Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Suspicious.cloud

Suspicious.Cloud is a destructive Trojan, which will attempt to compromise your system and will make your life a living hell! This malicious application’s creators are not interested in your system’s security or personal privacy, and will implement every tool to reveal your confidential data. So, unless you remove Suspicious.Cloud, this cunning Trojan will make sure to compromise your computer’s functionality, gradually turning it into a useless box, and will gravely endanger your personal space.

Suspicious.Cloud is made of various infected components, some of which use the same names of legitimate companies’ tools, which could trick most PC users into believing these files’ credibility. For example, Easy Bits is the name of a company, which creates family oriented software, and one of the malicious Suspicious.Cloud files is called EasyBits.exe. Another malicious file is fb.exe, which is a sinister version of iSoft’s SFXMaker executable file, found under %STARTUP%\FB.exe. If you have noticed this file elsewhere, remove it immediately, as it should not run in a healthy Windows system.

If you did not install Antivirus 2010, AntiVirus System 2011 or HDD Defragmenter, but you see a system scan being performed by one of them anyway, there is no doubt that Suspicious.Cloud is in your system, as all of the fake security tools are closely related to this Trojan. They might resemble genuine security software, but do not be fooled, as their only goal is to gain your credit card numbers and, consequently, rob you off. Suspicious.Cloud initiates these rogues, which display fictitious computer scans that report a ton of nonexistent problems in your system. To persuade you with Suspicious.Cloud's legitimacy, the fake antispywares will report various fake system alerts:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

Attention! Network attack detected!
Your computer is being attacked from remote host. Attack has been classified as Remote code execution attempt.
Risk level: Critical
Attack from 187.245.46.110.46795

Windows – Delayed Write Field
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Exe file is corrupted and can’t be run. Hard drive scan required.

Aside from activating rogue antispywares, Suspicious.Cloud will collect your user names and passwords, and will send this information to hackers, who will be able to use this data further more. Suspicious.Cloud will also modify your browser settings, display advertisements, terminate processes, disable Task Manager, and will force your computer’s restart.

Suspicious.Cloud is an extremely dangerous Trojan that will do everything in its power to gather all your confidential information; therefore, it is necessary to delete Suspicious.Cloud as soon as you can. In order to free your system from this Trojan’s trap, you need to use an updated genuine security tool, which will detect malignant files and will remove Suspicious.Cloud instantly. It is also highly important to keep your Windows updated, because Microsoft constantly detects and fixes security loopholes, which could allow Trojans and other malware infiltrate your system.

Download Spyware Removal Tool to Remove* Suspicious.cloud
  • Quick & tested solution for Suspicious.cloud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Suspicious.cloud

Files associated with Suspicious.cloud infection:

fykcisygfisy.exe
securitymanager.exe
zefcymrebery.exe
zifagureaqyn.exe
tffcrojh.exe
temp.bin
zywelvuhanci.exe
pmomrebcktfpodtfglyuew.exe
qynisarugong.exe
DR2Launcher.exe
_ex-68.exe
dimsntfy32.dll
hdba.dll
wvgmkfnxrI.exe
bdbar.dll
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
vasrosdycalu.exe
hysciwygikle.exe
csrss.exe
a43vtzgbdgv.exe
1.exe
antivir9.exe
drwebcom.exe
windbg.exe
syshost.exe
AdobeARM.exe
dxkaepsp.exe
laheavadashy.exe
poqeqdyzebox.exe
lyfseacusoty.exe
qetotyqpurri.exe
jtxvqphqtqa.exe
DisplaySwitch.exe
qtp_def.exe
dvbdream.exe
PIFoHdCpFL.exe
lvysvbqvgoty.exe
byshcdzyuhso.exe
pokroqmeajys.exe
titjaqirytef.exe
89c65b6d_15ed.exe
xumydridqylr.exe
hIoAFIdidjTpLym.exe
vovokiwitrej.exe
jtiEKAcodyDO.exe
jylumvuqicat.exe
cmddw.dll
bukvuxivasyg.exe
ccon.exe
n.
cttune.exe
kondelypaplaibq.exe
kerbudurywea.exe
wbemsyst.dll
flash_player.exe
temp1.exe
hlshcfswygiumwpf.exe
ctfon.exe
mirsurocvyzy.exe
puzvujovymcu.exe
filtre.exe
ytyozievwmjenndeql.exe
UpdateInstallV2.exe
updates.exe
wesvygmisjeh.exe
tydmuttobubs.exe
mspguard_swkngnc.exe
fpanel.exe
msns.exe
zexeajoxferi.exe
jypykeasuxih.exe
le.exe
serjoxhizuko.exe
SkypePM.exe
4wgyser5huy6j.exe
dacmeatiksur.exe
KnightCleaner.exe
FbxU.exe
_ex-68.exe
wvgmkfnxrI.exe
YOUTUBE.PLAYER.exe
msacwmo.com
tSUpODctlIrm.exe
tivosbadeari.exe
divx.exe
msiexec64.exe
pylcijotpyvy.exe
KB3237683.exe
AlSrvN.exe
mspguard_mfbjbnv.exe
winlogon.exe
nalykaqhudyj.exe
tobgopdizqik.exe
rrmquile_n_.exe
cepunifijyjy.exe
kiduzjisoxub.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
TeamViewer 8.exe
My Web Search Installer.exe
fb.exe
Acronis-True-Image-9.70.82.6.exe
nohalbybywyp.exe
xcsrnbdl.exe
zziabxta.exe
e54f740.exe
search.exe

