Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Suspicious.cloud

Suspicious.Cloud is a destructive Trojan, which will attempt to compromise your system and will make your life a living hell! This malicious application’s creators are not interested in your system’s security or personal privacy, and will implement every tool to reveal your confidential data. So, unless you remove Suspicious.Cloud, this cunning Trojan will make sure to compromise your computer’s functionality, gradually turning it into a useless box, and will gravely endanger your personal space.

Suspicious.Cloud is made of various infected components, some of which use the same names of legitimate companies’ tools, which could trick most PC users into believing these files’ credibility. For example, Easy Bits is the name of a company, which creates family oriented software, and one of the malicious Suspicious.Cloud files is called EasyBits.exe. Another malicious file is fb.exe, which is a sinister version of iSoft’s SFXMaker executable file, found under %STARTUP%\FB.exe. If you have noticed this file elsewhere, remove it immediately, as it should not run in a healthy Windows system.

If you did not install Antivirus 2010, AntiVirus System 2011 or HDD Defragmenter, but you see a system scan being performed by one of them anyway, there is no doubt that Suspicious.Cloud is in your system, as all of the fake security tools are closely related to this Trojan. They might resemble genuine security software, but do not be fooled, as their only goal is to gain your credit card numbers and, consequently, rob you off. Suspicious.Cloud initiates these rogues, which display fictitious computer scans that report a ton of nonexistent problems in your system. To persuade you with Suspicious.Cloud's legitimacy, the fake antispywares will report various fake system alerts:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

Attention! Network attack detected!
Your computer is being attacked from remote host. Attack has been classified as Remote code execution attempt.
Risk level: Critical
Attack from 187.245.46.110.46795

Windows – Delayed Write Field
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Exe file is corrupted and can’t be run. Hard drive scan required.

Aside from activating rogue antispywares, Suspicious.Cloud will collect your user names and passwords, and will send this information to hackers, who will be able to use this data further more. Suspicious.Cloud will also modify your browser settings, display advertisements, terminate processes, disable Task Manager, and will force your computer’s restart.

Suspicious.Cloud is an extremely dangerous Trojan that will do everything in its power to gather all your confidential information; therefore, it is necessary to delete Suspicious.Cloud as soon as you can. In order to free your system from this Trojan’s trap, you need to use an updated genuine security tool, which will detect malignant files and will remove Suspicious.Cloud instantly. It is also highly important to keep your Windows updated, because Microsoft constantly detects and fixes security loopholes, which could allow Trojans and other malware infiltrate your system.

Download Spyware Removal Tool to Remove* Suspicious.cloud
  • Quick & tested solution for Suspicious.cloud removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Suspicious.cloud

Files associated with Suspicious.cloud infection:

YOUTUBE.PLAYER.exe
hIoAFIdidjTpLym.exe
cepunifijyjy.exe
titjaqirytef.exe
securitymanager.exe
kondelypaplaibq.exe
zexeajoxferi.exe
pokroqmeajys.exe
_ex-68.exe
cmddw.dll
msacwmo.com
PIFoHdCpFL.exe
kerbudurywea.exe
zywelvuhanci.exe
msns.exe
UpdateInstallV2.exe
wesvygmisjeh.exe
temp.bin
kiduzjisoxub.exe
serjoxhizuko.exe
ytyozievwmjenndeql.exe
AlSrvN.exe
jtiEKAcodyDO.exe
le.exe
tffcrojh.exe
nohalbybywyp.exe
KB3237683.exe
89c65b6d_15ed.exe
hysciwygikle.exe
tobgopdizqik.exe
pylcijotpyvy.exe
drwebcom.exe
antivir9.exe
qynisarugong.exe
a43vtzgbdgv.exe
FbxU.exe
KnightCleaner.exe
xcsrnbdl.exe
DisplaySwitch.exe
mirsurocvyzy.exe
lyfseacusoty.exe
bukvuxivasyg.exe
nalykaqhudyj.exe
ccon.exe
tydmuttobubs.exe
vasrosdycalu.exe
windbg.exe
winlogon.exe
qetotyqpurri.exe
zefcymrebery.exe
e54f740.exe
1.exe
dvbdream.exe
4wgyser5huy6j.exe
My Web Search Installer.exe
SkypePM.exe
cttune.exe
mspguard_mfbjbnv.exe
hlshcfswygiumwpf.exe
zziabxta.exe
vovokiwitrej.exe
zifagureaqyn.exe
n.
dacmeatiksur.exe
dxkaepsp.exe
puzvujovymcu.exe
temp1.exe
Acronis-True-Image-9.70.82.6.exe
tivosbadeari.exe
_ex-68.exe
dimsntfy32.dll
hdba.dll
wvgmkfnxrI.exe
bdbar.dll
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
syshost.exe
laheavadashy.exe
tSUpODctlIrm.exe
lvysvbqvgoty.exe
msiexec64.exe
rrmquile_n_.exe
divx.exe
xumydridqylr.exe
filtre.exe
fb.exe
poqeqdyzebox.exe
updates.exe
DR2Launcher.exe
ctfon.exe
jypykeasuxih.exe
TeamViewer 8.exe
AdobeARM.exe
jtxvqphqtqa.exe
jylumvuqicat.exe
wbemsyst.dll
qtp_def.exe
fpanel.exe
flash_player.exe
search.exe
wvgmkfnxrI.exe
byshcdzyuhso.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
fykcisygfisy.exe
csrss.exe
mspguard_swkngnc.exe
pmomrebcktfpodtfglyuew.exe

