I received a cryptic message!

An incoming text, in a Nokia N79. Part of the message is corrupted.

An incoming text, in a Nokia N79. Part of the message is corrupted.

I have already wrote about the evils of plain text and how it is one of the worst inventions of the computing field. But as if I needed a tangible example for my readership, yesterday, I received a cryptic text (I mean SMS) on my mobile phone, which run as follows:

Tried my best; knew your life depends on it:
http://arstechnica.com/te捨⵰潬楣礯㈰ㄴ⼰㘯慰灥慬猭捯畲琭瑨牯睳ⵯ畴ⴳ㐰〰〭潮汩湥⵬楢敬⵲畬楮术⍰㌍ਊ慲獴散桮楣愮捯洯獥捵物瑹⼲〱㐯〶⽵湤敲ⵤ摯猭晥敤汹ⵢ畣歬敳ⵢ畴ⵤ敦楥猭慴瑡捫敲猭數瑯牴楯渭摥浡湤猯

It was a very tough situation: My life depended on a corrupt text. But fortunately, I had a Windows computer at hand and I could fix it. Read the rest of this entry

TrueCrypt: It last bow

TrueCrypt is a discontinued free disk encryption utility for Windows, Mac, and Linux. It is a free and shared-source alternative to BitLocker, but is not restricted to the high-end editions of Windows and does not need Trusted Platform Module (TPM).

TrueCrypt v7.1a running on Windows 8.1

TrueCrypt v7.1a running on Windows 8.1

TrueCrypt’s sudden end of life on 28 May 2014 become controversial, since unlike most computer programs, TrueCrypt’s authors beheaded it with the release of version 7.2. Read the rest of this entry

Unregistering and deleting an event log

Today, I’ve decided to write about unregistering and deleting Windows event logs, because searching the web about this subject brings up some very dangerous results with dangerous consequences.

Event Viewer in Windows Vista: In comparison to its predecessor in Windows Server 2003, it has become several times more elaborate to accommodate the vast logging infrastructure introduced in this version of Windows.

Event Viewer in Windows Vista: In comparison to its predecessor in Windows Server 2003, it has become several times more elaborate to accommodate the vast logging infrastructure introduced in this version of Windows.

Problem: A user notices redundant event logs in Event Viewer or PowerShell, i.e. the program with which they were associated are now gone and their contents is irrelevant. These event logs might be occupying valuable disk space, e.g. 128 MB. Deleting them is tempting.

This article requires Windows PowerShell 2.0 or later, which comes with Windows 7 and Windows Server 2008 R2.

Cautious approach

If reclaiming disk space is the goal, then empty the log and forget about it. An empty log that occupies a just few bytes is not a problem on a computer that has 165,606 files.

Unregistering and deleting the log file only makes sense when the sheer number of these logs is causing a slowdown (e.g. when there are 100 redundant logs) or when eliminating all traces of an app from a computer is important (e.g. mandated by a corporate policy).

A word of warning

The following event logs are part of Windows; if you unregister them by accident, the ensuing dire consequences may force you to reinstall Windows. You can empty them if you wish, but never unregister them:

  • Application
  • HardwareEvents
  • Internet Explorer
  • Key Management Service
  • Security
  • System
  • Windows PowerShell

Unregistering and deleting via PowerShell

To see a list of registered event logs in PowerShell, issue a Get-EventLog -List order. Here is an example of the result:

PS C:\Windows\system32> Get-EventLog -list

Max(K) Retain OverflowAction        Entries Log
  ------ ------ --------------        ------- ---
  20,480      0 OverwriteAsNeeded      32,288 Application
     512      1 OverwriteOlder              0 Autodesk REX
     512      7 OverwriteOlder              1 COMODO Internet Security
     512      7 OverwriteOlder            142 GhostBuster
  20,480      0 OverwriteAsNeeded           0 HardwareEvents
     512      7 OverwriteOlder              0 Internet Explorer
  20,480      0 OverwriteAsNeeded           0 Key Management Service
     128      0 OverwriteAsNeeded         671 OAlerts
  20,480      0 OverwriteAsNeeded       6,362 Security
  20,480      0 OverwriteAsNeeded      55,179 System
     512      7 OverwriteOlder          1,211 TuneUp
  15,360      0 OverwriteAsNeeded         387 Windows PowerShell

To delete an event log from the list, use Remove-EventLog -LogName command, as follows:

PS C:\Windows\system32> Remove-EventLog -LogName "Autodesk REX"
PS C:\Windows\system32> Remove-EventLog -LogName GhostBuster

There won’t be any message indicating success, but failure would be reported. Below is an example of what happens if you try to delete a non-existing log or try deleting an existing log without administrative privileges.

