Please explain what happened to my computer?

  mesmd 10:08 09 Aug 2007
Locked

HI you guys,

While I was away, by mistake, a friend hit a bat program, on my computer that was programed and left in a utility sub directory by mistake. I would appreciate if someone could tell me what this program did to my Win XP computer. It was called Hot-fixes.bat. and ran the following programs:

@echo off
cls

Remove all tmp*.cat files from the following folders:
del %systemroot%\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\tmp*.cat
del %systemroot%\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\tmp*.cat

net stop cryptsvc
ren %systemroot%\System32\Catroot2 oldcatroot2
net start cryptsvc

; Note Click OK if you are prompted.
cls
@echo Click OK if you are prompted

regsvr32 /u softpub.dll
regsvr32 /u wintrust.dll
regsvr32 /u initpki.dll
regsvr32 /u dssenh.dll
regsvr32 /u rsaenh.dll
regsvr32 /u gpkcsp.dll
regsvr32 /u sccbase.dll
regsvr32 /u slbcsp.dll
regsvr32 /u mssip32.dll
regsvr32 /u cryptdlg.dll

regsvr32 softpub.dll
regsvr32 wintrust.dll
regsvr32 initpki.dll
regsvr32 dssenh.dll
regsvr32 rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 mssip32.dll
regsvr32 cryptdlg.dll

@echo Almost done......
attrib -s -h %windir%
attrib -s -h %windir%\system32
attrib -s -h %windir%\system32\catroot2
exit

My computer still runs fine and I am worried if I should run a system restore or these programs did not cause any harm or reason to worry?

Thank you so much for your help in explaining what accidentally happened. I have renamed this bat file to Hot-fixes.Bak so this will never happen by mistake again.

Sincerely,

Miles

  martjc 14:48 09 Aug 2007

...firstly deletes two registry keys - these are the lines that start with 'del'

Then it stops a service - then renames the file catroot2 as oldcatroot2

Then it restarts the service

Then it uninstalls and reinstalls a series of dll files

Then it changes the attributes of a few files.


Now, this may be because some spyware has been on your machine - or it may be an attempt at removing same.

Am not certain, but if the machine is working fine simply get a good anti spyware prog i.e. ad-aware and run it.

Keep in mind 'if it ain't broke, don't fix it!'


good luck

  skidzy 18:46 09 Aug 2007

To me and im no expert on Bat files,this could be re-registering the temp folder holding the dll files.

  mesmd 19:17 09 Aug 2007

Thank you all for your thoughts and answers to my crazy bat file that was run. I guess I'll just pretend nothing has been corrupted or destroyed. I hope that I will be able to reboot with whatever changes were done to the registry or services that may have been altered.
I will run my registry booster, spyware, and AV scans as usual. I'm tempted to run a recent system restore, but possibly this program, indeed, cleaned out some junk and possibly helped rather than hurt the computer?

Thanks again,

Miles

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5 review

50 best online Adobe XD tutorials

iPad Pro 10.5in (2017) review

Comment connecter un MacBook à une TV ?