the clam found many infected files almost all exe files
they were all quarantined
the system cannot work
is there any automatic unquarantine solution

before i clean it i need to fix this problem

amit

no, unquarantine is not yet available.
You can parse the log file and create a batch file which will copy quarantined files to the original location.

thanks... however creating a batch file will take longer then manually removing the files from the quarantine directory
it took almost all my EXE files with it... and i suspect its a wrong identification...

I meant to parse the log file by use of a scripting language (awk, perl, python, etc)

I don't think that clamwin could mistakenly identify all of your exe's, it would be the first case in history. If there is a false positive clamwin marks one or two files but never all.

never in my life i encountered a worm that effected 300 exe files including system files as well as the clam files themselves
and i stopped just before it reached the system and system 32 directories

so i was wondering if its possible

sounds like a bug in the detection code then. Very unusual.

and terribly problematic... this but is far more complicated because while running in the background it quarantine the files however keep then still in their places i.e duplicating them, untill you find yourself with a hard drive space problem. then when you run a scan it will completely remove all the EXEs (almost every one of them !!!) to the quarantine and you are stuck with a system that no exe file is in the place

can you tell me which virus clamwin detected in those files? Also please paste a portion of scan log

W32 parite.B

then it may NOT be a false positive...
take a look here:
https://www.viruslist.com/en/viruses/encyclopedia?virusid=20924

I would like to hear more about this. amit, have you found out anything since?

I am looking at the forums to consider whether I should begin using ClamWin. I have been using AntiVir Personal for years, and I really liked it, but it looks like it is going to cost $$$ or else be a poor ghost of what it once was. I can go to AVG, but maybe ClamWin is the thing to try.

If ClamWin breaks complete systems, as this thread suggested at the beginning, no thanks.
If ClamWin has in this example shown its strength, then great. Although, you have to say, that is some virus. If it went through every Windows EXE in every drive, I'm not sure what a person would have left. I guess he could take off his personal data and do a low-level format of the disk and start as from Day One. Pretty rough virus.

I was thinking of doing a night-run on my system with ClamWin, but, um, I WILL still have a working system in the morning, right? According to AntiVir Personal, my system is clean as clean can be.

you can do that safely with clamwin. By default after installation it is set to report viruses only - no quarantining or interfering with the infected files in any other way.

clamwin creates the following report each time it runs:

Infected files: 1
Not moved: 1
Data scanned: 7838.86 MB
Time: 4589.068 sec (76 m 29 s)
--------------------------------------
Scan started: Thu Feb 2 14:00:01 2006

File excluded 'C:\Documents and Settings\All Users\.clamwin\quarantine\Dc45.exe'
ERROR: Can't open file C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
ERROR: Can't open file C:\WINDOWS\system32\config\default
ERROR: Can't open file C:\WINDOWS\system32\config\SAM
ERROR: Can't open file C:\WINDOWS\system32\config\SECURITY
ERROR: Can't open file C:\WINDOWS\system32\config\software
ERROR: Can't open file C:\WINDOWS\system32\config\system

C:\Documents and Settings\All Users\.clamwin\quarantine\Dc45.exe: Adware.NewDotNet.B-4 FOUND
-- summary --
Known viruses: 43959
Engine version: 0.88
Scanned directories: 3109
Scanned files: 46846
Infected files: 1
Not moved: 1
Data scanned: 7882.10 MB
Time: 5014.707 sec (83 m 34 s)


need help on what to do about it

please start a new thread, your post is unrelated to the discussion above.