Cydoor

  • 1
  • Problem
  • Updated 2 years ago
  • In Progress
  • (Edited)
Trend can't remove the CYDOOR virus alert that's hijacked my Microsoft Edge.   I am fully updated and subscrition to Trend is current.   What do I do ???   I asked Trend a few days back now but no reply.

When I open Edge, the homepage is redirected away to this site, accompanied by an ear piercing scream, and I have to be cunning to even get another tab open to do anything like writing this.   Mute is always on now.

h**ps://storage.bhs1.cloud.ovh.net/v1/AUTH_556fc7eab62a4460bfef2521370bb693/poland-11/psi.html?num=1-800-875-413&var=wVUCT2GTDR73A67VGL5D61BE-49.187.15.122&c=nup&isp=Optus%20Internet&c=nup&action=again&action=again&action=again&action=again&action=again

and if I try to close the tab, it won't let me, but a pop-up activates instead:

Photo of peter.urquhart

peter.urquhart

  • 80 Points 75 badge 2x thumb

Posted 2 years ago

  • 1
Photo of TM_Claudia

TM_Claudia, Employee

  • 10,842 Points 10k badge 2x thumb
Sorry for the late response. The Cydoor malware alert is shown to trick the user into thinking their computer has crashed or that a virus has been detected on the computer. It does this to scare the users calling the listed number, so they can sell unneeded support contracts or services on the phone.

Please DO NOT call the number and follow the steps below to solve this issue:
  1. Right-click the taskbar at the bottom of the screen and select Task Manager.
  2. Choose Microsoft Edge on Processes tab and click End task button.
  3. In the search bar next to the Windows 10 logo, type in google.com and press Enter.
  4. When Micro Edge opened up with a new tab for Google, click "x" to close Edge.
    Note: DO NOT click on the offending site tab or it will get your Edge again.
When Edge close properly, it won't restore tabs and the offending site tab will be gone. (source from Microsoft Community)

Please let us know if the solution works for you. Thank you.

Trend Micro Home Users Community
Photo of peter.urquhart

peter.urquhart

  • 80 Points 75 badge 2x thumb
Sorry, but this didn't work.    I typed in google.com in the search bar, hit enter, and as expected the alrms goes off, the first tab goes to the CYDOOR warning, and a pop-up appears, as per the pic I showed in my initial post.   If I try to "x" out of Edge, nothing responds, as the pop-up prevents Edge accepting anything further.   If I am really really quick, when Edge first starts and is opening up the first tab with CYDOOR, I quickly open a second tab.   This second tab allows me to open any other website, open further tabs, etc. BUT not without the screaming alarm from the first tab with CYDOOR.   I cannot close that first tab.   Every time I restart Edge, CYDOOR is always the first thing to activate.   Of course, I want to get rid of CYDOOR all together, and then I can unmute the sound.   How do I get rid of it forever ?   Isn't this the sort of commonplace intrusion that Trend should be protecting against in an update ? Peter
Photo of TM_Claudia

TM_Claudia, Employee

  • 10,842 Points 10k badge 2x thumb
Sorry to hear that the solution did not work for you. I understand that the Cydoor page is always on the first tab of your Edge, and you cannot close it correctly.

We found that the issue with browser-locking web pages fixed for Microsoft Edge with the KB3093266 update, and the fix is working fine on many Edge users. (reference Microsoft online page: Dialog Loop Protection for Microsoft Edge)

Please follow the steps below to see if the update is currently available on your computer:
  1. Open the Settings window (Press Windows key + I key)
  2. Click Update & Security, then click Windows Update
  3. Click Check for updates to see if KB3093266 is available.

Also, we've escalated this issue and a dedicated team is investigating in our lab. 

Trend Micro Home Users Community
Photo of TM_Claudia

TM_Claudia, Employee

  • 10,842 Points 10k badge 2x thumb
Hi peter.urquhart, did Windows Update work for you?

Regarding the URL you provided, our web filter team have rated it as "Scam" and the site will be blocked by Trend Micro Security when you're accessing it. 

Please let us know if you're still encountering the issue on your end. Thank you!

Trend Micro Home Users Community
(Edited)