Clamav windows 2012 r2
Post by cremefraiche » 2013-09-02 15:28
I apologize in advance if this has been asked;
I am having dificulty getting ClamAV service to run on Windows server 2012. I followed the steps outlined in this document https://www.google.com.au/url?sa=t&rct= . 5398,d.aGc as good as could, I have been reading 100s of hMail forum posts and everything refers to a link that does not work.
So I downloaded http://sourceforge.net/projects/clamav/ . i/download and ran it; I installed it in c:\ClamAV\ then followed the document to create the service and apply the registry changes.
I even went as far as to create my own version of scvtimeout.bat
ok so that is enough waffling to my error:
when I attempt to start the ClamAV and FreshClam services i get the following message:
«Windows could not start the ClamAV service on Local Computer.
Error 1053: The service did not respond to the start or control request in a timely fashion.»
does anyone have any idea as to what the problem is?
Re: Windows Server 2012 (x64) ClamAV and Hmailserver
Post by ActionHosting » 2013-09-25 15:26
I went via a slightly different route for installing.
- I installed ClamWin (Using clamwin-0.97.8-setup.exe from http://downloads.sourceforge.net/clamwi . -setup.exe)
- I extracted ClamAV into c:\ClamAV (Using clamav-amd64-0.97.8.7z from http://oss.netfarm.it/clamav/)
- I configured ClamD in c:\ClamAV as below:
Re: Windows Server 2012 (x64) ClamAV and Hmailserver
Post by AuZee » 2014-03-04 02:55
Thought I’d just sign up and write in regarding this method. I’m on (x32) but still applied.
ActionHosting wrote: [*]I used RunAsSvc.exe (Available here: http://www.pirmasoft.de/downloads/runassvc.zip) to install the ClamD application as a service.
Install using the parameters «-c c:\clamav\clamd.conf» and the working directory of «c:\clamav»[/list]
The advantages of doing it this way are as follows:
- ClamWin deals with the automatic update of definitions
- ClamD is faster at scanning than using ClamScan
- RunAsSvc is much easier to setup than SC.exe etc
Funnily enough. I downloaded and used the RunAsSvc.exe just to test and see if it would work. It did. However, for some reason it logged itself as another user (it appeared), and took control of Sygate Firewall (first active logon sees SF only).
So I removed it. fiddled some more, and now for some reason the service starts within XP home.
Anyway. the main advantages of installing ClamWin on the system per-Se is that your PC has a virus app on it.
Secondly, you can path to the database of the definition files for ClamAV to use when you ONLY use ClamAV in hM (and not the ClamWin tab). You only need to setup your .conf file with the patch to the virus defs.
Example: DatabaseDirectory C:\Documents and Settings\All Users\.clamwin\db
Guess I’m just reiterating what he wrote above.
Think that’s all I have to say on the matter
Установка, настройка и использование антивируса ClamAV в CentOS
ClamAV – антивирус с открытым исходным кодом. Используется для обнаружения вирусов, вредоносных программ и вредоносного ПО. В основном используется на платформах под управлением Linux для проверки каталогов пользователей, доступных по ftp, samba, каталогов веб сайтов или писем на почтовых серверах в виде MTA агента.
В данной статье мы рассмотрим установку и настройку ClamAV на сервере под управлением CentOS.
Установка антвируса ClamAV на CentOS
ClamAV не доступен в базовых репозитория Linux и поэтому, для его установки на сервере потребуется репозиторий EPEL:
# yum install epel-release -y
После установки репозитория, можно перейти к установке всех нужных пакетов для ClamAV. Для установки используется менеджер пакетов yum (или dnf в CentOS 8):
# yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
Базовая настройка антивируса ClamAV в CentOS
Чтобы настроить собственную конфигурацию антивируса ClamAV, нужно удалить конфигурацию по умолчанию в файле /etc/clam.d/scan.conf.
# sed -i -e «s/^Example/#Example/» /etc/clamd.d/scan.conf
После чего перейдем к самой настройке. Откройте файл конфигурации:
И раскомментируйте следующую строку:
Так же вы можете расскоментировать нужные строки с настройками. Например, включить логирование или настроить максимальное количество подключений.
Конфигурационный файл /etc/clamd.d/scan.conf содержит довольно подробные комментарий ко всем настройкам и каждая строка в нем описана.
Для поддержки баз антивирусных сигнатур для ClamAV в актуальном состоянии, нужно включить инструмент Freshclam. Создадим резервную копию файла конфигурации:
# cp /etc/freshclam.conf /etc/freshclam.conf.bak
После чего, запустите команду:
# sed -i -e «s/^Example/#Example/» /etc/freshclam.conf
И запустите обновление антивирусных баз:
В процессе обновления, могу появляться ошибки о том, что некоторые обновления не могут быть скачаны. Freshclam автоматически подберет нужное зеркало для успешной загрузки.
Чтобы freshclam автоматически проверял обновления, можно запустить его с параметром -d:
# freshclam -d — таким образом, каждые 2 часа будет выполняться проверка на обновления.
Для удобства запуска создадим файл службы для freshclam:
И добавим содержимое:
Выполним перезапуск демона systemd:
# systemctl start freshclam.service
# systemctl enable freshclam.service
# systemctl status freshclam.service
Аналогично сервису для freshclam, создадим сервис для самого ClamAV. Конфигурационный файл уже существует, но нужно изменить его название:
# mv /usr/lib/systemd/system/clamd\@.service /usr/lib/systemd/system/clamd.service
Для удобства мы удалили \@ .
Также, измените конфигурацию данного файла:
И можно запускать сервис антвируса и добавлять его в автозагрузку:
# systemctl start clamd.service
# systemctl enable clamd.service
Сканирование файлов с помощью антивируса ClamAV
После завершения настроек антивирусной службы, вы можете проверить любую директорию сервера на вирусы (режим сканера). Для ручного запуска проверки указанного каталога на вирусы используйте команду:
# clamscan —infected —remove —recursive /var/www/
С такими параметрами антивирус сразу удалить инфицированные файлы. Если вы хотите переместить подозрительные файлы в отдельный каталог, запустите проверку с параметром —move:
# clamscan —infected —recursive —move=/tmp/clamscan /var/www
Данная команда проверит указанную директорию со всеми вложениями на вирусы и подозрительные файлы переместит в директорию /tmp/clamscan.
Как видим, инфицированный файл был перенесен в указанную директорию:
Так же, можно добавить параметр —log=/var/log/clamscan.log, чтобы информация о сканировании писалась в указанный лог
Если вы хотите исключить из проверки какую-то из директорий, используйте параметр —exclude-dir:
# clamscan -i —recursive —move=/tmp/clamscan —log=/var/log/clamscan.log —exclude-dir=»/var/www/administrator» /var/www
Для регулярной проверки на вирусы вы можете настроить задание в cron, с нужными вам параметрами.
Существует графическая оболочка для антивируса ClamAV – она называется ClamTk.
Download
Source code
Download the official source code using the links below. We recommend running the ClamAV Stable Version on production systems.
Not the right format for your operating system? Find Win32, MacOS X, Linux & BSD packages in the Alternate Versions section.
The latest stable release is 0.103.0
| file | Modified | Size |
|---|---|---|
| clamav-0.103.0.tar.gz.sig | 2020-09-14 13:32:26 UTC | 801 bytes |
| clamav-0.103.0.tar.gz | 2020-09-14 13:32:32 UTC | 12.8 MB |
Virus Database
For ClamAV to work properly, both the ClamAV engine and the ClamAV Virus Database (CVD) must be kept up to date.
Freshclam should perform these updates automatically. Instructions for setting up Freshclam can be found in the documentation section.
If your network is segmented or the end hosts are unable to reach the Internet, you should investigate setting up a private local mirror. If this is not viable, you may use these direct download links: main.cvd | daily.cvd | bytecode.cvd
Upgrading
Be sure to read the Upgrade Instructions prior to updating ClamAV. Sign up for notifications regarding newest stable releases and betas, by subscribing to the clamav-announce mailing list.
Development Releases
Release Candidates
There are currently no release candidates available for download.
Beta Versions
There are currently no beta versions available for download.
Changelog
The ChangeLog lists all recent fixes and improvements.
Clone the Git Repository under UNIX with one of these commands:
- Smart-HTTP Protocol (Git 1.7+) $ git clone https://github.com/vrtadmin/clamav-devel
- Git Native Prococol (Git $ git clone git://github.com/vrtadmin/clamav-devel
- Windows users may want to install Git on Windows
Previous Stable Releases
You can find previous releases on sourceforge
Refer to the Upgrade Instructions for reference.
Bytecode Compiler
Git 1.7+
$ git clone git://github.com/vrtadmin/clamav-bytecode-compiler
Git
$ git clone https://github.com/vrtadmin/clamav-bytecode-compiler
Talos PGP Public Key
Alternate Versions of ClamAV
Various third parties have developed versions of ClamAV to work on a variety of operating systems. Several of these are listed below. Installation instructions for many operating systems can be found in the documentation.
Windows Packages
Win32
ClamAV downloads for Win32
| file | Modified | Size |
|---|---|---|
| ClamAV-0.103.0.exe | 2020-09-14 13:32:21 UTC | 33.6 MB |
| ClamAV-0.103.0.exe.sig | 2020-09-14 13:32:37 UTC | 801 bytes |
| clamav-0.103.0-win-x86-portable.zip | 2020-09-14 13:32:45 UTC | 7.1 MB |
| clamav-0.103.0-win-x86-portable.zip.sig | 2020-09-14 13:33:00 UTC | 801 bytes |
Win64
ClamAV downloads for Win64
| file | Modified | Size |
|---|---|---|
| clamav-0.103.0-win-x64-portable.zip.sig | 2020-09-14 13:33:05 UTC | 801 bytes |
| clamav-0.103.0-win-x64-portable.zip | 2020-09-14 13:33:10 UTC | 8.2 MB |
Windows Antivirus
Immunet, powered by ClamAV is a fast, fully featured Windows desktop Anti-Virus (AV) solution that utilizes the power of advanced cloud based detection techniques and the strength of the time tested ClamAV engine. This unique combination of technologies allows for a highly effective approach to today’s fast moving malware threats.
Features
- Real-time Detection
- Scheduled Scanning
- Intelligent Scanning — Fast and configurable smart scans
- Custom Detection — Using the standard ClamAV signature language
- Advanced Archive and Packer Support
- Fast and Light System Footprint
- Quarantine
Visit the Immunet website:
Linux Packages
Ubuntu
Installing
ClamAV can be found for Ubuntu in the apt repository. Run this command to install ClamAV:
apt-get install clamav
If you need clamd, you may also want to run:
apt-get install clamav-daemon
If you require support for scanning compressed RAR files you first need to enable the non-free archive, and then you can install the RAR-plugin using:
apt-get install libclamunrar6
There are two classes of clamav packages available for Ubuntu users:
Released Set
The released set (release, *-updates, and *-security) are patched for security updates. Following extensive testing of clamav and the packages that use it in the backports repository, they may be updated to a newer version. These are official Ubuntu packages and supported by community developers.
Backports
The Ubuntu backports repository will contain the newest clamav version that has been at least lightly tested to work with that version. These packages can be installed by enabling the backports repository on your system.
Ubuntu packages are maintained by Ubuntu MOTU Developers.
Debian
ClamAV can be found in the apt repository. Run this command to install ClamAV:
apt-get install clamav
If you need clamd, you may also want to run:
apt-get install clamav-daemon
For the stable release, the packages are updated via the StableUpdates mechanism.
If you require support for scanning compressed RAR files you first need to enable the non-free archive and then you can install the RAR-plugin using:
apt-get install libclamunrar6
To test the installation, you can try to scan the test files in the clamav-testfiles package.
ClamAV is included in the openSuSE distribution and in Novell’s SuSE Linux Enterprise products. To use these packages, pick the subdirectory for your SuSE version from the openSuSe website
Use the update variant for openSuSE, add it to your installation as another repository using YaST or zypper and give it a higher priority (lower number) than the repository that delivers the official updates.
RPMs of new ClamAV versions for existing SuSE products are provided through the respective online update channels.As these packages have to go through QA, it usually takes some time for a new ClamAV source release to appear as an official RPM. For those who want the newest version, packages are available from the security project in the openSuSE Build Service.
SuSE packages are maintained by Reinhard Max.