Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Suspicious.cloud

Suspicious.Cloud is a destructive Trojan, which will attempt to compromise your system and will make your life a living hell! This malicious application’s creators are not interested in your system’s security or personal privacy, and will implement every tool to reveal your confidential data. So, unless you remove Suspicious.Cloud, this cunning Trojan will make sure to compromise your computer’s functionality, gradually turning it into a useless box, and will gravely endanger your personal space.

Suspicious.Cloud is made of various infected components, some of which use the same names of legitimate companies’ tools, which could trick most PC users into believing these files’ credibility. For example, Easy Bits is the name of a company, which creates family oriented software, and one of the malicious Suspicious.Cloud files is called EasyBits.exe. Another malicious file is fb.exe, which is a sinister version of iSoft’s SFXMaker executable file, found under %STARTUP%\FB.exe. If you have noticed this file elsewhere, remove it immediately, as it should not run in a healthy Windows system.

If you did not install Antivirus 2010, AntiVirus System 2011 or HDD Defragmenter, but you see a system scan being performed by one of them anyway, there is no doubt that Suspicious.Cloud is in your system, as all of the fake security tools are closely related to this Trojan. They might resemble genuine security software, but do not be fooled, as their only goal is to gain your credit card numbers and, consequently, rob you off. Suspicious.Cloud initiates these rogues, which display fictitious computer scans that report a ton of nonexistent problems in your system. To persuade you with Suspicious.Cloud's legitimacy, the fake antispywares will report various fake system alerts:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

Attention! Network attack detected!
Your computer is being attacked from remote host. Attack has been classified as Remote code execution attempt.
Risk level: Critical
Attack from 187.245.46.110.46795

Windows – Delayed Write Field
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Exe file is corrupted and can’t be run. Hard drive scan required.

Aside from activating rogue antispywares, Suspicious.Cloud will collect your user names and passwords, and will send this information to hackers, who will be able to use this data further more. Suspicious.Cloud will also modify your browser settings, display advertisements, terminate processes, disable Task Manager, and will force your computer’s restart.

Suspicious.Cloud is an extremely dangerous Trojan that will do everything in its power to gather all your confidential information; therefore, it is necessary to delete Suspicious.Cloud as soon as you can. In order to free your system from this Trojan’s trap, you need to use an updated genuine security tool, which will detect malignant files and will remove Suspicious.Cloud instantly. It is also highly important to keep your Windows updated, because Microsoft constantly detects and fixes security loopholes, which could allow Trojans and other malware infiltrate your system.

Download Spyware Removal Tool to Remove* Suspicious.cloud
  • Quick & tested solution for Suspicious.cloud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Suspicious.cloud

Files associated with Suspicious.cloud infection:

kondelypaplaibq.exe
hlshcfswygiumwpf.exe
SkypePM.exe
89c65b6d_15ed.exe
jtxvqphqtqa.exe
zexeajoxferi.exe
lvysvbqvgoty.exe
temp.bin
hysciwygikle.exe
ctfon.exe
csrss.exe
PIFoHdCpFL.exe
wbemsyst.dll
kerbudurywea.exe
msns.exe
xcsrnbdl.exe
4wgyser5huy6j.exe
e54f740.exe
zifagureaqyn.exe
tivosbadeari.exe
zziabxta.exe
qynisarugong.exe
le.exe
bukvuxivasyg.exe
n.
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
a43vtzgbdgv.exe
poqeqdyzebox.exe
temp1.exe
tffcrojh.exe
ccon.exe
msacwmo.com
msiexec64.exe
drwebcom.exe
hIoAFIdidjTpLym.exe
securitymanager.exe
dxkaepsp.exe
DR2Launcher.exe
flash_player.exe
vovokiwitrej.exe
wesvygmisjeh.exe
mspguard_mfbjbnv.exe
tSUpODctlIrm.exe
rrmquile_n_.exe
search.exe
pmomrebcktfpodtfglyuew.exe
syshost.exe
DisplaySwitch.exe
pylcijotpyvy.exe
mspguard_swkngnc.exe
kiduzjisoxub.exe
jtiEKAcodyDO.exe
ytyozievwmjenndeql.exe
titjaqirytef.exe
pokroqmeajys.exe
zywelvuhanci.exe
tobgopdizqik.exe
byshcdzyuhso.exe
fykcisygfisy.exe
winlogon.exe
mirsurocvyzy.exe
antivir9.exe
laheavadashy.exe
jylumvuqicat.exe
filtre.exe
tydmuttobubs.exe
zefcymrebery.exe
wvgmkfnxrI.exe
windbg.exe
_ex-68.exe
dimsntfy32.dll
hdba.dll
wvgmkfnxrI.exe
bdbar.dll
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
FbxU.exe
1.exe
YOUTUBE.PLAYER.exe
fb.exe
KB3237683.exe
serjoxhizuko.exe
dacmeatiksur.exe
cmddw.dll
lyfseacusoty.exe
AdobeARM.exe
nohalbybywyp.exe
vasrosdycalu.exe
_ex-68.exe
nalykaqhudyj.exe
dvbdream.exe
TeamViewer 8.exe
qtp_def.exe
qetotyqpurri.exe
cttune.exe
xumydridqylr.exe
divx.exe
Acronis-True-Image-9.70.82.6.exe
fpanel.exe
UpdateInstallV2.exe
My Web Search Installer.exe
KnightCleaner.exe
jypykeasuxih.exe
puzvujovymcu.exe
cepunifijyjy.exe
AlSrvN.exe
updates.exe

