Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Suspicious.cloud

Suspicious.Cloud is a destructive Trojan, which will attempt to compromise your system and will make your life a living hell! This malicious application’s creators are not interested in your system’s security or personal privacy, and will implement every tool to reveal your confidential data. So, unless you remove Suspicious.Cloud, this cunning Trojan will make sure to compromise your computer’s functionality, gradually turning it into a useless box, and will gravely endanger your personal space.

Suspicious.Cloud is made of various infected components, some of which use the same names of legitimate companies’ tools, which could trick most PC users into believing these files’ credibility. For example, Easy Bits is the name of a company, which creates family oriented software, and one of the malicious Suspicious.Cloud files is called EasyBits.exe. Another malicious file is fb.exe, which is a sinister version of iSoft’s SFXMaker executable file, found under %STARTUP%\FB.exe. If you have noticed this file elsewhere, remove it immediately, as it should not run in a healthy Windows system.

If you did not install Antivirus 2010, AntiVirus System 2011 or HDD Defragmenter, but you see a system scan being performed by one of them anyway, there is no doubt that Suspicious.Cloud is in your system, as all of the fake security tools are closely related to this Trojan. They might resemble genuine security software, but do not be fooled, as their only goal is to gain your credit card numbers and, consequently, rob you off. Suspicious.Cloud initiates these rogues, which display fictitious computer scans that report a ton of nonexistent problems in your system. To persuade you with Suspicious.Cloud's legitimacy, the fake antispywares will report various fake system alerts:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

Attention! Network attack detected!
Your computer is being attacked from remote host. Attack has been classified as Remote code execution attempt.
Risk level: Critical
Attack from 187.245.46.110.46795

Windows – Delayed Write Field
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Exe file is corrupted and can’t be run. Hard drive scan required.

Aside from activating rogue antispywares, Suspicious.Cloud will collect your user names and passwords, and will send this information to hackers, who will be able to use this data further more. Suspicious.Cloud will also modify your browser settings, display advertisements, terminate processes, disable Task Manager, and will force your computer’s restart.

Suspicious.Cloud is an extremely dangerous Trojan that will do everything in its power to gather all your confidential information; therefore, it is necessary to delete Suspicious.Cloud as soon as you can. In order to free your system from this Trojan’s trap, you need to use an updated genuine security tool, which will detect malignant files and will remove Suspicious.Cloud instantly. It is also highly important to keep your Windows updated, because Microsoft constantly detects and fixes security loopholes, which could allow Trojans and other malware infiltrate your system.

Download Spyware Removal Tool to Remove* Suspicious.cloud
  • Quick & tested solution for Suspicious.cloud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Suspicious.cloud

Files associated with Suspicious.cloud infection:

DisplaySwitch.exe
mspguard_mfbjbnv.exe
fykcisygfisy.exe
1.exe
kerbudurywea.exe
drwebcom.exe
hIoAFIdidjTpLym.exe
syshost.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
dvbdream.exe
titjaqirytef.exe
msacwmo.com
qetotyqpurri.exe
vasrosdycalu.exe
temp.bin
serjoxhizuko.exe
jtxvqphqtqa.exe
qynisarugong.exe
jtiEKAcodyDO.exe
89c65b6d_15ed.exe
puzvujovymcu.exe
msns.exe
tydmuttobubs.exe
n.
le.exe
KB3237683.exe
byshcdzyuhso.exe
xumydridqylr.exe
hlshcfswygiumwpf.exe
SkypePM.exe
pylcijotpyvy.exe
lvysvbqvgoty.exe
antivir9.exe
zywelvuhanci.exe
tSUpODctlIrm.exe
FbxU.exe
_ex-68.exe
cmddw.dll
tivosbadeari.exe
e54f740.exe
ccon.exe
KnightCleaner.exe
cttune.exe
zziabxta.exe
zefcymrebery.exe
tobgopdizqik.exe
lyfseacusoty.exe
temp1.exe
bukvuxivasyg.exe
winlogon.exe
securitymanager.exe
windbg.exe
tffcrojh.exe
kiduzjisoxub.exe
pmomrebcktfpodtfglyuew.exe
4wgyser5huy6j.exe
PIFoHdCpFL.exe
xcsrnbdl.exe
mspguard_swkngnc.exe
laheavadashy.exe
kondelypaplaibq.exe
My Web Search Installer.exe
ytyozievwmjenndeql.exe
TeamViewer 8.exe
rrmquile_n_.exe
wbemsyst.dll
_ex-68.exe
dimsntfy32.dll
hdba.dll
wvgmkfnxrI.exe
bdbar.dll
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
nohalbybywyp.exe
search.exe
jypykeasuxih.exe
pokroqmeajys.exe
hysciwygikle.exe
csrss.exe
AdobeARM.exe
ctfon.exe
DR2Launcher.exe
mirsurocvyzy.exe
vovokiwitrej.exe
divx.exe
Acronis-True-Image-9.70.82.6.exe
zexeajoxferi.exe
updates.exe
wesvygmisjeh.exe
cepunifijyjy.exe
YOUTUBE.PLAYER.exe
poqeqdyzebox.exe
flash_player.exe
jylumvuqicat.exe
zifagureaqyn.exe
filtre.exe
a43vtzgbdgv.exe
dxkaepsp.exe
wvgmkfnxrI.exe
dacmeatiksur.exe
AlSrvN.exe
qtp_def.exe
fb.exe
UpdateInstallV2.exe
msiexec64.exe
nalykaqhudyj.exe
fpanel.exe

