My only problem with your method is the arbitrary 90 days you have set. With some of these new fast-propagating viruses, I'd want to make sure they have the most recent available. I was thinking of comparing the client pattern version to the NAV parent version.

Of course, I'd need to determine if they were managed. Since managed clients would get the update automatically after they logon, no push would be needed in the script.

I do have the odd clients that just stop getting pattern updates. I need to determine if that may be the case as well but need to allow for someone who had their PC turned off for the last few weeks. Since the server keeps the previous pattern, I thought I could check if the managed client is at the previous level, assuming that all is well and that they would be getting the update automatically. If they're further behind, I could toss a flag in an ini file. If on their next logon, the flag is there, it could indicate a problem. Postie to HelpDesk.

So far I've been relying on a public education campaign, posting the latest pattern date on our home page. This week it turned out my GM's NAV had stalled and needed a reinstall. Good thing he didn't get himself infected!

DOC, if you don't mind me digressing slightly, what if anything are you using to stop HTML based viruses from getting into your network? I mean, do you have something on your gateway or proxy? On my network, they are being stopped at the client. This does not bode well with me. I've been after corporate IT to put protection on the gateway, but they're complacent. My other option is to put some sort of appliance between my LAN and their router (WAN) or an AV product on my M$ Proxy 2 server. If I could get away with it, I'd put up a FireWall.