clamwin does not lock any files it scans - I think the problem is elsewhere and not with Clamwin

Hi all

I've recently installed clamwin and I got the same issue with a bunch of files (please see below) not being scanned. The reason that I'm a bit extra conserned is that I can't update Kaspersky right now for some unknown reasons and that I also got problems that an online scan by F-secure refused to start. I did however look clean according to an updated clamwin and norton online. But the issue remains, blocked files from clamwin and no update possible with kaspersky.

So would you guys (and girls) be worried especially taken this list of files into account.

Sincerly

/Petter

Scan Started Mon Sep 28 12:33:59 2009
-------------------------------------------------------------------------------

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\av3.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\A9RD4B6.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\flaCA.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\flaCB.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DF10DB.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DF176C.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DF4F1B.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DF9924.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFB3BB.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFDFC1.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFDFD3.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFE3BC.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFE3CE.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFE3EB.tmp: Permission denied
C:\Documents and Settings\Petter Vikman\Local Settings\Temp\~DFE3FD.tmp: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\system32\CatRoot2\tmp.edb: Permission denied
C:\WINDOWS\system32\config\default: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\software: Permission denied
C:\WINDOWS\system32\config\system: Permission denied
C:\WINDOWS\system32\drivers\fidbox.idx: Permission denied
C:\WINDOWS\system32\drivers\fidbox2.idx: Permission denied
C:\WINDOWS\Temp\cch~d56495a53.htp: Permission denied
C:\WINDOWS\Temp\cch~d56495d3d.htp: Permission denied
C:\WINDOWS\Temp\cch~d57400ad8.htp: Permission denied
C:\WINDOWS\Temp\cch~d57400e65.htp: Permission denied
C:\WINDOWS\Temp\cch~d5740fe40.htp: Permission denied
C:\WINDOWS\Temp\cch~d5741014d.htp: Permission denied
C:\WINDOWS\Temp\cch~d5741a873.htp: Permission denied
C:\WINDOWS\Temp\cch~d5741ab40.htp: Permission denied
C:\WINDOWS\Temp\cch~d576320aa.htp: Permission denied
C:\WINDOWS\Temp\cch~d57632391.htp: Permission denied
C:\WINDOWS\Temp\cch~d576c2d43.htp: Permission denied
C:\WINDOWS\Temp\cch~d576c3015.htp: Permission denied
WARNING: Can't access file D:\

----------- SCAN SUMMARY -----------
Known viruses: 624174
Engine version: 0.95.2
Scanned directories: 3312
Scanned files: 44703
Infected files: 0

Data scanned: 7932.46 MB
Data read: 18807.69 MB (ratio 0.42:1)
Time: 1490.500 sec (24 m 50 s)
--------------------------------------
Completed
--------------------------------------

I think it's unusual to see a lot of temp files locked, and I think you should normally be able to update your commercial antivirus. See if you can pass the Conficker test at https://www.confickerworkinggroup.org/infection_test/cfeyechart.html on the web. If it is positive, see if you can go to the Conficker Working Group's page at https://www.confickerworkinggroup.org/wiki/ on the web for some help.

If you are unable to get help, try to download Malwarebytes Antimalware (free edition) at https://www.malwarebytes.org/index.php on the web and do a regular quick scan and then a quick scan in Windows Safe Mode.

Let us know the results.

Regards,

I use two avs. I constantly try new free ones. This is the first time I have ever seen this kind of results. What gives?

I just tried Clam for the second time with the same results:



Scan Started Sun Dec 27 06:49:45 2009

-------------------------------------------------------------------------------



C:\Boot\BCD: Permission denied

C:\pagefile.sys: Permission denied

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bcdaa4eac609de99860fbeab35e1f939_fc0cfe84-44d4-4321-8261-832f0b2564c5: Permission denied

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fd8c519d1b9b4f74ad5b2ffe5e6d115a_fc0cfe84-44d4-4321-8261-832f0b2564c5: Permission denied

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Permission denied

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Permission denied

C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\bcdaa4eac609de99860fbeab35e1f939_fc0cfe84-44d4-4321-8261-832f0b2564c5: Permission denied

C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fd8c519d1b9b4f74ad5b2ffe5e6d115a_fc0cfe84-44d4-4321-8261-832f0b2564c5: Permission denied

C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb: Permission denied

C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Desktop\Public - Shortcut.lnk: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\Local Settings\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\gene\Local Settings\Microsoft\Windows\UsrClass.dat.LOG2: Permission denied

