Wednesday, February 25, 2009

Service Pack Uninstalls

I did not find this out myself, but I thought I would post it as a reminder. If you have a Service Pack install that blue screens your PC, it can be repaired! Pop in a windows CD, and enter recovery mode by pressing "R". At that time, you select which Windows installation you want to repair. Select your installation, then enter in the Windows password. At this point, type "cd\$ntservicepackuninstall\spuninst" and hit enter. Then type in "batch spuninst.txt", wait for it to finish, and then reboot the machine. You SHOULD at this point have a functioning machine.

Security advisory 967940

On February 24, 2009 Microsoft released a security bulletin that repairs the autorun functionality. If you go to: you can find all the information regarding this patch. I have autorun disabled, and whenever I would insert the Windows XP SP2 CD and double click on the CD drive, it would autorun. I tried this functionality after installing the patch, and this is no longer the case. The CD drive brings up Explorer instead of starting the SP2 Autorun.

Monitoring Active Directory Changes

Monitoring Active Directory changes is important so that we make sure no unauthorized changes are made. SOX, GLBA and HIPAA auditors all require some type of Active Directory monitoring so that unauthorized changes are not being made. At the same time, during this period of economic downturn, companies are also looking at ways they can save money. Many of these Active Directory monitoring tools can be very expendive, which is why I am testing out Netwrix. Netwrix offers a freeware or commercial version of AD monitoring. It is very easy to download and configure. The website is located at:

You can also view a sample report on their website. Check it out...