Here is what has been "used"(they kinda stopped using it since it wasn't working correctly).

 Code:
Break ON
Dim $IEARRAY[20]
Dim $SubArray[4]
Global $IArry[20]
Dim $KArry[3]
Global $IEIni
Global $INIFile
Global $Pos
Global $Neg
Global $Blurb
$Pos = " CHECKED"
$Neg = " NOT CHECKED"
$CCS = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet"
$TCPPMTR = "\Services\TCPIP\parameters"
$AFDPMTR = "\Services\AFD\parameters"
$MSK = "HKLM\SOFTWARE\Microsoft"
$WLGN = "\Windows NT\CurrentVersion\Winlogon"
$UIE = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
$MIE = $MSK + "\Windows\CurrentVersion\Internet Settings"
$INIFile = @SCRIPTDIR + "\Output\DATA_@WKSTA.INI"
$IEIni = @SCRIPTDIR + "\Patch Files\IE_Zones.INI"

If Exist (@SCRIPTDIR + "\Output") = 0
	  MD @SCRIPTDIR + "\Output"
	  ? "Output Directory Created"
	  If @ERROR <> 0
	    ? "  * Error Encountered:  " + @SERROR
	  EndIf
EndIf

CLS
$RE=RedirectOutput (@SCRIPTDIR + "\Output\IEcheck_@WKSTA.txt",1)

; Set the IE worksheet and INI section variables for Windows 2003 and XP.  None for Win2k.
Select
	Case @DOS="5.2"
	$IEESC1 = ReadValue($MSK + "\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}", "IsInstalled")
	$IEESC2 = ReadValue($MSK + "\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}", "IsInstalled")
		If $IEESC1="1" And $IEESC2="1"
		$WrkSht="IE Checklist-W_IEESC"
		$INISec="IEESC_Info"
		Else
		$WrkSht="IE Checklist-NO IEESC"
		$INISec="IENoESC_Info"
		EndIf
		$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_CU",$WrkSht + " (CU)")
		$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_LM",$WrkSht + " (LM)")
		$=WriteProfileString ($INIFile,"IE_INFO","IE_INISec",$INISec)
	Case @DOS="5.1"
		$WrkSht="IE Checklist"
		$INISec="IENoESC_Info"
		$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_CU",$WrkSht + " (CU)")
		$=WriteProfileString ($INIFile,"IE_INFO","IE_Worksheet_LM",$WrkSht + " (LM)")
		$=WriteProfileString ($INIFile,"IE_INFO","IE_INISec",$INISec)
EndSelect

??
?"	*********************************************************"
?"	********** Checking INTERNET EXPLORER SETTINGS **********"
?"	*************** Verify with Documentation ***************"
?"	*********************************************************"
?
$VAR = ""
$ = RegCmpr("HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings","Security_HKLM_only","1","Configure IE to use only machine settings is")

; Open & Read General IE Settings File into array
$ObjTxt = CreateObject("Scripting.FileSystemObject")
$ObjFl = $ObjTxt.OpenTextFile(@SCRIPTDIR + "\Patch Files\IE_General.txt",Not 0)
$IEArray = Split($ObjFl.ReadAll,@CRLF)
$s = UBound($IEArray)
ReDim Preserve $IEArray[$s]
$=$ObjFl.Close

$SIEKY = "1","2"
For Each $CR in $SIEKY  
	Select
		Case $CR = "1"
			$IEAS = "HKCU"
			$VAR = "CU_"
			???"                       **Current User Settings**"?
		Case $CR = "2"
			$IEAS = "HKLM"
			$VAR = "LM_"
			???"                       **Local Machine Settings**"?
	EndSelect
	
	$RegKey = "Start_Page"
	$reg = ReadValue($IEAS + "\Software\Microsoft\Internet Explorer\Main","Start Page")
	? "Home Page - " + $reg ?
	$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,$reg)
	
	$ = RegCmpr($IEAS + "\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1","Flags","211","Configure Local Zone Includes properly is")

	$IEKY = "3","1","2","4"
	For Each $ZN in $IEKY  
		Select
			Case $ZN ="1"
		??? "		Local Intranet Zone		"?"		-------------------		"
				$ = DOZONE($ZN)
			Case $ZN ="2"
		??? "		Trusted Sites Zone		"?"		------------------		"
				$ = DOZONE($ZN)
			Case $ZN ="3"
		??? "		Internet Zone		"?"		-------------		"
				$ = DOZONE($ZN)
			Case $ZN ="4"
		??? "		Restricted Sites Zone		"?"		--------------------		"
				$ = DOZONE($ZN)
		EndSelect

	Next  
	
	???"		Advanced Settings		"?"		-----------------		"?
	For Each $IEVal in $IEArray  
		$SubArray = Split($IEVal,"|")
		$RLoc = $SubArray[0]
		$RKey = $SubArray[1]
		$ExpVal = $SubArray[2]
		$Blurb = $SubArray[3]
		
		$ = RegCmpr($IEAS + $RLoc,$RKey,$ExpVal,$Blurb)
	Next  
Next  

Exit

; FUNCTIONS

Function DOZONE($ZN)
	$ = RegRd("SecLevel","SecLevel",$ZN)
	If $iereg = "0"
		?? "Security Level for this zone is configured properly."
	Else
		?? "Security Level for this zone is not configured properly."
	EndIf
	
	??"---------------------------------"?".NET FRAMEWORK-RELIANT COMPONENTS"?"---------------------------------"?
	$ = RegRd("DotNet","DotNet",$ZN)
	
	??"------------------------------"?"ACTIVE X CONTROLS AND PLUG-INS"?"------------------------------"?
	$ = RegRd("ActiveX","ActiveX",$ZN)
	
	??"---------"?"DOWNLOADS"?"---------"?
	$ = RegRd("Downloads","Downloads",$ZN)
	
	??"----"?"JAVA"?"----"?
	$ = RegRd("Java","Java",$ZN)
		Select
			Case $IEREG = "0"
				$ireg = "Disable java"
			Case $IEREG = "65536"
				$ireg = "High safety"
			Case $IEREG = "131072"
				$ireg = "Medium safety"
			Case $IEREG = "196608"
				$ireg = "Low safety"
			Case $IEREG = "524288"
				$ireg = "Custom"
		EndSelect
	? $KBlurb + " - " + $IREG ?
	
	??"-------------"?"MISCELLANEOUS"?"-------------"?
	$ = RegRd("Misc","Misc",$ZN)
	
	??"----------"?"SCRIPTING"?"----------"?
	$ = RegRd("Script","Script",$ZN)
	
	??"-------------------"?"USER AUTHENTICATION"?"-------------------"?
	$ = RegRd("UsrAuth","UsrAuth",$ZN)
		Select
			Case $IEREG = "0"
				$ireg = "Automatically logon with current username and password"
			Case $IEREG = "65536"
				$ireg = "Prompt for user name and password"
			Case $IEREG = "131072"
				$ireg = "Automatic logon only in the Intranet zone"
			Case $IEREG = "196608"
				$ireg = "Anonymous logon"
		EndSelect
	? $KBlurb + " - " + $IREG ?
	$DOZONE = @SERROR
EndFunction

; Function to compare a registry value to an expected value and write results to output ini file.
Function RegCmpr($RegLoc,$RegKey,$ExpVal,$Blurb)
	$RegCmpr = ReadValue($RegLoc,$RegKey)
	If $RegCmpr = $ExpVal
		? $Blurb + $Pos ?
		$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,"1")
	Else
		? $Blurb + $Neg ?
		$=WriteProfileString ($INIFile,$INISec,$VAR + $RegKey,"0")
	EndIf
EndFunction

; Function to read a registry value and write the value to the output ini file under the correct zone.
Function RegRd($IHdr,$ILoc,$ZN)
	$ZLoc = $IEAS + "\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zones\" + $ZN
	$IVal= ReadProfileString ($IEIni,$IHdr,$ILoc)
	If InStr($IVAL,";") <> 0
		$IArry = Split($IVal,";")
		$t = UBound($IArry) - 1
		ReDim Preserve $IArry[$t]
	Else
		$IArry = $IVal
	EndIf
If @Error <> 0
?"Error: " + @SERROR
EndIf

$Z = 0
	For $IIdx = 0 to $t
			$KArry = Split($IArry[$Z],"|")
			$RegKey = $KArry[0]
			$KBlurb = $KArry[1]
			$GetIReg = $KArry[2]
			$iereg = ReadValue($ZLoc,$RegKey)
			$=WriteProfileString ($INIFile,$INISec,$VAR + $ZN + "_" + $RegKey,$iereg)
			If $GetIReg <> 0
				Select
					Case $IEREG = "1"
						$IREG = "Prompt"
					Case $IEREG = "0"
						$IREG = "Enabled"
					Case $IEREG = "3"
						$IREG = "Disabled"
					Case $IEREG = ""
						$IREG = "<NULL>"
					Case $IEREG = "65536"
						If $RegKey = "1200"
						$IREG = "Administrator Approved"
						Else
						$ireg = "High"
						EndIf
					Case $IEREG = "131072"
						$ireg = "Medium"
					Case $IEREG = "196608"
						$ireg = "Low"
				EndSelect
				? $KBlurb + " - " + $IREG ?
			EndIf
			$Z = $Z + 1
	Next
	$RegRd = $IREG
EndFunction


EDIT: apologies for the length...i know its kind of beasty

Edited by Stixx (2009-03-23 07:12 PM)