C:\Users\gene\ntuser.dat.LOG1: Permission denied

C:\Users\Public\desktop.ini: Permission denied

C:\Users\Public\Downloads\desktop.ini: Permission denied

C:\Users\Public\Pictures\desktop.ini: Permission denied

C:\Users\Public\Videos\desktop.ini: Permission denied

C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1: Permission denied

C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Permission denied

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0: Permission denied

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0: Permission denied

C:\Windows\System32\catroot2\127D0A1D-4EF2-11D1-8608-00C04FC295EE\catdb: Permission denied

C:\Windows\System32\catroot2\F750E6C3-38EE-11D1-85E5-00C04FC295EE\catdb: Permission denied

C:\Windows\System32\config\COMPONENTS: Permission denied

C:\Windows\System32\config\COMPONENTS.LOG1: Permission denied

C:\Windows\System32\config\DEFAULT: Permission denied

C:\Windows\System32\config\DEFAULT.LOG1: Permission denied

C:\Windows\System32\config\RegBack\COMPONENTS: Permission denied

C:\Windows\System32\config\RegBack\DEFAULT: Permission denied

C:\Windows\System32\config\RegBack\SAM: Permission denied

C:\Windows\System32\config\RegBack\SECURITY: Permission denied

C:\Windows\System32\config\RegBack\SOFTWARE: Permission denied

C:\Windows\System32\config\RegBack\SYSTEM: Permission denied

C:\Windows\System32\config\SAM: Permission denied

C:\Windows\System32\config\SAM.LOG1: Permission denied

C:\Windows\System32\config\SECURITY: Permission denied

C:\Windows\System32\config\SECURITY.LOG1: Permission denied

C:\Windows\System32\config\SOFTWARE: Permission denied

C:\Windows\System32\config\SOFTWARE.LOG1: Permission denied

C:\Windows\System32\config\SOFTWARE.LOG2: Permission denied

C:\Windows\System32\config\SYSTEM: Permission denied

C:\Windows\System32\config\SYSTEM.LOG1: Permission denied

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Permission denied

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Permission denied

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Permission denied

C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Permission denied



----------- SCAN SUMMARY -----------

Known viruses: 678729

Engine version: 0.95.3

Scanned directories: 31646

Scanned files: 154257

Infected files: 0



Data scanned: 47511.60 MB

Data read: 38602.15 MB (ratio 1.23:1)

Time: 13343.324 sec (222 m 23 s)

--------------------------------------

Completed

--------------------------------------

Well, you certainly have a lot of permissions denied! Is this normal--do you have a similar problem with your other AV during a scan?

You shouldn't normally have a tmp/temp file denied--or a log file. Hiberfile/pagefile are okay--they are Windows system files for which ClamWin always shows permission denied. As for the boot denial, are you running some kind of backup/snapshot/restore program? That's probably okay if you are.

I suggest you do a scan in Safe Mode and see what happens (see if you find any viruses). Scan with both ClamWin and your other AV. Then download Malwarebytes free antimalware program (free edition) and run a Quick Scan in normal mode and then in safe mode and see what happens. Replace your other AV with Microsoft's free Security Essentials and run a QuickScan in normal mode and see what happens. Then run a Full Scan in normal mode. Then run an online scan from either Eset (NOD32) or Trend Micro and see what happens. Finally, get one of the Rescue CDs mentioned on the ClamWin antimalware page--maybe Dr. Web or Kasperskly. You save their file and then burn it to a CD as an ISO file, and it's ready to use. Be sure to update the signature database before scanning because it may be old.

The Rescue CD should find anything on your computer (providing it is in its signature database) because it uses a built-in Linux OS--not the Windows OS on your machine. That may be all you need, but I would do a scan with Malwarebytes prior to that at least. Let us know your results.

Regards,

Hey I scanned for first time last night and came up with a bunch of locked files. I see some on other posts and assume they are just system files. However some just seem suspect to me so I am wondering what you all think. Also, I am running MalwareBytes as we speak so hopefully it catches w/e is no good. Here is the report and thank you:


WARNING: Can't open file C:\boot\bcd: Permission denied

WARNING: Can't open file C:\pagefile.sys: Permission denied

WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6af9916e0c621d7b7d78bf1bcd58c6a4_b3d56680-539e-4f2f-9af0-9cf4167c06cf: Permission denied

WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_b3d56680-539e-4f2f-9af0-9cf4167c06cf: Permission denied

WARNING: Can't open file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Permission denied

WARNING: Can't open file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Permission denied

WARNING: Can't open file C:\Users\Admin\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied

C:\Users\Admin\AppData\Local\Temp\NERO13349\Toolbar.exe: Removed.

