The ESET ACAD/Medre Cleaner is a specialized, free standalone utility designed to completely remove the destructive ACAD/Medre.A worm from systems running AutoCAD. This targeted malware strains industrial productivity by locating valuable .dwg design files and automatically emailing them to remote servers, resulting in massive intellectual property theft. Using this specialized tool ensures that the hidden code embedded within your AutoCAD template folders is completely erased without damaging your legitimate design blueprints. Understanding the ACAD/Medre.A Threat
The ACAD/Medre.A worm spreads through compromised AutoCAD projects. When a user opens an infected drawing file, the worm copies its body into the local support directories and modifies core startup scripts like acad.lsp. From that point on:
Every newly opened or created drawing is automatically targeted.
Stolen blueprints are secretly emailed to external drop boxes.
The worm automatically attaches itself to any project folder you archive or share, infecting other users. Step 1: Download the Standalone Cleaner
Because this worm embeds itself into your CAD environment, standard antivirus software may occasionally struggle to parse the specific scripting lines. You need to obtain the direct standalone cleaner provided by ESET Utilities:
Close all active instances of AutoCAD to prevent files from being locked during operation.
Download the executable file directly from the Official ESET Download Server.
Save the file, named EACADMedreCleaner.exe, to an easily accessible location like your Desktop. Step 2: Run the Cleaner and Remove the Worm
The tool runs directly through the Windows Command Prompt to efficiently intercept system hooks and scan the specific file paths used by AutoCAD.
Open the Windows Start Menu, type cmd, right-click on Command Prompt, and select Run as Administrator.
Navigate to your Desktop by typing the following command and pressing Enter: cd %userprofile%\Desktop Use code with caution. Execute the cleaner utility by typing its file name: EACADMedreCleaner.exe Use code with caution.
Follow any prompts on screen. The utility will automatically scan active processes, localized system paths, registry entries, and core AutoCAD directory loops.
Once the cleaning process finishes, review the terminal output to confirm that infected .lsp or .fas script modifications have been purged. Step 3: Run a Comprehensive System Verification
After purging the primary worm, it is vital to sweep your machine for residual components or secondary droppers that may have bypassed the utility.
Leave a Reply