I usually just do something like this when pushing something... echo Done > \\server\publicshare\%computername%.txt OR echo %computername% >> \\server\share\listofpcsthatranthescript.txt Thanks, Jake Gardner TTC Network Administrator Ext. 246
________________________________ From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Wednesday, July 08, 2009 10:41 AM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild If you're comfortable writing in Kix, what's stopping you? I'd do it with for /f + list-of-computers + psexec + reg query. You don't have to look for all of the reg keys, the existence of just 1 means the workaround got installed. Carl From: David Lum [mailto:david....@nwea.org] Sent: Wednesday, July 08, 2009 10:24 AM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild You are correct of course, I stand corrected on my terminology. However, like I said, I have 400 systems and I'd rather not manually look at 400 registries to know I'm covered. The only thing that comes to mind is creating a KiX script that looks for the key values and sends output to a common .CSV file. Dave From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, July 07, 2009 2:51 PM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild What patch? Killbit workaround is not a patch. Open the registry and look for the registry keys. Carl From: David Lum [mailto:david....@nwea.org] Sent: Tuesday, July 07, 2009 5:49 PM To: NT System Admin Issues Subject: RE: New IE zero day exploit in the wild Anyone know how to confirm this patch is applied? Any tools around yet? I'd just as soon not manually check 4 or 5 machines sand assume all 400 are OK...and if I don't have to write my own script to check 'em, all the better... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ***Teletronics Technology Corporation*** This e-mail is confidential and may also be privileged. If you are not the addressee or authorized by the addressee to receive this e-mail, you may not disclose, copy, distribute, or use this e-mail. If you have received this e-mail in error, please notify the sender immediately by reply e-mail or by telephone at 267-352-2020 and destroy this message and any copies. Thank you. ******************************************************************* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~