Results 1 to 15 of 15
  1. #1
    iNET Interactive
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    724
    Thanks
    11
    Thanked 71 Times in 56 Posts

    What you should know about Windows' Event Viewer




    TOP STORY

    What you should know about Windows' Event Viewer


    By Woody Leonhard

    Most of the Windows utilities we talk about in the Windows Secrets Newsletter help you work faster or better or smarter, but Windows Event Viewer doesn't fall into that category.

    A powerful diagnostic tool, Event Viewer is now being used by online support scammers who make big bucks preying on peoples' fears.

    The full text of this column is posted at WindowsSecrets.com/top-story/What-you-should-know-about-Windows-Event-Viewer/ (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,481
    Thanks
    130
    Thanked 499 Times in 459 Posts
    Troubleshooting can be made a tad bit easier too by frequently removing the masses of mostly meaningless entries in the Event Viewer.

    But scammers calling you by name is far more troubling than random calling. More troubling still is the fact that there is little recourse
    the average person can do in terms of effectively dealing with these criminals outside of not falling for their scams.

  3. #3
    New Lounger
    Join Date
    Feb 2011
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    This happened to a friend of mine over a year ago, maybe two. It happened shortly after she had called Dell
    Support re a problem with her new laptop. She dealt with an Indian call center and I wonder if the phone numbers of the possibly clueless are passed on to the scammers from the call center. Fortunately, she called me literally
    as she was on the phone with the guy and I said NO, MICROSOFT WILL NOT BE ASKING YOU FOR MONEY for
    support of a brand new laptop! Then I showed her how to get rid of the app they downloaded on her machine
    and told her to disable the remote assistance service.

  4. #4
    New Lounger
    Join Date
    Oct 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I recently received a phone call from someone with an Indian accent,(he knew my name and obviously my phone number) said he was from Microsoft. He said he was here to help me with a virus problem. I said I had no problem and did not contact Microsoft. he said they were receiving a message from my computer and I had a virus problem. I said my computer does not send out messages.He said to open Internet explorer and type: www.ammyy.com, I googled it and saw it was a Remote desktop access site, with remote control software.
    I told him goodbye, I was not falling for the scam. I looked at the site, there was a warning on the website about Malacious use of their software, and not to use it unless you voluntarily wanted ot use their site.

  5. #5
    New Lounger
    Join Date
    Oct 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Good article, but I'm troubled by the reference to India. Most people in India - including techies, call center executives and con men - barely have enough money to eat one meal a day, leave alone make an international call to try to con someone.
    As you rightly pointed out, most people aren't aware of the event viewer at all, much less know how to use it. It'd be a HUGE stretch of the imagination, and possibly a biased opinion to blame the call on an Indian.

  6. #6
    New Lounger
    Join Date
    Oct 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by johncougar View Post
    Good article, but I'm troubled by the reference to India. Most people in India - including techies, call center executives and con men - barely have enough money to eat one meal a day, leave alone make an international call to try to con someone.
    As you rightly pointed out, most people aren't aware of the event viewer at all, much less know how to use it. It'd be a HUGE stretch of the imagination, and possibly a biased opinion to blame the call on an Indian.
    Come on johncougar, what was actually said in the original article about this con was “The con I discussed back in February described how a caller, possibly from India”. I don’t see how pointing out that the calls in question possibly come from India is blaming the whole of the country, what’s more important is making people aware of this type of scam!!

    Unfortunately the type of people who are getting caught out by these people are not the ones who would be reading this forum!! My accountant recently called me in a panic to tell me her 84 year farther had received such a call and he had unfortunately allowed the caller to gain access to his computer. They were in fact actually logged into it as we were speaking. It took me a few second to convince her that the only thing to do was to just pull the power cable out of the back of the computer so everything just closed down. Subsequent investigation showed that he had followed the callers instructions to log in to a particular web site which immediately attempted to download various viruses onto his computer, now he did have a problem with his computer!!!