Suspicious.cloud DLL's to remove:

cmddw.dll
dimsntfy32.dll
hdba.dll
bdbar.dll
wbemsyst.dll

Suspicious.cloud processes to kill:

KB3237683.exe
windbg.exe
zifagureaqyn.exe
_ex-68.exe
wvgmkfnxrI.exe
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
vasrosdycalu.exe
nalykaqhudyj.exe
pmomrebcktfpodtfglyuew.exe
mspguard_swkngnc.exe
mirsurocvyzy.exe
jtiEKAcodyDO.exe
PIFoHdCpFL.exe
drwebcom.exe
qynisarugong.exe
syshost.exe
hysciwygikle.exe
tffcrojh.exe
bukvuxivasyg.exe
DR2Launcher.exe
temp1.exe
wesvygmisjeh.exe
vovokiwitrej.exe
tivosbadeari.exe
ccon.exe
pylcijotpyvy.exe
puzvujovymcu.exe
msiexec64.exe
lvysvbqvgoty.exe
dacmeatiksur.exe
qtp_def.exe
tSUpODctlIrm.exe
search.exe
dvbdream.exe
SkypePM.exe
jypykeasuxih.exe
mspguard_mfbjbnv.exe
FbxU.exe
dxkaepsp.exe
wvgmkfnxrI.exe
flash_player.exe
a43vtzgbdgv.exe
Acronis-True-Image-9.70.82.6.exe
zefcymrebery.exe
TeamViewer 8.exe
qetotyqpurri.exe
ctfon.exe
cepunifijyjy.exe
divx.exe
hIoAFIdidjTpLym.exe
tobgopdizqik.exe
antivir9.exe
DisplaySwitch.exe
e54f740.exe
jtxvqphqtqa.exe
AlSrvN.exe
msns.exe
poqeqdyzebox.exe
byshcdzyuhso.exe
UpdateInstallV2.exe
hlshcfswygiumwpf.exe
nohalbybywyp.exe
xumydridqylr.exe
serjoxhizuko.exe
cttune.exe
csrss.exe
tydmuttobubs.exe
xcsrnbdl.exe
My Web Search Installer.exe
89c65b6d_15ed.exe
lyfseacusoty.exe
securitymanager.exe
winlogon.exe
laheavadashy.exe
YOUTUBE.PLAYER.exe
_ex-68.exe
zziabxta.exe
le.exe
kerbudurywea.exe
kiduzjisoxub.exe
fb.exe
zywelvuhanci.exe
titjaqirytef.exe
fpanel.exe
rrmquile_n_.exe
pokroqmeajys.exe
jylumvuqicat.exe
zexeajoxferi.exe
4wgyser5huy6j.exe
1.exe
ytyozievwmjenndeql.exe
updates.exe
kondelypaplaibq.exe
fykcisygfisy.exe
AdobeARM.exe
filtre.exe
KnightCleaner.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
Disclaimer

Comments

  1. Private Feb 16, 2014

    I got suspicious.cloud.9 with no number.What does each number and letter mean?

  2. crabeater Jan 5, 2015

    You are the only site to report & warn so dramatically on this threat. Here's what Symmantec has to say about it:

    Threat *****sment
    Wild

    Wild Level: Low
    Number of Infections: 0 - 49
    Number of Sites: 0 - 2
    Geographical Distribution: Low
    Threat Containment: Easy
    Removal: Easy

    Damage

    Damage Level: Low

    Distribution

    Distribution Level: Low

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.