digital Signature
Signed by:
合肥智明星通软件科技有限公司

Authority:
GlobalSign nv-sa

Valid from:
8/5/2015 6:17:44 AM

Valid to:
8/5/2016 6:17:44 AM

Subject:
CN=合肥智明星通软件科技有限公司, O=合肥智明星通软件科技有限公司, L=合肥, S=安徽, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EED58E5F3B9897A9E54316DE64FBF98C

File PE Metadata
Compilation timestamp:
8/24/2015 3:59:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:4pIFw+9WF8ljzXt4n90OdKikYDn42fbMXiEZt4Y+qrattCzxPH+1Ao:4pIi9MX22ONYr+qrattCzxPe

Entry address:
0x124D0

Entry point:
E8, 8C, 03, 00, 00, E9, 4C, FE, FF, FF, FF, 25, 84, 52, 41, 00, 6A, 0C, 68, 00, 70, 41, 00, E8, 54, 01, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7, 8B, 75, 08, 03, F0, 89, 75, 08, 83, 65, FC, 00, 4F, 89, 7D, 10, 78, 0C, 2B, F3, 89, 75, 08, 8B, CE, FF, 55, 14, EB, EE, 33, C0, 40, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 14, 00, 00, 00, E8, 55, 01, 00, 00, C2, 10, 00, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, 45, E4, 85, C0, 75, 0B, FF, 75, 14, 57, 53, 56, E8, 01, 00, 00, 00, C3, 6A...
 
[+]

Code size:
77 KB (78,848 bytes)

Remove tmp0000001357737124d4e333e7 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.