WARNING: Can't open file C:\Users\Admin\ntuser.dat.LOG1: Permission denied

WARNING: Can't open file C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\6af9916e0c621d7b7d78bf1bcd58c6a4_b3d56680-539e-4f2f-9af0-9cf4167c06cf: Permission denied

WARNING: Can't open file C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_b3d56680-539e-4f2f-9af0-9cf4167c06cf: Permission denied

WARNING: Can't open file C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb: Permission denied

WARNING: Can't open file C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb: Permission denied

WARNING: Can't open file C:\WINDOWS\ServiceProfiles\LocalService\ntuser.dat.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\catroot2\127D0A1D-4EF2-11D1-8608-00C04FC295EE\catdb: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\catroot2\F750E6C3-38EE-11D1-85E5-00C04FC295EE\catdb: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\components: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\COMPONENTS.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\default: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\DEFAULT.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\COMPONENTS: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\DEFAULT: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\SAM: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\SECURITY: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\SOFTWARE: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\RegBack\SYSTEM: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\sam: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\SAM.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\security: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\SECURITY.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\software: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\SOFTWARE.LOG1: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\system: Permission denied

WARNING: Can't open file C:\WINDOWS\System32\config\SYSTEM.LOG1: Permission denied

You probably don't have anything to worry about--especially if you have been doing regular scans with an updated MBAM for a while. It is usually very good at finding working infections on a computer. I spot more infections with its on-demand scans than in real-time mode on the computer I work malware with.

You might see if you could get an MD5 hash of any files that you don't know anything about and do a hash search for them (one at a time) on Google or on VirusTotal. If a file is really bad and has been around for a while, you will frequently get some information on it via one of these two sources. If anything is bad, see if you can delete it via Malwarebytes' File Assassin tool.

Lastly, you might do an online scan with NOD32 or Bitdefender just for extra piece of mind. I have more luck with Bitdefender--can't see to get NOD32 to work on my Vista any more.

Regards,

your scan looks ok:

C:\Users\Admin\AppData\Local\Temp\NERO13349\Toolbar.exe: Removed.

that looks suspicious to me

permission denied on that files is ok by looking at the paths

clamwin wont scan anything for me every file says WARNING: Can't open file and Permission denied and i'm freaked out that i got a virus from when my webpage i clicked on resized itself and said i was in danger of a trojan

hi,

i got allot of these "permission denied" reports on my first scan.

since then i ran https://sourceforge.net/projects/littlecleaner/ Little Registry Cleaner subsequently i only get this one now...


i am guessing that its okay.

please advise.

thank you.

Most permission denied files are okay. ClamWin is unable to scan files that are in use when it is scanning and also files that are locked by the Windows operating system. You can upload files to either the Jotti scanner or the Virus Total scanner where they will scan your file with multiple antivirus programs. I like to see at least 2 of these scanners verify an infected file before I believe it: AntiVir, Bitdefender, Kaspersky, NOD32, and Sophos. Jotti is at https://virusscan.jotti.org/en and Virus Total is at https://www.virustotal.com/ on the web.

Regards,

I realize this is an old post. Is there a way to disable this behaviour? This just dumps a whole bunch of nearly entirely useless information (could entirely be replaced with a line: Run with Elevated Privileges YES/NO" rather than hundreds of lines of garbage) which makes it nearly impossible to actually see the real problem: The virus.

I am writing this after getting a virus alert in my email and having to stop the car, find a place with a phyisical computer to actually sit down and read the message from the virus checker because 99.9% of the crap that was emailed to me as a "log" was useless "permission denied" bullshit that doesn't help in ANY way. The only thing it does is make it harder to actual see what virus and file is causing the problem.

Please remove this or find a way to present the data such that it isn't actively counter productive to the objective of the application itself.

i was getting a ton of permission denied log lines when running a scan. I had thought this was a user restriction and in a way it is. After running as an administrator i managed to significantly limit the number of the permission denied lines (down to 2 from a few thousand). Hope this helps!

I don't know if this will help, but you might try to install ClamWin as an administrator. Just right click the install program and choose run as administrator. I still get some permissions denied, however, when I do a memory scan. The message tells me to run as an admin to scan a few programs. I guess the developers need to change the install program to set admin flags.

Regards.

Could it also be that ClamWin does not run as a service?