Protected Storage on Windows XP

[Marco Monicelli <marco.monicelli () marcegaglia com>]

Hello List!

I'm not sure this is the right list to send this question but I'll give a
try.

I would like to know if it is possible to delete the protected storage
datas on Windows XP.

Supposing an user is using

PStoreView 1.0 - (c) 2002, Arne Vidstrom
               - http://ntsecurity.nu

and can read the datas inside the Protected Storage. Now what if he's able
to delete them? Is this possible? Any tool which a user can use to wipe
this useful informations? Any really working "log cleaner" known for
windows? I tried several cleaners claiming they could wipe logs out from a
windows box but I honestly didn't find them working. I made a btach which
actually is a porting of any Linux Log cleaner (finding the string, copy
the log file without that string, substituing the new log to the old one)
but this doesn't work on Windows. Can't stop the process 'cause it has
SYSTEM privilegies and can't touch any system log nor event log. I think a
DLL injection would do the trick but I'm not honestly so skilled to do
that.

I'm trying to demonstrate to some friend of mine that even windows can
allow to wipe sensible informations such as logs and stuff. My friends are
sure that you cannot wipe all infos out of a Windows system and on the
contrary you can do that on a Linux machine for example.

Any help would be very appreciated

Regards

Marco