Tried that but it did not work. I however did get it by before saying ok to the final popup, went to the command window and did a select all and then copy and paste. John T eServices For You > -----Original Message----- > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > Sent: Thursday, January 05, 2006 10:21 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: WMF Vunrability > > http://www.ISAserver.org > > If the vbs outputs to the console, you can use the redirector to capture the > text, as in "myscript.vbs > mytext.txt" > > t > > ----- > "I may disapprove of what you say, > but I will defend to the death your > right to say it." > > > ----- Original Message ----- > From: "John T (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, January 05, 2006 8:52 AM > Subject: [isalist] RE: WMF Vunrability > > > > http://www.ISAserver.org > > > > How can you run a vbs and capture the output? > > > > John T > > eServices For You > > > > > >> -----Original Message----- > >> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > >> Sent: Thursday, January 05, 2006 6:39 AM > >> To: [ISAserver.org Discussion List] > >> Subject: [isalist] RE: WMF Vunrability > >> > >> http://www.ISAserver.org > >> > >> If it encounters any errors, it will *not* save the changes. > >> This prevents "half-updates" that are often impossible to revert without > >> deleting the corrupted rule. > >> > >> Can you re-run it and C&P the screen output? > >> Also, your ISAInfo would help. > >> -------------------------------------------- > >> Jim Harrison > >> MCP(NT4, W2K), A+, Network+, PCG > >> http://isaserver.org/Jim_Harrison/ > >> http://isatools.org > >> Read the help / books / articles! > >> -------------------------------------------- > >> > >> -----Original Message----- > >> From: Paul Crisp [mailto:PCrisp@xxxxxxxxxxxxxxxxx] > >> Sent: Thursday, January 05, 2006 12:57 AM > >> To: [ISAserver.org Discussion List] > >> Subject: [isalist] RE: WMF Vunrability > >> > >> http://www.ISAserver.org > >> > >> Hey Jim, > >> > >> After getting page not found then realised the spelling mistake in your > >> URL. Downloaded the script and decided to test, and I get the following > >> error appear: > >> > >> *** Failed to upodate the HTTP Filter settings.... > >> Error 0x424 > >> Error: Object required > >> > >> It seems to do this when examining my rules and its trying to add the > >> .emf and .wmf definitions and it only does it on some rules. > >> > >> Also, looked at one of the rules it said it modified but it doesn't seem > >> to have done anything, how can I tell? > >> > >> ps > >> > >> Running ISA 2004 SE on Windows 2000 box > >> > >> Regards > >> > >> > >> Paul Crisp > >> Snr Network Support Analyst > >> > >> -----Original Message----- > >> From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] > >> Sent: 05 January 2006 07:26 > >> To: [ISAserver.org Discussion List] > >> Subject: [isalist] RE: WMF Vunrability > >> > >> http://www.ISAserver.org > >> > >> Same > >> > >> > >> > >> Greg Mulholland > >> Just because I don't care, doesn't mean i dont understand - Homer > >> Simpson > >> > >> -----Original Message----- > >> From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] > >> Sent: Thursday, January 05, 2006 6:22 PM > >> To: [ISAserver.org Discussion List] > >> Subject: [isalist] RE: WMF Vunrability > >> > >> http://www.ISAserver.org > >> > >> Page not found. :( > >> > >> John T > >> eServices For You > >> > >> > >> > -----Original Message----- > >> > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > >> > Sent: Wednesday, January 04, 2006 10:33 PM > >> > To: [ISAserver.org Discussion List] > >> > Subject: [isalist] RE: WMF Vunrability > >> > > >> > http://www.ISAserver.org > >> > > >> > Anyone interested in trying the beta script, it's at > >> > http://isatools.org/block_wsf.zip. > >> > > >> > It's not been through code-review of final approval, so YMMV (works > >> > for me in 2004 SE & EE). > >> > > >> > -------------------------------------------- > >> > Jim Harrison > >> > MCP(NT4, W2K), A+, Network+, PCG > >> > http://isaserver.org/Jim_Harrison/ > >> > http://isatools.org > >> > Read the help / books / articles! > >> > -------------------------------------------- > >> > > >> > -----Original Message----- > >> > From: Andy Haigh [mailto:ahaigh@xxxxxxxxxxxxxxxx] > >> > Sent: Wednesday, January 04, 2006 9:57 PM > >> > To: [ISAserver.org Discussion List] > >> > Subject: [isalist] RE: WMF Vunrability > >> > > >> > http://www.ISAserver.org > >> > > >> > We have been running anti-wife software since v1.0 > >> > > >> > So far has worked very well, though there were a couple of close > >> shaves. > >> > > >> > Know of others who were not so lucky and got caught out. They didn't > >> > notice anything initially, but all of a sudden they realised they > >> > behaviour and dress was being changed by this malware. They lost > >> > control of what they spent their income on, who they went out with and > >> > >> > where they went. > >> > > >> > They were suddenly spurred into action and the removal of this malware > >> > >> > became the prime goal. What they thought would be a simple removal > >> > turned into a painfull and costly process which took a lot of time and > >> > >> > recources. > >> > > >> > Finally they are rid of it though!!!! > >> > > >> > I have been told that there are versions of the wife malware that > >> > doesn't effect your user experience and I have even heard tales of > >> > this malware actually enhancing it. > >> > > >> > You have been warned!! > >> > > >> > -----Original Message----- > >> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > >> > Sent: Thursday, 5 January 2006 