BoaterDave wrote:
My thanks to both Frank and Shenan. I appreciate your comments.

I've spent hundreds of hours 'experimenting'over the last 12 months,
culminating with a discussion with a young man (mid 20's) who is
employed in a local computer shop. He is a self-confessed ex
'script kiddie' hacker who has now reformed and spends most of his
time helping others by repairing PC's and ridding them of
'nasties'. He is real and not just a 'virtual' entity. I believe
what he tells me. Perhaps that is because he is getting married
soon and has introduced me to his fiance.
One thing he mentioned recently was '.bat' files. He was absolutely
adamant that, with only two exceptions, other such files indicate
that a PC has been compromised, often without the knowledge of the
user. I have tried to convince others of this, but none believe me.

I was concerned about the web site because of the utilisation of
'.bat' files
if one follows the use of a HOSTS file, he
http://mvps.org/winhelp2002/hosts.htm

Anyway, thanks for the 'thumbs-up'!

Hmmmm...

I cannot say I agree that the mere presence of *.bat or *.cmd files (similar
in most aspects) denotes that the PC has been compromised. I still use
batch scripts and VBSscripts every day - literally.

A batch script alone cannot tell you if a machine has been compromised. The
contents of said batch script can, but just its prescence tells you little
to nothing. After all - just because my car is in the driveway doesn't mean
I am home. Neither do the lights on in the house.

In other words - a batch script is not 'just because it is there' scenarios.
=)

Yes - batch scripts can be used for bad things. So can a lot of other
files. Doesn't mean they are.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html