We received the file SSIAGENT.EXE and detected that SSIAGENT.EXE is not good.
SSIAGENT.EXE is Adware. You should remove the file SSIAGENT.EXE.
Kill the process SSIAGENT.EXE and remove SSIAGENT.EXE from Windows.
Malware Analysis of SSIAGENT.EXE
Full path on a computer: %Local Appdata%\SSI\SSIagent.exe
Detected by UnHackMe:
Item Name: SSIagent
Author:
Current Setting: %LOCAL APPDATA%\SSI\SSIAGENT.EXE
Type: Registry Run
Removal Results: Success
Number of reboot: 1
SSIAGENT.EXE is known as:
Adware.CloverPlus
SSIAGENT.EXE hash:
- MD5: 2322886caf80070c1ed580a1510bf100
The file tries to download information from some web sites.
How to quickly detect SSIAGENT.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SSIagent: “%Local Appdata%\SSI\SSIagent.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\msprivs: “%Appdata%\windowforsmartinstall.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SSI: “”%Local Appdata%\SSI\SSI.exe” /byboot”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C0CF452F-532D-4b9f-AD1B-9E06538BBADB}_is1\UninstallString: “”%Local Appdata%\SSI\unins000.exe”"
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\msprivs10\UninstallString: “%Local Appdata%\Apps\msprivs_uninst.exe”
Folders:- %Local Appdata%\Apps
- %Local Appdata%\SSI
- %Temp%\adm
Files:- %Appdata%\windowforsmartinstall.exe
- %Local Appdata%\Apps\msprivs_uninst.exe
- %Local Appdata%\SSI\SSI.exe
- %Local Appdata%\SSI\SSIagent.exe
- %Local Appdata%\SSI\ssub.exe
- %Local Appdata%\SSI\unins000.dat
- %Local Appdata%\SSI\unins000.exe
- %Temp%\adm\ssiinstall.exe