Question Is It Normal to Have Hundreds of Errors and Warnings in Event Viewer?

Please provide comments and solutions that are helpful to the author of this topic.
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,972
Yes, it's normal. Event Viewer logs every minor issue, most of which don't affect your system's performance. However, if you're experiencing specific problems, Event Viewer can help diagnose them.
 
cartaphilus

cartaphilus

Level 13
Well-known
Mar 17, 2023
609
lokamoka820 said:
When I open event viewer in Windows 11, I see too many errors and warnings in the summary of administrative events section, is this normal?
Click to expand...
VERY VERY NORMAL. That's the BEST SINGLE TRICK that scammers use on older users and people who are not tech savy. They contact you, ask you to open up event viewer and point to the number of errors then they either state that it's due to you haveing a virus or that your system is corrupted. So the only way to fix it is to let them remote into your PC or sell you specific scareware software. Although this method is not being used as often as it used to be back in the 2010's. Now Ransomware is the king .
 
  • Like
  • Hundred Points
Reactions: brambedkar59, Jonny Quest, Oldie1950 and 6 others
M

MartyC

New Member
May 27, 2024
9
Yup. This one is a WIFI 6E AX 211 bug. Nobody can figure it out and Intel does nothing about it. I am not losing my Wi-Fi connection, but it thinks I am.
1721166364763.png
 
  • Like
Reactions: brambedkar59 and Oldie1950
Victor M

Victor M

Level 18
Verified
Top Poster
Well-known
Oct 3, 2022
868
The security related Event ID's that you need to make Custom Views for are below. When you define a custom view, you can just click on it to list out occurances of that particular event ID.

learn.microsoft.com

Appendix L - Events to Monitor

Learn more about: Appendix L: Events to Monitor
learn.microsoft.com

For instance, when a malware tries to install a service, it generates a 4697 event ID.
And when malware makes a new scheduled task, it generates a 4698 event ID.

You need to periodically examine your logs to make sure nothing has gotten thru. Anti-malware detection can Fail. All the malware-writer has to do is tweak his code a little, and it will escape automatic detection.
 
Last edited:
  • Applause
  • Like
Reactions: cartaphilus and simmerskool
Viking

Viking

Level 26
Verified
Honorary Member
Top Poster
Well-known
Oct 2, 2011
1,570
cartaphilus said:
VERY VERY NORMAL. That's the BEST SINGLE TRICK that scammers use on older users and people who are not tech savy. They contact you, ask you to open up event viewer and point to the number of errors then they either state that it's due to you haveing a virus or that your system is corrupted. So the only way to fix it is to let them remote into your PC or sell you specific scareware software. Although this method is not being used as often as it used to be back in the 2010's. Now Ransomware is the king .
Click to expand...
Scammers tried that trick on me many years ago, I just kept them on hold pretending to agree to to what they wanted me to do. After a while they just hung up realising that I was wasting their time.
 
  • Like
Reactions: Oldie1950 and cartaphilus
lokamoka820

lokamoka820

Level 28
Thread author
Verified
Well-known
Mar 1, 2024
1,700
Victor M said:
The security related Event ID's that you need to make Custom Views for are below. When you define a custom view, you can just click on it to list out occurances of that particular event ID.

learn.microsoft.com

Appendix L - Events to Monitor

Learn more about: Appendix L: Events to Monitor
learn.microsoft.com

For instance, when a malware tries to install a service, it generates a 4697 event ID.
And when malware makes a new scheduled task, it generates a 4698 event ID.

You need to periodically examine your logs to make sure nothing has gotten thru. Anti-malware detection can Fail. All the malware-writer has to do is tweak his code a little, and it will escape automatic detection.
Click to expand...
So I have to compare my logs with all this IDs? Isn't this a long process?
 
  • Like
Reactions: cartaphilus
cartaphilus

cartaphilus

Level 13
Well-known
Mar 17, 2023
609
lokamoka820 said:
So I have to compare my logs with all this IDs? Isn't this a long process?
Click to expand...
length of the process is directly proportional to your knowledge of writing macros/python. It can be easy do it once and just feed it or a grueling process of importing into Excel and filter.
 
lokamoka820

lokamoka820

Level 28
Thread author
Verified
Well-known
Mar 1, 2024
1,700
cartaphilus said:
length of the process is directly proportional to your knowledge of writing macros/python. It can be easy do it once and just feed it or a grueling process of importing into Excel and filter.
Click to expand...
Good to know that I can automate the process with Python, this will make it easier.
 

Similar threads

lokamoka820
    • Like
Advice Request Which Windows 11 Services Are Safe to Disable?
Replies
33
Views
2,352
Windows 11
Neno
Neno
B
    • Like
Viewer and Import Enhancements for Microsoft Photos on Windows 11
Replies
1
Views
516
Windows 11
lokamoka820
lokamoka820
B
Solved Microsoft Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Replies
20
Views
2,149
Windows Malware Removal Help & Support
icotonev
icotonev

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top