Hi..

Someone please help me.How to remove cambodia virus on autocad..please help me

Tqmohd fahmi2012-05-16 07:16:09

Cambodia virus?  AutoCAD?Never heard of it.  Could we get more information?  What does this virus do?  How is it delivered?Never mind.You're talking about the ALS.Bursted.B virus.  Hasn't this been mentioned in a white paper at the AutoDesk website?


John Connor2012-05-16 12:02:53

As posted at the AutoCAD 2007 Discussion Groups:According to this post on the Symantec website, ALS Bursted creates copies of the acad.lsp file:
"ALS.Bursted.A is a virus that is written in the AutoCAD AutoLisp scripting

language. The virus will be received as a text file named acad.lsp in the
same directory as an AutoCAD drawing file (.dwg). When the drawing file is
opened, the acad.lsp file is automatically loaded by AutoCAD which causes
the virus to be executed.
The virus first locates and reads the file base.dcl in the AutoCAD search

path. It uses this file to locate the acad.lsp file in the AutoCAD Support
directory. The virus then reads the acad.lsp file to check for the presence
of the string "acadapp". If the string is not found, the virus copies itself
over as acadapp.lsp. Due to a bug in the virus, the check always fails.
Next, the virus checks if the name of the drawing file is Drawing.dwg (this

is the default name for a new drawing file). If this check fails, the virus
copies itself to the folder as acad.lsp."

Your antivirus program should have found and deleted the virus.  Haven't you kept your av program up-to-date with the latest virus definition files?  Here are removal instructions posted by Symantec.http://www.symantec.com/security_response/writeup.jsp?docid=2005-111717-2608-99&tabid=3I'll bet that if you look hard enough you may even find a removal tool, for free, has been posted by one of the makers of a major antivirus program such as AVG.Now, stop with the panic mode and get to work cleaning your system up.  And in the future be more careful where you download AutoCAD related content from.  Upgrade your anti-virus program too!You owe me.  Free virus removal tool at Sophos....http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/AL~Bursted-B.aspx


John Connor2012-05-16 12:27:22

Crack that whip, John!

Dave

Somehow he found this site but can't find out how to remove a virus even though he had part of the name.  I find that....unusual.