then there is no info where did the quarantine files came from and batch file would be impossible to write.

However there is an option to:
1) try system restore to a point before the quarantine
2) rename all files in clamwin quarantine folder dropping .infected extension and copy them to C:\Windows\System32, then work out what else do you need

Good joke - if the "infected" files had been from only one directory the "recovery" would have been really simple...
BUT... you know...

Maybe a suggestion of mine:
If someone has the logfile for a server2003 and he uploads this to you and you make this batchfile then I could use this also. The rest of in clamwin-quarantine staying files I could recover "by hand"... hoping there are much less than now...

Hi 456654,

I've already emailed my log file to the ClamWin guy.. It was a server 2003, so it might very-well help your situation.

Good news, my server datacenter has just got a KVM setup for me.. ...
Bad News, and when logging on I was shown, what i can only be describe as the most offensive thing to see after reading an email saying that over 7000 of your windows system files have been quarantined.

User Interface Failure
The Logon User Interface DLL VMGINA.DLL failed to load.
Contact your system administrator to replace the DLL, or restore the original DLL.

RESTART.


And i sure as hell am NOT pressing that button... No matter how hard my little server box tries to boot up.. It's never going to come online with half it's brain blown out by a false positive.

It's going to be an interesting few days....

Well, at least I've got my health...... Apart my left arm now tingles, and face has gone numb...

found it!!!

its named "tmpebr7mg"

I have part of the log file, I will email this now could you do the batch file for me.

Will come from jasonwilkinson at live dot co dot uk.

----------- SCAN SUMMARY -----------
Known viruses: 851473
Engine version: 0.96.1
Scanned directories: 5099
Scanned files: 56849
Infected files: 11369
Total errors: 1
Not copied: 2874
Data scanned: 14255.87 MB
Data read: 22150.16 MB (ratio 0.64:1)
Time: 15309.046 sec (255 m 9 s)

Best of luck
Jason

I join the ranks of the people thoroughly screwed over by ClamWin...
2500+ files (mostly system and application files) snatched from where ever they resided and moved to the quarantine (including a lot of ClamWin's own files).

Now I guess I could reinstall ClamWin, but since it's not possible (as suggested by earlier posts in this thread) to restore quarantined files to their original location - the reasons for this boggles the mind - what would be the point really?

For my money's worth, this is absolutely unacceptable and I will spend the next few days trying to bring my system back to life, cursing ClamWin all the way.

This is indeed a dark day for ClamWin users all over the world.

But the ClamWin guys are doing all they can do help..

Unfortunatly, all the money I've saved by using ClamWin will now have have to go on a new server next to my poorly one. So I can recover the system, migrate the data, and make all my customers happy once again.

Not looking good.

In my case i have a log file, but the move to the infected folder is not logged.
it didn't send out a mail
only this mrning after update to the new version i see int the log the move of some files to the infected folder

2003 Server. only rdp acces is possible

If you've still got RDP Access.. you've NO idea how lucky you are..

Has anybody recieved a batch file from alch as posted on this forum?

Hi Alch, can you give me any idea how long we can expect to wait for the file?

I am at a customer site and will leave and return if you have a long list and it is going to take a couple of hours, days... I hope not.
I do appreciate that you are trying to help and are under huge pressure.

Just a quick line to let us know how long to wait or if we should start work on our own for a restore/repair.

Regards
Jason

seems that my fault today was that i first installed new version of clamwin and then read the forum.
I think the installationprocess has deleted my old tmp file from the log

Omg man, i have here 2008 server and two sql base for program and all are stoped!

more 18.000 files ar moved,
i'll send to u 3 log file of 3 computer was use a clam for antvirus
please hehlp alch!

btw: u will receive the files from @balaminut.com.br ou @gmail.com
and if u can send in txt mod not in allready batch bcz my mail will block :/


ty

Thank you - let's have a look what happens with it...

Same for me

But in this case you know you have your heart on the right place -D

Be happy that you got your KVM and be quiet! -D

Maybe someone found a resolution for those who have a logfile:
https://forums.clamwin.com/viewtopic.php?p=13142#13142 https://forums.clamwin.com/viewtopic.php?p=13142#13142
@alchi: could be helpful to close this other thread and make there a link to this one...