search
top

Installing and Configuring ClamWin and Clam Sentinel on Windows Server 2008 and 2012

Recently put in some replacement servers and ran into the issue of Antivirus protection for the server. Usually this is a paid service for servers. In this case that was not an option and thus the search for a free or low cost solution. ClamWin is a free AntiVirus tool that will run on Windows Server. In this post we will discuss installing and configuring exclusions and scans on Windows Server 2008 R2 and 2012 R2. We will also cover the addition of another project Clam Sentinel to add real time scanning and several other features.

Getting ClamWin

Download the latest install from http://www.clamwin.com/.

Installing ClamWin

Installation as with most programs is to click and accept the defaults for installation. By default the program will install to c:\Program Files (x86)\ClamWin.

Start the installation and click next when ready

clamwin1

 

clamwin2

Accept the agreement and click Next.

clamwin3

Click Next

clamwin4

Accept the default path for installation and quick next.

clamwin5

Typical installation will do the trick, click next.

clamwin6

Click next to aceppt Start Menu Folder location.

clamwin7

 

Click the create desktop icon if you like, by default it is unchecked.

clamwin8

Click Install to start the installation.

clamwin9

Installation will progress along.

clamwin10

Once the installation has completed ClamWin will update it’s virus database.

clamwin11

Click Finish to complete the installation.

Installing Clam Sentinel

Clam Sentinel is a system tray application that detects file system changes and scans the files modified using ClamWin. It also detects new drives added (like usb pen) and monitors these units until the program is closed or until the device is disconnected. Clam Sentinel can be downloaded from here.  The current version at this posting is 1.22.

The Clam Sentinel project, which adds a real-time capability to ClamWin when files are added/modified/copied, but it does not offer true on-access protection. Clam Sentinel is free, open source like ClamWin. Their site is http://clamsentinel.sourceforge.net

  • free & full-featured real-time scanner for ClamWin Antivirus
  • Adds a real-time scanner to ClamWin
  • Optional system change messages
  • Proactive heuristic protection
  • USB and removable drive protection
  • Uses ClamWin quarantine folder
  • Scan logs for real-time, drives, memory, and messages
  • Default configuration suitable for most users
  • Easy custom configuration via system tray icon
  • Supports Windows 98 and newer computers
  • Supports English, Italian, French, German, Dutch, Spanish, Polish, Japanese, Russian, Portuguese, Bulgarian, Indonesian and Azeri languages
  • Multiple user support

Now that we have downloaded the Clam Sentinel installation we can start the installation. Double-click to start the installation.

clamsentinel1

Click OK to accept the language.

clamsentinel2

Click Next.

clamsentinel3

Accept the license agreement and click next.

clamsentinel4

Click the Start Clam Sentinel automatically for all users and click next.

clamsentinel5

Click next to accept the installation destination.

clamsentinel6

Click next to accept the start menu folder location.

clamsentinel7

If you want the icons select the boxes and click next.

clamsentinel8

Click install to start the installation of Clam Sentinel.

clamsentinel9

Click Finish and Clam Sentinel will start.

clamsentinel10

First thing Clam Sentinel will do is ask for the drives you want to have it monitor. Click Confirm and Clam Sentinel will appear as a shield icon in the corner. One thing you want to do is to exclude what you don’t want Clam Sentinel to look at. We do this by creating a whitelist.

Creating Exclusions (Whitelist)

Any program or file you do not want blocked will need to be added to the whitelist. As Clam Sentinel will quarantine it. To get to the dialog to make these exceptions right-click on Clam Sentinel in the status bar and move to Advanced Settings > Paths or Files not Scanned.

clamsentinel11

 

Clam Sentinel will present an interface to add and remove files, directories and extensions.

clamsentinel12

To add an exclusion, just type in the space provided and click add. Some examples of exclusions are listed below.

 

  • Exclude one file everywhere – clamscan.exe
  • Exclude One file in one folder – C:\Program Files (x86)\ClamWin\bin\clamscan.exe
  • Exclude an entire folder – C:\Program Files (x86)\ClamWin\bin\*

It is best to use the full folder description for a file–otherwise, there could be a malware that calls itself by the filename (say clamscan.exe), so the full folder description will stop that.

Clam Sentinel also allows you to add and remove extensions to be scanned. Right-click on Clam Sentinel in the status bar and move to Advanced Settings > Extensions Scanned. Add and remove what you would like. No need for the wild card * to be in the entries, just .PS1 for example will do.

clamsentinelset1

There are many other settings available under Advanced Settings menu.

  • Choose disks to monitor
  • Extensions scanned
  • Paths or files not to be scanned (Default has 3 listed, add what you need to be excluded.)
  • Paths where all files will be scanned (Set to blank, meaning whole drive defined in Choose disks to monitor setting)
  • Maximum number of simultaneously active scans (Default is 1, allowed setting 1 – 10)
  • Max filesize for logs. (Default is 5 MB)

there are other settings available in Clam Sentinel in the Settings selection. Right-click on Clam Sentinel in the status bar and move to Settings where you can select you want Clam Sentinel to do.

  • Scan the memory when a program starts (not checked)
  • Write scan activity to the log (checked)
  • Detect and monitor new drives (checked)
  • Ask to scan new drives (checked)
  • What to do when an infected file has been found (Default is Move to quarantine folder)
  • Monitor system for new malware
    • Detect suspicious files and warn about system changes
    • Detect suspicions files only (default)
    • Disabled
  • Notify of new versions (checked)

Other menu selections are as follows

  • Memory scan
  • Quarantine
    • Quarantine folder
    • Sentinel Recover
  • Logs
    • Real Time scan
    • Memory Scan
    • Drive Scan
    • Messages
    • Quarantine
  • Start
  • Stop
  • Check Latest Version
  • Visit Clam Sentinel Website
  • About
  • Exit

With a combination of ClamWin and Clam Sentinel you now have a way to have AntiVirus and realtime protection for your small office or business.

 

 

One Response to “Installing and Configuring ClamWin and Clam Sentinel on Windows Server 2008 and 2012”

  1. Jo Go says:

    clamwin can not update the virus database after installed on windows server 2008 R2.

    I have to switch to clamav with unmunet 3.

    Any way thank you !

Leave a Reply

Your email address will not be published. Required fields are marked *

top