PS C:\Windows\system32> Remove-EventLog -LogName System2
Remove-EventLog : The Log name "System2" does not exist in the computer "localhost".
At line:1 char:1
+ Remove-EventLog -LogName System2
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Remove-EventLog], InvalidOperationException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.RemoveEventLogCommand
 
PS C:\Windows\system32> Remove-EventLog -LogName System
Remove-EventLog : Requested registry access is not allowed.
At line:1 char:1
+ Remove-EventLog Security
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [Remove-EventLog], SecurityException
+ FullyQualifiedErrorId : NewEventlogException,Microsoft.PowerShell.Commands.RemoveEventLogCommand
 

Folder name with a trailing space character

I download a computer program that had a bug: Its installer created a folder named “Bin “; i.e. “B”, “i”, “n”, plus a space character at the end. Its uninstaller cannot delete it. Read the rest of this entry

Windows 8.1: A service pack or a new OS?

Is Windows 8.1 an update for Windows 8 or an upgrade? In other words, is it a service pack or is it a new version of Windows?

Windows 8.0 in comparison to Windows 8.1.

Windows 8.0 in comparison to Windows 8.1.

Let’s find out.

Read the rest of this entry

Wiping out remnants of deleted files… with Windows itself

Update: Bad link fixed

In computers, deleting a file is analogous to tossing a piece of paper into a trash can. Anyone could simply retrieve that piece of paper from the trash can; so could anyone undelete the file.

Cipher.exe, having performed data erasure on volume E (a USB flash drive)

Cipher.exe, having performed data erasure on volume E (a USB flash drive)

Proper data erasure, however, is possible; it is analogous to tossing a piece of paper into a shredder or burning it. Read the rest of this entry

Detached lines in Notepad++

The default text style in Notepad++ v6.6 and its past versions (as far as I remember) adds an inconspicuous amount of white space between each line, preventing the block characters in each line to connect to the ones on the top or bottom. This problem also appears with two of the other themes, namely “Hello Kitty” and “Viberant Ink” but not in any other theme.

This slideshow requires JavaScript.


I normally wouldn’t care for a slight amount of space as I am not a consumer of ASCII art and don’t use table characters in my source codes either. But as with any other curious human, I wanted to know why, just out of curiousity and not because of practical need. So, I set out to investigate. Read the rest of this entry

Worst inventions in computing

The sheer number of inventions in the field of computing easily surpasses the grand total of the human inventions outside this field. It is no surprise that some of them backfire and some of them quickly age.

Scroll Lock button on a computer keyboard, with its indicator light on

Scroll Lock button on a computer keyboard, with its indicator light on

Today, I’d like to introduce you to some of them that are still alive and desperately need to die or evolve. I started with five that irritate people around me the most. I am hoping that by the time you see the name of the last, you think: Well, that’s a huge shock and surprise but judging by the other five, this writer is very much sane. And hopefully, by the time you finish reading it, you feel I have a point there. Read the rest of this entry

Installing Windows 8.1 Update 1 demystified

This article assumes you have heard about the new features of Windows 8.1 in Update 1 and decided to give it a try. So, you’d install a stock Windows 8.1 from a DVD and then proceed to Windows Update to install Update 1.

But you don’t find it there.

Find out why…

Copying NTFS permissions between folders

Let’s assume you have created a folder called “Programs” in your D: volume and now you want its NTFS permissions to match that of “C:\Program Files”, thus having the same level of security.

Basic NTFS permission of "Program Files" folder in Windows 7

Basic NTFS permission of “Program Files” folder in Windows 7

There are more than one ways:

  1. Via icACLs and Notepad
  2. Via Windows PowerShell
  3. Via XCopy
  4. Via Robocopy

This article only elaborates on the first two. Since the subject of NTFS security is one that requires intermediate knowledge of Windows, I will skip elementary details such as how to run a certain program with elevated privileges. Read the rest of this entry

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: