New threat to computers? Help me understand please!

Jexta

Honorable
May 9, 2013
5
0
10,510
Hello. This will be a long read but I have some questions about things I was told by a company trying to get me to buy stuff (sounds bad) but he made it sound legit. I would like anyone with any knowledge on this to please comment in detail and help me understand if its a good idea to get help or not. Because honestly, I had computers all my life and I never had the problem he stated.. and he said its because I don't have something I never had before.. so whats different now? well he said hackers just changed their tactics... so please inform me!

So I built my own computer and I had iolo system mechanic for awhile even prior so I put it on this new computer. I got a call from one of their workers today telling me that their getting a ton of errors and warnings from my computer and he did this:

start menu - event viewer
It brought up a list of a ton of errors and warnings and it said at top number of events is over 54,000 and he said it will eventually get to the critical limit and my computer will crash for good or something along those lines.

A: is this true?

He then opened the task manager and showed me in processes tab that the majority of my windows programs including internet security and stuff has "stopped" and he said only way to get those back is reinstall them but that is how hackers are trying to acess my compter. He then proceeded to show me something on the list called "csrss.exe" and told me that is the Trojan program allowing things in my computer. I also seen one just as suspicious called "AA_V3.exe" only because it also did not have a description.

B: are these bad and is he telling me the straight truth?

He then opened the command prompt screen and typed in
cd..
cd..
tree/f
and it made a huge list of a ton of codes and stuff and half of them were white and half were red. Once it ended at the bottom it said 857 Trojans found and some errors or something and internet security issues.

He then typed in "tracert" fallowed by www.google.com and it came up with my IP that said home and also came up with 12 other IP's which he claimed were all the other computers (hackers) accessing what I access.

C: true stuff?

So he then told me that the problem isn't my computer or my internet provider but its a new age and just like the target thing, this is what hackers are doing now adays so they came out with this internet security filter for 200 dollars.. figures right? lol .. and he said its not a program and doesn't physically connect to my router? somehow I just have it for all my computers and the only time I need to do anything is call them if I switch internets and they will somehow transfer it.

So along with A, B and C what is the educated opinions of the people here at tom's hardware? Is this really the new hacker method and the only way I can save my computer at this point is to get some internet security and have them filter out all my errors and Trojans?

Or.. is there some secret way I can fix this all myself and that guy was just yankin my leg trying to get me to buy his product?

Please help I love my computer ;D thanks everyone!
 
Solution
You are being scammed.

A. Tens of thousands of 'items' in the Event Viewer is absolutely normal. Windows writes to that log continuously. There are 3 levels: Info, Warning, Error. Now...if there were thousands in the Errors category, that would be bad. Unlikely.

B. "csrss.exe" is a normal Windows service. Client/Server Runtime Subsystem
Has been part of Windows since Windows 2000. http://en.wikipedia.org/wiki/Client/Server_Runtime_Subsystem

C. $200 for some 'thing' that 'doesn't connect to my router'. That makes absolutely no sense

D. Companies don't call you out of the blue and tell you that your PC is vulnerable/infected, etc.

You are being scammed.

So...now you have a couple of other problems.
1. Dump this...

DarkSable

Honorable
Sep 27, 2012
410
0
11,010
Please tell me that you're joking.

This is very very very obviously an absolute scam. Even if you pay $200, he won't do anything. By giving him access to your computer, you probably gave yourself a LOT of viruses.

You fell for pretty much the oldest trick in the book - he showed you a whole bunch of absolutely harmless things and told you that they mean things that they absolutely do not.

That is absolute bs, you should not fall for this, and you should immediately back up whatever data you might have and reinstall windows. PERIOD.
 

neon neophyte

Distinguished
Apr 11, 2009
135
0
18,660
sounds bogus. you do have a trogan but like all other malware, it is software.

honestly, at this point, i would nuke it from orbit and build anew. ie, format your hard drives and reinstall windows.
 

johnnyb105

Honorable
Feb 18, 2013
125
0
10,660
http://forum.wiziwig.eu/threads/83210-Iolo-System-Mechanic-WARNING!!!

system mechanic is the malware pro ! you install it and pay for there service your computer is hi jacked and shit ! period


http://www.iolo.com/resources/articles/dont-fall-for-the-latest-online-scams/
 

USAFRet

Illustrious
Moderator
You are being scammed.

A. Tens of thousands of 'items' in the Event Viewer is absolutely normal. Windows writes to that log continuously. There are 3 levels: Info, Warning, Error. Now...if there were thousands in the Errors category, that would be bad. Unlikely.

B. "csrss.exe" is a normal Windows service. Client/Server Runtime Subsystem
Has been part of Windows since Windows 2000. http://en.wikipedia.org/wiki/Client/Server_Runtime_Subsystem

C. $200 for some 'thing' that 'doesn't connect to my router'. That makes absolutely no sense

D. Companies don't call you out of the blue and tell you that your PC is vulnerable/infected, etc.

You are being scammed.

So...now you have a couple of other problems.
1. Dump this "iolo system mechanic". Does more harm than good.
2. This guy has had remote access to your system. Whether he be a valid employee (unlikely), or simply a scammer. There is no telling what else he might have put on your PC. Keylogger, trojan...anything.


I suggest you use a Rescue CD from one or more of the major AV companies. Kaspersky, etc. Boot from that disk, and do a deep scan.
If a family member came to me with this tale of woe? I'd completely blow it away and reinstall the OS. No question about it.
 
Solution

USAFRet

Illustrious
Moderator
For example, this is my Event Viewer (Windows 8 Pro):
xv1cwJQ.png


Certainly looks bad, doesn't it?
 

johnnyb105

Honorable
Feb 18, 2013
125
0
10,660
OH MY GOD USA YOU GOT SYSTEM MECHANIC lol joke really I came across this program about 3 years ago my sis in law to be installed it thinking it was something great which it fu@# up the system big time then... So what I did at the time because I was lacking time to spend on it was to create another users account and deleted the main and the pc was back to normal....
 

Jexta

Honorable
May 9, 2013
5
0
10,510
My minds blown... this is why I love this site ;D!

So there really isn't a problem with my task manager processes when half of them say "stopped"? and that cd.. cd.. tree/f thing when it ended it said 875 Trojans and a lot of the codes were red...

probably should just reinstall OS that just cleans everything back to new right? like even my SSD wouldn't have garbage clutter or whatever it is called anymore and everything would be absolutely fresh? If I did that I would probably have a rough time figuring out all my drivers and what needs drivers again as well -_- dove right into building my own computer and spent lots of money on it and im just screwing myself lol.
 

DarkSable

Honorable
Sep 27, 2012
410
0
11,010
You should absolutely reinstall windows, yes. And drivers shouldn't be too much of an issue - once Windows is installed, plug your internet cable in and continue doing updates - that should get all the drivers you need except for your video cards.

I highly, HIGHLY recommend you use the free antivirus Microsoft Security Essensials (Windows Defender in windows 8), which can be downloaded from microsoft's site. You should also use the free antimalware Malwarebytes - and I would recommend paying for a lifetime subscription. (It's only like, $25, something like that, one time, and you get it forever.)

There wasn't any problem with your task manager processes, no, and whatever he did was utter BS - your CMD is never going to tell you that there are Trojans unless all its doing is regurgitating a program that has that text in it.
 

johnnyb105

Honorable
Feb 18, 2013
125
0
10,660
Best advice ever it sounds too good then it is too good to be true if your ever in doubt ask questions always ask someone will help you beware of scam corp and people all they want is your money and they know how to con people so when in doubt ask someone!