Download from http://oss.netfarm.it/clamav/

Win32:
clamav-win32-0.97.1.7z
Microsoft.VC80.8.0.50727.6195.CRT.x86.7z
vcredist_x86_6.0.2900.2180.exe

Amd64:
clamav-amd64-0.97.1.7z
Microsoft.VC80.8.0.50727.6195.CRT.amd64.7z
vcredist_x64_6.0.2900.2180.exe

Extract archive clamav-win32-0.97.1.7z to c:\

If your zipper does not support .7z format, download and install 7-zip from http://www.7-zip.org

Rename extracted directory (e.g. clamav-win32-0.97.1) to c:\clamav

Create subdirectories "db", "log" and "tmp" within c:\clamav

md c:\clamav\db
md c:\clamav\log
md c:\clamav\tmp

Extract archive Microsoft.VC80.8.0.50727.6195.CRT.x86.7z to c:\clamav

Make sure this creates a subdirectory c:\clamav\Microsoft.VC80.CRT which contains the DLL files.

Install vcredist_x86_6.0.2900.2180.exe on the machine.

Double click the c:\clamav\clamav.reg file

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\ClamAV]
"ConfigDir"="C:\\Clamav"
"DataDir"="C:\\Clamav\\db"

Replace the default file c:\clamav\freshclam.conf with the following, making it look like this:

DatabaseMirror database.clamav.net
DNSDatabaseInfo current.cvd.clamav.net
DatabaseDirectory c:\clamav\db
Checks 12
NotifyClamd c:\clamav\clamd.conf
LogFileMaxSize 20480000
LogTime true
UpdateLogFile c:\clamav\log\freshclam.log

Open a DOS box to install the freshclam service

freshclam --install

Start the freshclam service

net start freshclam

Check the db directory for successful download of the signatures

bytecode.cld
daily.cld
main.cld
mirrors.dat

Ignore the warning in the log, it tells you that clamd is not running yet.

Wed Jul 13 10:09:17 2011 -> freshclam daemon 0.97.1 (OS:win32, ARCH: i386, CPU: i386)
Wed Jul 13 10:09:17 2011 -> ClamAV update process started at Wed Jul 13 10:09:17 2011
Wed Jul 13 10:09:17 2011 -> main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
Wed Jul 13 10:09:19 2011 -> Downloading daily.cvd [100%]
Wed Jul 13 10:09:20 2011 -> daily.cvd updated (version: 13316, sigs: 147409, f-level: 60, builder: guitar)
Wed Jul 13 10:09:20 2011 -> bytecode.cld is up to date (version: 143, sigs: 40, f-level: 60, builder: edwin)
Wed Jul 13 10:09:21 2011 -> Database updated (993663 signatures) from database.clamav.net (IP: 130.59.10.36)
Wed Jul 13 10:09:22 2011 -> ERROR: NotifyClamd: Can't connect to clamd on localhost:3310

Replace the default file C:\clamav\clamd.conf with the following, making it look like this:

LogFile c:\Clamav\log\clamd.log
DatabaseDirectory c:\clamav\db
LogTime true
LogFileMaxSize 20480000
TCPSocket 3310
# Twice as much ClamAV threads as worker threads in XWall
MaxThreads 40
# Disable Zip in ClamAV and uncheck Options->Virus->Options->Scanner supports ZIP
ScanArchive no
# No Phishing, because ClamAV gets confused by simple forwards
PhishingScanURLs no
# No need that ClamAV decodes the message, XWall already does it
ScanMail no
# Must be enabled when checking for Office Macros with Options->ClamAV->Macro
#ScanOLE2 yes
#OLE2BlockMacros yes
#In case freshclam can't connect to clamd
#TCPAddr 10.0.0.1

Open a DOS box, change to c:\clamav and install the clamd service

C:\clamav>clamd --install

Set the clamd service to auto start at boot time.

sc config clamd start= auto

Start the clamd service

net start clamd

Test if clamdscan is working from a DOS box in the c:\clamav direcory

C:\clamav>clamdscan --version

ClamAV 0.97.1/13316/Wed Jul 13 02:22:12 2011

c:\clamav>clamdscan .

c:\clamav: OK
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.078 sec (0 m 0 s)

Start MBAdmin, select Options->Virus->ClamAV and enable Enable virus scan on inbound messages

Start MBAdmin, select Options->Virus->Options and disable Scanner supports ZIP files

Restart XWall and verify that ClamAV is working.

The logfile should show: ClamAV virus scanner is working properly

Based on a publication in the XWall forum from maga on 2011-07-13