Suspicious.cloud DLL's to remove:

wbemsyst.dll
cmddw.dll
dimsntfy32.dll
hdba.dll
bdbar.dll

Suspicious.cloud processes to kill:

cepunifijyjy.exe
AdobeARM.exe
lvysvbqvgoty.exe
fb.exe
divx.exe
jylumvuqicat.exe
wvgmkfnxrI.exe
serjoxhizuko.exe
le.exe
drwebcom.exe
vovokiwitrej.exe
mirsurocvyzy.exe
filtre.exe
puzvujovymcu.exe
wesvygmisjeh.exe
4wgyser5huy6j.exe
securitymanager.exe
kiduzjisoxub.exe
SkypePM.exe
My Web Search Installer.exe
zywelvuhanci.exe
laheavadashy.exe
nohalbybywyp.exe
zefcymrebery.exe
e54f740.exe
TeamViewer 8.exe
updates.exe
jtxvqphqtqa.exe
poqeqdyzebox.exe
xumydridqylr.exe
bukvuxivasyg.exe
winlogon.exe
tffcrojh.exe
tobgopdizqik.exe
DisplaySwitch.exe
msns.exe
lyfseacusoty.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
KB3237683.exe
tivosbadeari.exe
tSUpODctlIrm.exe
hIoAFIdidjTpLym.exe
antivir9.exe
fpanel.exe
hlshcfswygiumwpf.exe
nalykaqhudyj.exe
jypykeasuxih.exe
titjaqirytef.exe
hysciwygikle.exe
89c65b6d_15ed.exe
UpdateInstallV2.exe
mspguard_swkngnc.exe
qtp_def.exe
syshost.exe
Acronis-True-Image-9.70.82.6.exe
windbg.exe
zziabxta.exe
tydmuttobubs.exe
pokroqmeajys.exe
kondelypaplaibq.exe
YOUTUBE.PLAYER.exe
temp1.exe
dxkaepsp.exe
KnightCleaner.exe
csrss.exe
_ex-68.exe
wvgmkfnxrI.exe
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
zifagureaqyn.exe
_ex-68.exe
jtiEKAcodyDO.exe
dacmeatiksur.exe
fykcisygfisy.exe
vasrosdycalu.exe
AlSrvN.exe
FbxU.exe
ytyozievwmjenndeql.exe
pylcijotpyvy.exe
a43vtzgbdgv.exe
DR2Launcher.exe
msiexec64.exe
ctfon.exe
mspguard_mfbjbnv.exe
PIFoHdCpFL.exe
zexeajoxferi.exe
rrmquile_n_.exe
flash_player.exe
qynisarugong.exe
search.exe
byshcdzyuhso.exe
kerbudurywea.exe
cttune.exe
qetotyqpurri.exe
xcsrnbdl.exe
dvbdream.exe
ccon.exe
1.exe
pmomrebcktfpodtfglyuew.exe
Disclaimer

Comments

  1. Private Feb 16, 2014

    I got suspicious.cloud.9 with no number.What does each number and letter mean?

  2. crabeater Jan 5, 2015

    You are the only site to report & warn so dramatically on this threat. Here's what Symmantec has to say about it:

    Threat *****sment
    Wild

    Wild Level: Low
    Number of Infections: 0 - 49
    Number of Sites: 0 - 2
    Geographical Distribution: Low
    Threat Containment: Easy
    Removal: Easy

    Damage

    Damage Level: Low

    Distribution

    Distribution Level: Low

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.