Download from http://oss.netfarm.it/clamav/ Win32: clamav-win32-0.97.1.7z Microsoft.VC80.8.0.50727.6195.CRT.x86.7z vcredist_x86_6.0.2900.2180.exe Amd64: clamav-amd64-0.97.1.7z Microsoft.VC80.8.0.50727.6195.CRT.amd64.7z vcredist_x64_6.0.2900.2180.exe Extract archive clamav-win32-0.97.1.7z to c:\ If your zipper does not support .7z format, download and install 7-zip from http://www.7-zip.org Rename extracted directory (e.g. clamav-win32-0.97.1) to c:\clamav
Create subdirectories "db", "log" and "tmp" within c:\clamav md c:\clamav\db md c:\clamav\log md c:\clamav\tmp
Extract archive Microsoft.VC80.8.0.50727.6195.CRT.x86.7z to c:\clamav Make sure this creates a subdirectory c:\clamav\Microsoft.VC80.CRT which contains the DLL files. Install vcredist_x86_6.0.2900.2180.exe on the machine. Double click the c:\clamav\clamav.reg file REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\ClamAV] "ConfigDir"="C:\\Clamav"
"DataDir"="C:\\Clamav\\db" Replace the default file c:\clamav\freshclam.conf with the following, making it look like this: DatabaseMirror database.clamav.net DNSDatabaseInfo current.cvd.clamav.net DatabaseDirectory c:\clamav\db Checks 12 NotifyClamd c:\clamav\clamd.conf LogFileMaxSize 20480000 LogTime true UpdateLogFile c:\clamav\log\freshclam.log Open a DOS box to install the freshclam service freshclam --install Start the freshclam service
net start freshclam Check the db directory for successful download of the signatures bytecode.cld daily.cld main.cld mirrors.dat Ignore the warning in the log, it tells you that clamd is not running yet. Wed Jul 13 10:09:17 2011 -> freshclam daemon 0.97.1 (OS:win32, ARCH: i386, CPU: i386) Wed Jul 13 10:09:17 2011 -> ClamAV update process started at Wed Jul 13 10:09:17 2011 Wed Jul 13 10:09:17 2011 -> main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) Wed Jul 13 10:09:19 2011 -> Downloading daily.cvd [100%]
Wed Jul 13 10:09:20 2011 -> daily.cvd updated (version: 13316, sigs: 147409, f-level: 60, builder: guitar) Wed Jul 13 10:09:20 2011 -> bytecode.cld is up to date (version: 143, sigs: 40, f-level: 60, builder: edwin) Wed Jul 13 10:09:21 2011 -> Database updated (993663 signatures) from database.clamav.net (IP: 130.59.10.36) Wed Jul 13 10:09:22 2011 -> ERROR: NotifyClamd: Can't connect to clamd on localhost:3310 Replace the default file C:\clamav\clamd.conf with the following, making it look like this: LogFile c:\Clamav\log\clamd.log DatabaseDirectory c:\clamav\db LogTime true
LogFileMaxSize 20480000 TCPSocket 3310 # Twice as much ClamAV threads as worker threads in XWall MaxThreads 40 # Disable Zip in ClamAV and uncheck Options->Virus->Options->Scanner supports ZIP ScanArchive no # No Phishing, because ClamAV gets confused by simple forwards PhishingScanURLs no # No need that ClamAV decodes the message, XWall already does it ScanMail no # Must be enabled when checking for Office Macros with Options->ClamAV->Macro #ScanOLE2 yes #OLE2BlockMacros yes #In case freshclam can't connect to clamd
#TCPAddr 10.0.0.1 Open a DOS box, change to c:\clamav and install the clamd service C:\clamav>clamd --install Set the clamd service to auto start at boot time. sc config clamd start= auto Start the clamd service net start clamd Test if clamdscan is working from a DOS box in the c:\clamav direcory C:\clamav>clamdscan --version ClamAV 0.97.1/13316/Wed Jul 13 02:22:12 2011 c:\clamav>clamdscan .
c:\clamav: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.078 sec (0 m 0 s) Start MBAdmin, select Options->Virus->ClamAV and enable Enable virus scan on inbound messages Start MBAdmin, select Options->Virus->Options and disable Scanner supports ZIP files Restart XWall and verify that ClamAV is working. The logfile should show: ClamAV virus scanner is working properly
Based on a publication in the XWall forum from maga on 2011-07-13 |