Suspicious.cloud DLL's to remove:

wbemsyst.dll
dimsntfy32.dll
hdba.dll
bdbar.dll
cmddw.dll

Suspicious.cloud processes to kill:

UpdateInstallV2.exe
msns.exe
puzvujovymcu.exe
rrmquile_n_.exe
qynisarugong.exe
kondelypaplaibq.exe
serjoxhizuko.exe
a43vtzgbdgv.exe
AlSrvN.exe
jypykeasuxih.exe
search.exe
jylumvuqicat.exe
zziabxta.exe
qetotyqpurri.exe
securitymanager.exe
poqeqdyzebox.exe
1.exe
xumydridqylr.exe
wvgmkfnxrI.exe
dacmeatiksur.exe
kerbudurywea.exe
dvbdream.exe
byshcdzyuhso.exe
fykcisygfisy.exe
zifagureaqyn.exe
cepunifijyjy.exe
hIoAFIdidjTpLym.exe
winlogon.exe
pylcijotpyvy.exe
nohalbybywyp.exe
ytyozievwmjenndeql.exe
AdobeARM.exe
PIFoHdCpFL.exe
updates.exe
mirsurocvyzy.exe
tivosbadeari.exe
mspguard_swkngnc.exe
xcsrnbdl.exe
ctfon.exe
dxkaepsp.exe
fpanel.exe
DisplaySwitch.exe
zywelvuhanci.exe
kiduzjisoxub.exe
drwebcom.exe
syshost.exe
2dfc023c3d6a0b46c0cfc3904d8bb861.exe
TeamViewer 8.exe
_ex-68.exe
wvgmkfnxrI.exe
securitymanager.exe
antivir9.exe
e6d7f224-8050.exe
2b168e8c-8033.exe
ON2Zwy0YPQntzc.exe
UpgradeChecker.exe
dd23892d-8020.exe
VAAxIqjfEmgpss.exe
PIFoHdCpFL.exe
jtiEKAcodyDO.exe
io7u0hHgUJk5YJ.exe
id5g1byvtOQbYk.exe
tSUpODctlIrm.exe
QILqT22JAJTfSc.exe
EasyBits.exe
9ELcGiTspITp6h.exe
fb.exe
46c80079-5689.exe
bukvuxivasyg.exe
My Web Search Installer.exe
msiexec64.exe
e54f740.exe
jtiEKAcodyDO.exe
titjaqirytef.exe
zexeajoxferi.exe
tSUpODctlIrm.exe
flash_player.exe
_ex-68.exe
antivir9.exe
lvysvbqvgoty.exe
qtp_def.exe
DR2Launcher.exe
pmomrebcktfpodtfglyuew.exe
csrss.exe
tobgopdizqik.exe
89c65b6d_15ed.exe
KB3237683.exe
tydmuttobubs.exe
le.exe
windbg.exe
divx.exe
vasrosdycalu.exe
filtre.exe
fb.exe
Acronis-True-Image-9.70.82.6.exe
mspguard_mfbjbnv.exe
wesvygmisjeh.exe
pokroqmeajys.exe
hysciwygikle.exe
temp1.exe
KnightCleaner.exe
zefcymrebery.exe
cttune.exe
YOUTUBE.PLAYER.exe
4wgyser5huy6j.exe
nalykaqhudyj.exe
tffcrojh.exe
SkypePM.exe
vovokiwitrej.exe
FbxU.exe
hlshcfswygiumwpf.exe
jtxvqphqtqa.exe
ccon.exe
laheavadashy.exe
lyfseacusoty.exe
Disclaimer

Comments

  1. Private Feb 16, 2014

    I got suspicious.cloud.9 with no number.What does each number and letter mean?

  2. crabeater Jan 5, 2015

    You are the only site to report & warn so dramatically on this threat. Here's what Symmantec has to say about it:

    Threat *****sment
    Wild

    Wild Level: Low
    Number of Infections: 0 - 49
    Number of Sites: 0 - 2
    Geographical Distribution: Low
    Threat Containment: Easy
    Removal: Easy

    Damage

    Damage Level: Low

    Distribution

    Distribution Level: Low

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.