The version I am running is clamav-0.103.3-win-x64-portable.zip <https://www.clamav.net/downloads/production/clamav-0.103.3-win-x64-portable.zip> from https://www.clamav.net/downloads#otherversions . The advantage of using the portable version is that you do not need to install, but just to use the software from the network path.
I understand "more" is not clamscan, I was just showing that the file in question cannot be opened with clamscan nor with "more" as administrator. I also understand if clamscan cannot read a file, it cannot scan it. My question is how I can let clamscan to read a file, as I have shown that even I cannot "more" a file used by another process as administrator. If clamscan cannot scan a file used by another process, then I question the usefulness of the software because a hacker can just install a virus file and use it, clamscan will not be able to detect it. On Mon, Jul 12, 2021 at 11:45 AM G.W. Haywood via clamav-users < clamav-users@lists.clamav.net> wrote: > Hi there, > > On Mon, 12 Jul 2021, Michael Wang via clamav-users wrote: > > > I run ClamAV on windows using the latest portable installation with all > > default configuration. > > What version of ClamAV, and where did it come from? > > > I run the task scheduler under the SYSTEM user with the highest > > credentials checked, but I still have lots of permission denied > > messages. > > That's to be expected if the scanning process can't read the data. > > > I logged in locally and checked one of the files under a powershell > window > > as *ADMINISTRATOR*, and I got: > > > > *PS C:\Users\j.doe\AppData\local\Microsoft\Windows\WebCache> more > .\V01.log* > > *Get-Content : The process cannot access the file > > 'C:\Users\j.doe\AppData\local\Microsoft\Windows\WebCache\V01.log' because > > it is being used by another process.* > > The 'more' command is a pager, not a scanner. In what you've posted I > see no evidence of a ClamAV process doing (or failing to do) anything. > > > So do I have to live with it? If there is a virus file and this file is > > being currently used, clamscan cannot detect it? > > Not necessarily. If the scanner does not have permission to read > something which you want it to scan, then obviously it cannot scan it. > This applies just as much to devices and data streams via sockets as > is does to files. It's up to you to arrange for the scanner to have > permission to do what you want it to do. And in my view it's usually > pointless to scan a log file with a virus scanner - if indeed that is > what you're doing - and this applies especially to the log which is > recording the progress of the scan. > > -- > > 73, > Ged. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