Suspicious.cloud DLL's to remove:

cmddw.dll
wbemsyst.dll
dimsntfy32.dll
hdba.dll
bdbar.dll

Suspicious.cloud processes to kill:

jtiEKAcodyDO.exe
cttune.exe
YOUTUBE.PLAYER.exe
qynisarugong.exe
dxkaepsp.exe
fykcisygfisy.exe
PIFoHdCpFL.exe
mirsurocvyzy.exe
byshcdzyuhso.exe
zefcymrebery.exe
search.exe
ytyozievwmjenndeql.exe
tobgopdizqik.exe
1.exe
e54f740.exe
a43vtzgbdgv.exe
nohalbybywyp.exe
zziabxta.exe
tSUpODctlIrm.exe
antivir9.exe
cepunifijyjy.exe
hlshcfswygiumwpf.exe
puzvujovymcu.exe
laheavadashy.exe
zexeajoxferi.exe
le.exe
wesvygmisjeh.exe
xumydridqylr.exe
poqeqdyzebox.exe
UpdateInstallV2.exe
4wgyser5huy6j.exe
drwebcom.exe
filtre.exe
TeamViewer 8.exe
kerbudurywea.exe
kondelypaplaibq.exe
temp1.exe
jylumvuqicat.exe
ctfon.exe
FbxU.exe
syshost.exe
My Web Search Installer.exe
pmomrebcktfpodtfglyuew.exe
dacmeatiksur.exe
qetotyqpurri.exe
serjoxhizuko.exe
msiexec64.exe
xcsrnbdl.exe
AdobeARM.exe
KB3237683.exe
fb.exe
_ex-68.exe
wvgmkfnxrI.exe
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
zifagureaqyn.exe
pokroqmeajys.exe
bukvuxivasyg.exe
windbg.exe
hysciwygikle.exe
flash_player.exe
hIoAFIdidjTpLym.exe
lyfseacusoty.exe
ccon.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
csrss.exe
lvysvbqvgoty.exe
mspguard_swkngnc.exe
titjaqirytef.exe
DisplaySwitch.exe
89c65b6d_15ed.exe
vasrosdycalu.exe
_ex-68.exe
vovokiwitrej.exe
tffcrojh.exe
msns.exe
zywelvuhanci.exe
tydmuttobubs.exe
winlogon.exe
DR2Launcher.exe
divx.exe
tivosbadeari.exe
AlSrvN.exe
jypykeasuxih.exe
jtxvqphqtqa.exe
fpanel.exe
dvbdream.exe
updates.exe
KnightCleaner.exe
mspguard_mfbjbnv.exe
Acronis-True-Image-9.70.82.6.exe
SkypePM.exe
qtp_def.exe
rrmquile_n_.exe
pylcijotpyvy.exe
securitymanager.exe
kiduzjisoxub.exe
nalykaqhudyj.exe
wvgmkfnxrI.exe
Disclaimer

Comments

  1. Private Feb 16, 2014

    I got suspicious.cloud.9 with no number.What does each number and letter mean?

  2. crabeater Jan 5, 2015

    You are the only site to report & warn so dramatically on this threat. Here's what Symmantec has to say about it:

    Threat *****sment
    Wild

    Wild Level: Low
    Number of Infections: 0 - 49
    Number of Sites: 0 - 2
    Geographical Distribution: Low
    Threat Containment: Easy
    Removal: Easy

    Damage

    Damage Level: Low

    Distribution

    Distribution Level: Low

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.