  7. #7
    New Lounger
    Join Date
    Oct 2011
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Windows Event Viewer scam

    Here in the UK I almost fell victim to this very convincing scam but luckiily smelt a rat and refused to part with any money. I was reasonably polite to the gentleman trying to persuade me that he needed to clean all the viruses and trojans off my computer, but in the end I said that I appreciated he was trying to help me but I was not prepared to pay anything without further investigation. At which point he obviously lost patience and actuall said:"I don't want your I appreciation, I want your money!!!"

  8. #8
    Administrator Woody's Avatar
    Join Date
    Jan 2001
    Location
    Patong, Phuket, Thailand
    Posts
    356
    Thanks
    1
    Thanked 497 Times in 4 Posts
    Quote Originally Posted by johncougar View Post
    Good article, but I'm troubled by the reference to India. Most people in India - including techies, call center executives and con men - barely have enough money to eat one meal a day, leave alone make an international call to try to con someone.
    As you rightly pointed out, most people aren't aware of the event viewer at all, much less know how to use it. It'd be a HUGE stretch of the imagination, and possibly a biased opinion to blame the call on an Indian.
    @John -

    The proliferation of low-cost/no-cost international voice calls has brought this scam to the reach of people all over the world. India's big advantage is the large number of English speakers. I know. I live in Thailand...
    Woody

    For Dummies book author, Senior Editor at Windows Secrets Newsletter, Senior Contributing Editor for InfoWorld, and long-suffering Windows victim. Check out the latest at AskWoody.com.

  9. #9
    Star Lounger
    Join Date
    Mar 2010
    Location
    Great LAND of TEXAS
    Posts
    75
    Thanks
    0
    Thanked 4 Times in 3 Posts
    Thank you Mr. Allen,
    Plus all those that have posted so far along with some with concerns. That is what makes the World go round and our American way be so GREAT!!

    My comment is this is giving us a little insight into some of the workings of Windows as well as our systems. A little explanation is good but knowing some of these details is a big PLUS not only to make us aware of these scams but what to look for and what to ignore, especially the scammers. I have attempted to look over some of those logs and decided some time ago to just leave well enough alone as long as my system was working well and not giving any problems. Now I can investigate some of these other posts and posters to learn more. I am an analyst and troubleshooter for my own system as well for some of my friends.
    It has done me well over the years, now is becoming intemidating with this Event Viewer with so much information to read over. Thanks to Woody and his so informative messages . .

    Keep up this Good work in keeping us Dummies alterted . .
    Last edited by NTLS; 2011-10-30 at 12:17. Reason: did not proof read . .
    Thank you for reading,
    TIA, CU L8R,
    NTxLS Win7 Pro 64bit SP1; FireFox v30.x, Password Maker v1.7.8; WinPatrolPlus: SuperAntiSpyware; MBAM Pro; all with the latest updates . .

  10. #10
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,481
    Thanks
    130
    Thanked 499 Times in 459 Posts
    It may be possible to quiet down some of those minor pesky repeating errors and warningss, especially if you have an SSD you want to limit read/writes to.
    Untitled.jpg
    Under Administrative tools, performance monitor. Under the Data Collector sets/System, look for "Starup Event Trace Session".
    I know for me the MS Security Client OOBE is a frequent anoyance that can be safely removed from the trace.

    You would have to carefully evaluate your own setup and specific situation though.

  11. #11
    New Lounger
    Join Date
    Nov 2011
    Location
    Athens, GA
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I just read this article, and used the Event Viewer (WinXP sp3) to find the logs in the \Windows\Minidumps\ directory.

    I've had a long-standing problem with an occasional Blue Screen of Death. The system crashes, the blue screen filled with white text pops up for a split-second, then the computer reboots. I'm assuming the logs in the Minidumps directory contain all that data that flashes on the screen and that's supposed to be telling me what's wrong. But how do I read it? Or is it even something that will likely mean anything to me?

  12. #12
    New Lounger
    Join Date
    Apr 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I wasn't aware that Windows Event Log existed until I received a phone call from someone who said they were responding to my request to Microsoft for help with my computer. I was concerned since I had not contacted Microsoft and had no problems with my OS. At his request I opened the events log and was told I had way too many events in my log and if I didn't resolve the problem I was sure to experience a hard drive crash. He said all I had to do was give him remote access and he would help me in resolving this problem. Not willing to give anyone remote access, I asked him how I knew he was who he claimed to be. He gave me his name and phone number and said I could call him back. He never mentioned any charge for his service. I immediately googled event log and found this article which confirmed my suspicions. I did call the number and it was definately not Microsoft. Doubt I would have gotten an answer at Microsoft on Saturday. Thanks for the heads up.

