- #Any virus issues using cad how to
- #Any virus issues using cad code
- #Any virus issues using cad free
#Any virus issues using cad code
And it injects malicious code into startup scripts. Thus, even if you delete files from startup, and somehow remove Helpers, a callback will still be executed, which will start the whole process again!įor the CRP virus, the scheme is the same, except that it is not written to the script controller, but to the Persistent global variable, which is saved with the scene and executed when the scene is started. When you open a scene with Helpers, all the same actions are performed: writing to startup, creating callbacks, automatic saving. With each Open, Merge, X-Ref, Helpers are also created and a startup is recorded, after which the scene is automatically saved. These auxiliary objects cannot be deleted and they easily migrate between scenes.
/cdn.vox-cdn.com/uploads/chorus_image/image/50025783/virus_autodesk.0.png "any virus issues using cad")
Now let's imagine how it all works in combination: When you start 3Ds Max, scripts from the startup folder are executed, which create Helpers and write to callbacks.
#Any virus issues using cad how to
I recommend sharing this article so everyone knows how to protect their work!Īlso, so-called callbacks are created, and the code from the script controller is also written in them and executed with Open, Merge, X-Ref. It doesn't matter for what purpose or intentions it was created, in fact we have only one troubles and we cannot try to ignore this problem. They can be removed manually or with special scripts like Prune Scene. Since this is a regular script that is executed in the 3Ds Max environment, no one Anti-Virus can detect these viruses. However, we have a script that spreads itself between scenes, can cause 3Ds Max to crash, break some functions like CTRL+Z, change something in the scene, degrade performance and interrupt the workflow, so it's correct to call it - a virus! In the ALC code, there are no specific lines to break the undo function (CTRL+Z), cause a crash on startup, or slow down the 3Ds Max - these are all problems of poor adaptation of the code. And in the latest modifications of ALC3, your renders and personal information can generally be sent to the C&C servers!Īlthough ALC was conceived as a form of protection for commercial projects of scenes and models, due to the incorrect operation of the code itself, 3Ds Max could malfunction, the undo function (CTRL+Z) could not work, and various kinds of bugs. If it did not pass authentication, then ALC could change scene settings, materials, remove lights, etc.
The security logic for commercial models or scenes was incorporated in the code. The behavior reminded me of a typical "worm virus ", so I named it. This meant that even if the files were removed from startup, any action with the scene could run the code to write itself back to files again, and Helpers that are not removed contributed to the initialization of this process. To my surprise, the malicious script tried to write itself to the script startup folder, registered callbacks, and launched when Merge, Open, X-Ref and other scene operations were performed. I saw a lot of obfuscated text in the Listener (Maxscript console), after careful analysis and reverse engineering, I was able to understand how this code works. Having tried different removal options using Maxscript, I accidentally managed to cause an error in the script controller, into which the malicious code was written. Below I will write in detail about the ALC virus, since CRP is very similar to it. Actually, this has become a key factor in the distribution and a global problem.
#Any virus issues using cad free
But no one expected that by downloading a free model, you get such a "gift ".ĪLC and CRP viruses gained more widespread distribution by the end of 2017, since there was no protection at that time, they got to 3D Stocks without any problems.
Then no one understood the strange appearance of Helpers in the scene with the names "¡¡×ý × û" and "×þ×ü" and it was assumed that these were objects of unsuccessful import from Auto CAD or similar programs.Īs far as we know, ALC and CRP started their journey with Chinese 3D Stocks. The first mentions of strange non-removable objects that get into the scene appeared at the end of 2016.
0 kommentar(er)
