Many users of the free ClamWin antivirus scanner were left with severely crippled operating systems after a bogus update caused the program to wrongfully quarantine thousands of clean files.Reports started pouring in earlier today on the official forums, with users complaining that, following scheduled scans, the program moved up to 25,000 clean files to the quarantine.
Company representatives acknowledged the problem and suggested that the best course of action is to restore the entire system from a backup.
"
We had a very unfortunate coincidence with version and database updates which triggered a bad
false positive. Restoring from a backup (if you have one) would be a best option,"
wrote a site admin identified as alch.
A new version of the antivirus (0.96.4) was released to resolve the false positive detection and an utility for restoring the quarantined files was also made available.
The tool determines the original location of the files from the scan log, which is located under "
C:\Users\All Users\.clamwin\log\ClamScanLog.txt" on Windows Vista and 7, and under "
C:\Documents and Settings\All Users\.clamwin\log\ClamScanLog.txt" on XP.
Unfortunately, this log file is limited to a size of 1 MB, which means that in cases where a large number of files were affected, some records could be gone forever.
The problem is even more serious for users who ran the product on Windows-based servers in order to avoid having to pay for a commercial anti-malware solution, because mission critical services might depend on those systems.
ClamWin is developed by a company called ClamWin Pty Ltd. and is distributed under the GNU General Public License (GPL). It is basically a custom user interface which provides additional functionality to Sourcefire's popular ClamAV open source antivirus engine.
It features scheduled and on-demand scans, automatic updates, a Microsoft Outlook add-on to detect infected emails, and integration with Windows Explorer. Despite lacking more advanced detection technologies, the program has around 600,000 users worldwide, according to data released by the company.
Find us on Google+