  13. #13
    New Lounger
    Join Date
    Jul 2012
    Posts
    1
    Thanks
    0
    Thanked 1 Time in 1 Post

    EventViewer Scam

    Just got an unsolicited call from, I think India, regarding the need to renew my software registration licence that according to them, being out of warranty, was causing the "Warnings" and "Error" alerts in - Windows Event Viewer. I smelled a scam right away and at first I was a bit agitated with the guy but his response was to get agitated back at me so I thought maybe this guy really is trying to help and am not computer technical so did get coaxed into opening up my EventViewer window and was told all about the dreadfull errors in it ("oh my gosh" he kept saying). It's funny in retrospect he told they'd noticed I was receiving various error messages but in going through the process he had no idea how many or what they were from (I thought he was bringing me the information...). I was then transferred to his supervisor for further explanation. Both "Window Support workers" (which is of course bull) often evaded answering my questions unless it was one they wanted! to answer. The 'supervisor' pretty much went through the same process as the previous guy had already and breifly mentioned something about a fee. They ended up taking up about 20 minutes of my time, and now the time to write this message but the latter is time well spent. Then the supervisor wanted me open up a web site and it was then that I just hung up. My answering machine has now started flashing (pretty sure I know who that's gonna be) but my phone is on "Do not Disturb" so I wont be taking calls from them tonight.

    Most of us work pretty hard for our money. Thank you for writing and posting this article. It was so so straight forward and so helpful. Thank you.
    Last edited by sdarbs; 2012-07-09 at 23:37. Reason: added a comment

  14. The Following User Says Thank You to sdarbs For This Useful Post:

    Jaggiethistle (2012-09-04)

  15. #14
    New Lounger
    Join Date
    Sep 2012
    Posts
    1
    Thanks
    1
    Thanked 0 Times in 0 Posts
    This scam is rife in UK NOW! Ihave personally received at least 10 in the last 12 months.
    The last one TODAY. The procedure they used was axactly as shown in your article.
    I retreived the phone number 009965787464, but could be 'diverted call'. I just told them I did not trust them to place my PC on-line to them!
    In past, when asked, "are you the main user of the computer"; I have responded with, Yes. I am the Administrator"; which resulted in them hanging up.
    These calls have also been received by colleages.
    DO NOT ENTER INTO DIALOG WITH THEM!

  16. #15
    New Lounger
    Join Date
    Jun 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I just got two of these calls today, the first one I recognized after just a few seconds, but I wasn't doing anything so I played along. I figure it's my duty to keep these guys tied up with me where they won't do any damage, instead of letting them go to call someone else. It was so funny, when I got to the second level tech who was going to remote in, I asked a lot of technical questions, I asked for his Certificate number when he said he was Microsoft Certified. He finally decided I wasn't about to let him into my PC and tried to hang up the phone but he couldn't, he told me to hang up my phone and I said I would not, I asked him how much it was costing by me tying up a line that could be used to scam other people. He was speaking to other people in what sounded like Hindi, before he found the mute button, probably asking how to release the call. I don't know where he was calling from, but there's a lot of call center capacity in India and I bet a Boiler Room could be set up and locals who can read from an English script recruited to man the phones. The second call came a couple of hours later, different voice, same accent, same script, but I was getting a little bored and scared him off after just a few minutes by asking how they got my phone number from my IP address, and what was my public IP address anyway?

    WASTE THEIR TIME, The more tech aware users have the duty to keep these scammers tied up with someone who's not about to let them remote into their PC or give them a credit card number. Use the language barrier, make them repeat every word. When they tell you to go to a web site, say your PC froze and you have to reboot, tell them your anti-malware software is warning you about the site they gave you, or that your firewall is blocking something and the site won't load. Just keep them burning time with you instead of some less tech aware fellow PC user.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •