Author Archives: John Dangerbrooks
I am writing this blog post for the fun of it only. Plus, this subject has been occupying my mind for a while. Writing it is getting rid of it. However, I did choose pretty old stories and films.
Regardless of the age of stories, please be warned: Spoilers lie ahead!
This article demonstrates how to copy a Windows installation source to a USB flash drive (UFD), and make that UFD bootable, without using any third-party app. Every now and then, such an article must be re-written to update the sum of knowledge. Only the tools included with the operating system are used. This article assumes you have at least Windows 7. Also, it assumes that the OS you’d like to copy to a UFD is Windows Vista, 7, 8, 8.1 or 10 and is already available to you on DVD or in folder somewhere.
BootSect.exe and BootRec.exe are both components of Windows Vista and later. They help make disks bootable.
Both are included with a Windows DVD or ISO but are not installed.
/mbr switches. It can be found in the “boot” folder, at the root of the Windows DVD.
/RebuildBCD switches. However, it is harder to find. It is only exposed if a computer is booted into Windows Setup or Windows Recovery Environment. Otherwise, one has to extract it from the “boot.wim” file in the “sources” folder of Windows setup disc, or the “winre.wim” file in a subfolder of “C:\Recovery” folder (although you might not find such a file), via DISM or 7-Zip. Once either of the two images of “boot.wim” are mounted or opened, BootRec.exe can be located under “Windows\System32” subfolder.
So… are you annoyed by the Get Windows 10 (GWX) app which hogs your bandwidth and tries to persuade you to upgrade to Windows 10? And you want to put a stop to it? You are in the right place.
I have already wrote about the evils of plain text and how it is one of the worst inventions of the computing field. But as if I needed a tangible example for my readership, yesterday, I received a cryptic text (I mean SMS) on my mobile phone, which run as follows:
Tried my best; knew your life depends on it:
It was a very tough situation: My life depended on a corrupt text. But fortunately, I had a Windows computer at hand and I could fix it. Read the rest of this entry
June 2016 update: Link repairs.
TrueCrypt is a discontinued free disk encryption utility for Windows, Mac, and Linux. It is a free and shared-source alternative to BitLocker, but is not restricted to the high-end editions of Windows and does not need Trusted Platform Module (TPM).
TrueCrypt’s sudden end of life on 28 May 2014 become controversial, since unlike most computer programs, TrueCrypt’s authors beheaded it with the release of version 7.2. Read the rest of this entry
Today, I’ve decided to write about unregistering and deleting Windows event logs, because searching the web about this subject brings up some very dangerous results with dangerous consequences.
Problem: A user notices redundant event logs in Event Viewer or PowerShell, i.e. the program with which they were associated are now gone and their contents is irrelevant. These event logs might be occupying valuable disk space, e.g. 128 MB. Deleting them is tempting.
This article requires Windows PowerShell 2.0 or later, which comes with Windows 7 and Windows Server 2008 R2.
If reclaiming disk space is the goal, then empty the log and forget about it. An empty log that occupies a just few bytes is not a problem on a computer that has 165,606 files.
Unregistering and deleting the log file only makes sense when the sheer number of these logs is causing a slowdown (e.g. when there are 100 redundant logs) or when eliminating all traces of an app from a computer is important (e.g. mandated by a corporate policy).
A word of warning
The following event logs are part of Windows; if you unregister them by accident, the ensuing dire consequences may force you to reinstall Windows. You can empty them if you wish, but never unregister them:
- Internet Explorer
- Key Management Service
- Windows PowerShell
Unregistering and deleting via PowerShell
To see a list of registered event logs in PowerShell, issue a
Get-EventLog -List order. Here is an example of the result:
PS C:\Windows\system32> Get-EventLog -list Max(K) Retain OverflowAction Entries Log ------ ------ -------------- ------- --- 20,480 0 OverwriteAsNeeded 32,288 Application 512 1 OverwriteOlder 0 Autodesk REX 512 7 OverwriteOlder 1 COMODO Internet Security 512 7 OverwriteOlder 142 GhostBuster 20,480 0 OverwriteAsNeeded 0 HardwareEvents 512 7 OverwriteOlder 0 Internet Explorer 20,480 0 OverwriteAsNeeded 0 Key Management Service 128 0 OverwriteAsNeeded 671 OAlerts 20,480 0 OverwriteAsNeeded 6,362 Security 20,480 0 OverwriteAsNeeded 55,179 System 512 7 OverwriteOlder 1,211 TuneUp 15,360 0 OverwriteAsNeeded 387 Windows PowerShell
To delete an event log from the list, use
Remove-EventLog -LogName command, as follows:
PS C:\Windows\system32> Remove-EventLog -LogName "Autodesk REX" PS C:\Windows\system32> Remove-EventLog -LogName GhostBuster
There won’t be any message indicating success, but failure would be reported. Below is an example of what happens if you try to delete a non-existing log or try deleting an existing log without administrative privileges.
PS C:\Windows\system32> Remove-EventLog -LogName System2 Remove-EventLog : The Log name "System2" does not exist in the computer "localhost". At line:1 char:1 + Remove-EventLog -LogName System2 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Remove-EventLog], InvalidOperationException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.RemoveEventLogCommand PS C:\Windows\system32> Remove-EventLog -LogName System Remove-EventLog : Requested registry access is not allowed. At line:1 char:1 + Remove-EventLog Security + ~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : SecurityError: (:) [Remove-EventLog], SecurityException + FullyQualifiedErrorId : NewEventlogException,Microsoft.PowerShell.Commands.RemoveEventLogCommand
I download a computer program that had a bug: Its installer created a folder named “Bin “; i.e. “B”, “i”, “n”, plus a space character at the end. Its uninstaller cannot delete it. Read the rest of this entry
Is Windows 8.1 an update for Windows 8 or an upgrade? In other words, is it a service pack or is it a new version of Windows?
Let’s find out.
Update: Bad link fixed
In computers, deleting a file is analogous to tossing a piece of paper into a trash can. Anyone could simply retrieve that piece of paper from the trash can; so could anyone undelete the file.
Proper data erasure, however, is possible; it is analogous to tossing a piece of paper into a shredder or burning it. Read the rest of this entry