Attention ALC and CRP viruses in 3Ds Max!

Updated on August 3, 2018

Attention, there is a new kind of virus spreading in the environment of 3Ds Max, which can not be detected by your antivirus software!

If your scene is infected or you want to avoid getting the virus into your 3Ds Max download and install share-ware script Prune Scene and activate the Active Protection!
Download Prune Scene
After run Active Protection mode viruses will be deleted.
In the future, if the viruses get to you in the scene they will always be deleted!

Important!

You can use Prune Scene for free to clean up viruses!

Intro


Recently, there has been a high activity of infection of scenes and models with ALC betacleaner (Worm.3DsMax.ALC.clb) and CRP bscript (Worm.3DsMax.CRP.bscript) viruses at 3D stocks, online forums and online sharing services. Typically, viruses get to you through an infected scene file (* .max) when you Open, Merge or X-Ref it.

When opening or working with an 3Ds Max software file (*.max), the scene displays some strange behaviors. Read about each virus in details below.

ALC betacleaner

alc virus helpers

This virus a 3rd-party MaxScript (hereafter called "ALC"), can accidentally corrupt 3Ds Max software's settings and be propagated to other Max files (*.max) on a Windows system if scene files containing the broken script are loaded into 3Ds Max. (The original script seems to have been included with some free 3ds Max scenes that users may have downloaded from various online sources.)

Although the MaxScript appears to have been written as a form of copy protection for a commercial plug-in, if affected 3Ds Max scene files are distributed and re-opened, they may propagate the corruption problem to other copies of 3Ds Max.

This particular MaxScript file will be embedded into a Max scene file as a scripted controller.
The script saves itself into hidden files in the:
C:/Users/Your User Name/AppData/Local/Autodesk/3dsMax/Release Number - 64bit/Lang/scripts/startup
Files:
  • vrdematcleanbeta.ms
  • vrdematcleanbeta.mse
  • vrdematcleanbeta.msex​

Note!

These files will have their System attribute properties set to Hidden, and are not normally visible in the Windows operating system's File Explorer. You may need to change the View → Folder Options to "View Hidden Files and Folders.

This virus take next issues:

  • Crashes or fails to open
  • Corrupted scene data
  • Empty helper nodes (¡¡×ý×û and ×þ×ü)
  • Unable to save the scene manually
  • Unable to use the Undo function
  • Displays various MaxScript errors
  • Corrupts or removes cameras, lights, and/or materials
  • Forces an auto-save after breaking the scene or when choosing "Don't Save" when closing
  • Adds itself to an existing script in the MaxScript startup directory
  • Force closes 3Ds Max
  • Unable to save V-Ray lights

CRP bscript

This virus a 3rd-party MaxScript (hereafter called "CRP"), can accidentally corrupt 3Ds Max software’s settings and be propagated to other Max files (*.max) on a Windows system if scene files containing the broken script are loaded into 3Ds Max. (The original script seems to have been included with some free 3ds Max scenes that users may have downloaded from various online sources.)

This virus also distributed as ALC betacleaner when you open the scene. Virus spoils all scripts that are in your MaxScript startup folder, adding malicious code to them.

This virus take next issues:

  • Undo function is broken and no longer works after switching to different viewports
  • Scene lights may disappear or be deleted
  • Scene materials may deleted
  • Damage scripts in MaxScript startup folder

How to detect viruses?

For ALC betaclenaer:

Open MaxScript Listener copy and paste next string and press the Enter:
(globalVars.isGlobal #AutodeskLicSerStuckCleanBeta)
The sequence should return the line: false. If the sequence returns: true - you are infected!

For CRP bscript

Open MaxScript Listener copy and paste next string and press the Enter:
(globalVars.isGlobal #CRP_BScript)
The sequence should return the line: false. If the sequence returns: true - you are infected!

There are also other modifications of viruses that only Prune Scene can handle.

How to remove viruses?

prune scene active protection
If your scene is infected or you want to avoid getting the virus into your 3Ds Max download and install share-ware script Prune Scene and activate the Active Protection!
Download Prune Scene
After run Active Protection mode viruses will be deleted.
In the future, if the viruses get to you in the scene they will always be deleted!

Important!

You can use Prune Scene for free to clean up viruses!

You also can use another scripts for fix this problems:
ALC_fixup_v1_2.ms and CRP_fixup_v1_2.ms
But I not recommend to use it because you will need to run them from time to time manually and you can miss the moment when the virus gets into another scene that's very critical for large companies where several people can work with one file. Also there are other modifications of the viruses that these scripts can not fix it!

Official Information


Here official Autodesk assertion:

https://knowledge.autodesk.com/support/3ds-max/troubleshooting/caas/sfdcarticles/sfdcarticles/Potential-issues-with-third-party-MAXScript-CRP-switching-to-different-viewport-scene-lights-disappear-or-seem-deleted.html


https://knowledge.autodesk.com/support/3ds-max/troubleshooting/caas/sfdcarticles/sfdcarticles/Scene-file-crashes-corrupts-scene-data-gives-Script-Controller-error-or-no-longer-uses-the-Undo-function.html?st=alc

Update 1

From the official source it became known that in 3Ds Max 2019 Update 2 by default has protection will be enabled and help against the ALC/CRP issue.

Here official assertion:

https://forums.autodesk.com/t5/3ds-max-forum/potential-issues-caused-by-third-party-maxscript-files-alc-and/m-p/8281431#M164173

About Security Tool in 3Ds Max 2019 Update 2:

http://help.autodesk.com/view/3DSMAX/2019/ENU/?guid=GUID-C8FEC566-7747-4C35-A7DE-6B8233C9ACB0

Also confirmed information about the modification of the CRP virus named as ADSL


A 3rd-party MAXScript known as "ADSL" can accidentally corrupt 3ds Max software settings.

The script can be propagated to other MAX files (*.max) on a system if scene files containing it are loaded into 3ds Max. This corruption is a nearly identical variant of the CRP corruption, but uses different variable names.

Security Tools in 3Ds Max Update 2 can detect and clean this script from your system startup scripts and any infected scene files.

http://help.autodesk.com/view/3DSMAX/2019/ENU/?guid=GUID-10254858-7E5A-4220-9960-C250CCE2BA56

Update 2

Autodesk released official Security Tools for Autodesk© 3ds Max® 2019-2015 for clean next threats: ALC, CRP and ADSL worms.

autodesk security tools
autodesk security tools success cleaned

You can now download and install this tool for free for 3Ds Max versions: 2015, 2016, 2017, 2018. For 3Ds Max 2019 just install latest Update 2 with iterated solution.

If you have issues with the ALC/CRP/ADSL from older versions of 3Ds Max (2014 and previous) use Prune Scene!

For enable/disable protection you must add button on main toolbar: Customize → Customize User Interface → Category: Security Tools. Then Drag&Drop 3ds Max Security Tools on to main toolbar.

autodesk security tools main script

When run this tool you can see next window with one option enable/disable.
autodes security tools main window

Download Security Tools link:

https://apps.autodesk.com/3DSMAX/en/Detail/Index?id=7342616782204846316&appLang=en&os=Win64&autostart=true&_ga=2.133465549.214023933.1539677907-1032128742.1504603966


Direct link for download from 3DGROUND:

Direct Download


Documentation:

https://apps.autodesk.com/3DSMAX/en/Detail/HelpDoc?appId=7342616782204846316&appLang=en&os=Win64


{{commentsMsg}}
  

No one has posted a comment yet.
{{comment.lastname}} {{comment.name}} {{comment.date}}
{{comment.text}}


SUBSCRIBE TO OUR NEWSLETTER

{{subscribeMsg}}