3:33 PM > >> > To: [ISAserver.org Discussion List] > >> > Subject: [isalist] RE: WMF Vunrability > >> > > >> > http://www.ISAserver.org > >> > > >> > Regarding the wmf vulnerability, the Microsoft Outlook spell-checker > >> > wants to change it to "wife." Now THAT'S some intuitive damn code!!! > >> > > >> > t > >> > > >> > ----- > >> > "I may disapprove of what you say, > >> > but I will defend to the death your > >> > right to say it." > >> > > >> > > >> > ----- Original Message ----- > >> > From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx> > >> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > >> > Sent: Wednesday, January 04, 2006 8:20 PM > >> > Subject: [isalist] RE: WMF Vunrability > >> > > >> > > >> > http://www.ISAserver.org > >> > > >> > You've earned you stripes today Harrison :) nice work > >> > > >> > Greg Mulholland > >> > > >> > ________________________________ > >> > > >> > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > >> > Sent: Thu 5/01/2006 12:57 PM > >> > To: [ISAserver.org Discussion List] > >> > Subject: [isalist] RE: WMF Vunrability > >> > > >> > > >> > > >> > http://www.ISAserver.org > >> > > >> > Updated: > >> > > >> > HTTP filter settings (you all know how to get there). > >> > > >> > 1. Extensions: > >> > <choice> > >> > Set "block specified" > >> > Add .emf > >> > Description="application/x-msmetafile" > >> > Add .wmf > >> > Description="application/x-msmetafile" > >> > </choice> > >> > <choice> > >> > Set "allow specified" > >> > Remove .emf > >> > Remove .wmf > >> > </choice> > >> > <notachoice> > >> > Set "allow all" > >> > </notachoice> > >> > > >> > > >> > > >> > > >> > > >> > ------------------------------------------------------ > >> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> > ------------------------------------------------------ > >> > Visit TechGenix.com for more information about our other sites: > >> > http://www.techgenix.com > >> > ------------------------------------------------------ > >> > You are currently subscribed to this ISAserver.org Discussion List as: > >> > thor@xxxxxxxxxxxxxxx > >> > To unsubscribe visit > >> > http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > Report abuse to listadmin@xxxxxxxxxxxxx > >> > > >> > > >> > ------------------------------------------------------ > >> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> > ------------------------------------------------------ > >> > Visit TechGenix.com for more information about our other sites: > >> > http://www.techgenix.com > >> > ------------------------------------------------------ > >> > You are currently subscribed to this ISAserver.org Discussion List as: > >> > ahaigh@xxxxxxxxxxxxxxxx > >> > To unsubscribe visit > >> > http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > Report abuse to listadmin@xxxxxxxxxxxxx > >> > > >> > ------------------------------------------------------ > >> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> > ------------------------------------------------------ > >> > Visit TechGenix.com for more information about our other sites: > >> > http://www.techgenix.com > >> > ------------------------------------------------------ > >> > You are currently subscribed to this ISAserver.org Discussion List as: > >> > jim@xxxxxxxxxxxx > >> > To unsubscribe visit > >> > http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > Report abuse to listadmin@xxxxxxxxxxxxx > >> > > >> > All mail to and from this domain is GFI-scanned. > >> > > >> > > >> > ------------------------------------------------------ > >> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> > ------------------------------------------------------ > >> > Visit TechGenix.com for more information about our other sites: > >> > http://www.techgenix.com > >> > ------------------------------------------------------ > >> > You are currently subscribed to this ISAserver.org Discussion List as: > >> > johnlist@xxxxxxxxxxxxxxxxxxx > >> > To unsubscribe visit > >> > http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> > Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> > >> ------------------------------------------------------ > >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> You are currently subscribed to this ISAserver.org Discussion List as: > >> greg@xxxxxxxxxxxxxx To unsubscribe visit > >> http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> ------------------------------------------------------ > >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> You are currently subscribed to this ISAserver.org Discussion List as: > >> pcrisp@xxxxxxxxxxxxxxxxx > >> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> ------------------------------------------------------ > >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> You are currently subscribed to this ISAserver.org Discussion List as: > >> jim@xxxxxxxxxxxx > >> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> Report abuse to listadmin@xxxxxxxxxxxxx > >> > >> All mail to and from this domain is GFI-scanned. > >> > >> > >> ------------------------------------------------------ > >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > >> ------------------------------------------------------ > >> Visit TechGenix.com for more information about our other sites: > >> http://www.techgenix.com > >> ------------------------------------------------------ > >> You are currently subscribed to this ISAserver.org Discussion List as: > >> johnlist@xxxxxxxxxxxxxxxxxxx > >> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > >> Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > thor@xxxxxxxxxxxxxxx > > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx