File: //usr/share/doc/clamav-0.103.3/html/UserManual/Installation-Windows.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<meta name="generator" content="pandoc" />
<title></title>
<style type="text/css">code{white-space: pre;}</style>
<link rel="stylesheet" href="/en/github.css" type="text/css" />
</head>
<body>
<h1 id="installing-clamav-on-windows">Installing ClamAV on Windows</h1>
<p>If you wish to build ClamAV from source using Visual Studio 2015, please head over to the <a href="https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/win32/README.html">Win32 ClamAV Build Instructions</a> located in our source release materials on <a href="https://www.clamav.net/downloads">ClamAV.net</a> and on <a href="https://github.com/Cisco-Talos/clamav-devel">GitHub</a>.</p>
<hr />
<h2 id="install-using-the-clamav-windows-installer">Install using the ClamAV Windows Installer</h2>
<p>Important: Installing ClamAV using the Installer will require Administrator privileges.</p>
<ol>
<li>Download: <a href="http://www.clamav.net/downloads/production/ClamAV-0.103.1.exe" class="uri">http://www.clamav.net/downloads/production/ClamAV-0.103.1.exe</a></li>
<li>Locate the file in your Downloads directory.</li>
<li>Right-click on <code>ClamAV-0.103.1.exe</code> and select <code>Run as administrator</code>. You may receive a warning message along the lines of "Windows protected your PC". Select <code>More info</code> and then select <code>Run anyway</code>.</li>
<li>Select <code>I accept the agreement</code> and click <code>Next</code>.</li>
<li>Click <code>Next</code> again. If you've removed a previous installation of ClamAV, you may receive the prompt "The folder ... already exists...". If you do, select <code>Yes</code>.</li>
<li>Click <code>Install</code>.</li>
<li>Click <code>Finish</code>.</li>
<li>Press the Windows-key and type <code>powershell</code> but <em>DO NOT</em> press <code>Enter</code>. Right-click on <code>Windows PowerShell</code> at the top of the menu and select <code>Run as administrator</code>. Your computer may warn you <code>Do you want to allow this app to make changes to your device?</code> Click <code>Yes</code>.</li>
<li><p>Verify that the prompt in the PowerShell window looks like this:<br />
<pre><br />
PS C:\WINDOWS\system32><br />
</pre></p></li>
<li><p>In the Adminstrator PowerShell window, enter the following to navigate to the ClamAV install directory:<br />
<pre><br />
cd "c:\program files\clamav"<br />
</pre></p></li>
</ol>
<p>Continue on to "First Time Set-Up" below...</p>
<hr />
<h2 id="install-using-the-clamav-portable-install-package">Install using the ClamAV Portable Install Package</h2>
<ol>
<li>Download: <a href="https://www.clamav.net/downloads/production/clamav-0.103.1-win-x64-portable.zip" class="uri">https://www.clamav.net/downloads/production/clamav-0.103.1-win-x64-portable.zip</a></li>
<li>Unzip it.</li>
<li>Open the <code>clamav-0.103.1-win-x64-portable</code> directory.</li>
<li>Hold down Shift and then right-click on the background in the current directory (but not on one of the files). Select <code>"Open PowerShell window here"</code>. If that option doesn't appear, try again.</li>
</ol>
<p>Continue on to "First Time Set-Up"...</p>
<hr />
<h2 id="first-time-set-up">First Time Set-Up</h2>
<p>In the PowerShell window, perform the following tasks:</p>
<ul>
<li>Run:<br />
<pre><br />
copy .\conf_examples\freshclam.conf.sample .\freshclam.conf<br />
copy .\conf_examples\clamd.conf.sample .\clamd.conf<br />
</pre></li>
<li>Run:<br />
<pre><br />
write.exe .\freshclam.conf<br />
</pre></li>
</ul>
<p>WordPad will pop up. Delete the line that says "Example". You may also wish to set additional options to enable features or alter default behavior, such as the receive-timeout. Save the file and close WordPad.</p>
<ul>
<li>Run:<br />
<pre><br />
write.exe .\clamd.conf<br />
</pre></li>
</ul>
<p>WordPad will pop up. Delete the line that says "Example". You may also wish to set additional options to enable features or alter default behavior, such as enabling logging. Save the file and close WordPad.</p>
<hr />
<h2 id="additional-notes-about-the-config-files-and-database-directories">Additional notes about the config files and database directories</h2>
<p>The install directory is but one of a few locations ClamAV may search for configs and for signature databases.</p>
<h3 id="config-files-path-search-order">Config files path search order</h3>
<ol>
<li>The content of the registry key:<br />
"HKEY_LOCAL_MACHINE/Software/ClamAV/ConfDir"</li>
<li>The directory where libclamav.dll is located:<br />
"C:\Program Files\ClamAV"</li>
<li>"C:\ClamAV"</li>
</ol>
<h3 id="database-files-path-search-order">Database files path search order</h3>
<ol>
<li>The content of the registry key:<br />
"HKEY_LOCAL_MACHINE/Software/ClamAV/DataDir"</li>
<li>The directory "database" inside the directory where libclamav.dll is located:<br />
"C:\Program Files\ClamAV\database"</li>
<li>"C:\ClamAV\db"</li>
</ol>
<hr />
<h2 id="next-steps">Next Steps</h2>
<hr />
<h3 id="download-the-signature-databases">Download the Signature Databases</h3>
<p>Before you can start the ClamAV scanning engine (using either <code>clamd</code> or <code>clamscan</code>), you must <em>first</em> have ClamAV Virus Database (.cvd) file(s) installed in the appropriate location on your system. The default location for these database files is C:\Program Files\ClamAV\database, the database directory of your ` (in Windows).</p>
<p>Continuing in the PowerShell window:</p>
<ol>
<li>Run:<br />
<pre><br />
.\freshclam.exe<br />
</pre></li>
<li>freshclam will download some files and drop them in the database directory. This can take a minute or two depending on how fast your internet connection is. The files are a pretty large.</li>
<li>You are now ready to perform scans with ClamAV. If you using the portable install package, you may now copy the entire <code>clamav-0.100.1-win-x64-portable</code> directory to the computer(s) you wish to scan.</li>
</ol>
<hr />
<h3 id="steps-to-perform-basic-scanning">Steps to Perform Basic Scanning</h3>
<ul>
<li>Run this to scan the files in the current directory:<br />
<pre><br />
.\clamscan.exe .<br />
</pre></li>
</ul>
<p>This will scan the current directory. At the end of the scan, it will display a summary. If you notice in the clamscan output, it only scanned something like 60 files, even though there are more files in subdirectories. By default, clamscan will only scan files in the current directory.</p>
<ul>
<li><p>Run this to scan all the files in the current directory:<br />
<pre><br />
.\clamscan.exe --recursive .<br />
</pre></p></li>
<li><p>Run this to scan ALL the files on your C: drive, it will take <strong>quite</strong> a while. Keep in mind that you can cancel it at any time by pressing <code>Ctrl-C</code>:<br />
<pre><br />
.\clamscan --recursive C:\<br />
</pre></p></li>
<li><p>For more information on ways you can use clamscan, run:<br />
<pre><br />
.\clamscan.exe --help<br />
</pre></p></li>
</ul>
<hr />
<h3 id="faster-a-la-carte-scanning-with-clamd">Faster a-la-carte Scanning with ClamD</h3>
<p>You may have noticed that <code>clamscan.exe</code> takes a while to get started. This is because it loads the signature database each time you start a scan. If you require faster scanning of individual files, you will want to use <code>clamd.exe</code> with <code>clamdscan.exe</code> instead. Please note that many of the command line options for clamscan should instead be configured in <code>clamd.conf</code> when using <code>clamd.exe</code>.</p>
<p>Continuing in the PowerShell window:</p>
<ol>
<li>Run:<br />
<pre><br />
.\clamd.exe<br />
</pre></li>
</ol>
<p>The application will take a moment to load and then appear to hang, but it is in fact waiting for scanning commands from <code>clamdscan.exe</code>.</p>
<ol>
<li><p>Open a second PowerShell window as you did above, in the same directory.</p></li>
<li><p>In the second PowerShell window, you can now run <code>clamdscan.exe</code> much the same way you did with <code>clamscan.exe</code> above.<br />
<pre><br />
.\clamdscan.exe .<br />
</pre></p></li>
</ol>
<hr />
<h2 id="additional-notes-about-windows-specific-issues">Additional Notes about Windows-specific Issues</h2>
<h3 id="globbing">Globbing</h3>
<p>Since the Windows command prompt doesn't take care of wildcard expansion, minimal emulation of unix glob() is performed internally. It supports <code>*</code> and <code>?</code> only.</p>
<h3 id="file-paths">File paths</h3>
<p>Please always use the backslash as the path separator. SMB Network shares and UNC paths are supported.</p>
<h4 id="socket-and-libclamav-api-input">Socket and libclamav API Input</h4>
<p>The Windows version of ClamAV requires all the input to be UTF-8 encoded.</p>
<p>This affects:</p>
<ul>
<li>The API, notably the cl_scanfile() function</li>
<li>ClamD socket input, e.g. the commands SCAN, CONTSCAN, MUTLISCAN, etc.</li>
<li>ClamD socket output, i.e replies to the above queries</li>
</ul>
<p>For legacy reasons ANSI (i.e. CP_ACP) input will still be accepted and processed as before, but with two important remarks:</p>
<ol>
<li>Socket replies to ANSI queries will still be UTF-8 encoded.</li>
<li>ANSI sequences which are also valid UTF-8 sequences will be handled as UTF-8.</li>
</ol>
<p>As a side note, console output (stdin and stderr) will always be OEM encoded, even when redirected to a file.</p>
</body>
</html>