Hi there, On Mon, 12 Jul 2021, Michael Wang via clamav-users wrote:
I run ClamAV on windows using the latest portable installation with all default configuration.
What version of ClamAV, and where did it come from?
I run the task scheduler under the SYSTEM user with the highest credentials checked, but I still have lots of permission denied messages.
That's to be expected if the scanning process can't read the data.
I logged in locally and checked one of the files under a powershell window as *ADMINISTRATOR*, and I got: *PS C:\Users\j.doe\AppData\local\Microsoft\Windows\WebCache> more .\V01.log* *Get-Content : The process cannot access the file 'C:\Users\j.doe\AppData\local\Microsoft\Windows\WebCache\V01.log' because it is being used by another process.*
The 'more' command is a pager, not a scanner. In what you've posted I see no evidence of a ClamAV process doing (or failing to do) anything.
So do I have to live with it? If there is a virus file and this file is being currently used, clamscan cannot detect it?
Not necessarily. If the scanner does not have permission to read something which you want it to scan, then obviously it cannot scan it. This applies just as much to devices and data streams via sockets as is does to files. It's up to you to arrange for the scanner to have permission to do what you want it to do. And in my view it's usually pointless to scan a log file with a virus scanner - if indeed that is what you're doing - and this applies especially to the log which is recording the progress of the scan. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
