I am getting a continuous “Caution, virus detected” audio message for the virus listed in my subject line. All attempts to Move/Remain, Delete, Repair, and Move to Chest don’t work and only cause the virus to duplicate itself non-stop. The virus causes continuous pop up Avast time out messages and/or Windows XP error “must close” messages. Is there any help for this?
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning
Select for scanning archives.
Boot.
Other option is scanning in SafeMode (repeatedly press F8 while booting): http://support.microsoft.com/default.aspx?scid=kb;en-us;315222
Other good thing is disable System Restore, boot, enable it again. If you find a virus keeps coming back after you delete it, it’s most probably infected the System Restore folder, the best way to solve this is to disable System Restore, reboot your machine and then enable it again. After all, run a full avast! scanning. Enable/Disable System restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;[LN];310405
Thank you for your suggstions. I will try them to the best of my ability. THANKS!!!
A google search returns many hits for service.exe
Note: service.exe is also a process which is registered as the WORM_KELVIR.DD and Win32.Raleka worms. These worms are distributed via the Internet through e-mail and comes in the form of an e-mail or an MSN instant message, in the hopes that you open it’s hostile attachment. The worm has it’s own SMTP engine which means it gathers E-mails from your local computer and re-distributes itself. In worst cases this worm can allow attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately. Please see additional details regarding this process
http://process.networktechs.com/service.exe.php
What does it do? Raleka is a worm-virus that spreads through the Internet by exploiting a vulnerability in the DCOM RPC service in Microsoft Windows. This vulnerability is detailed in Microsoft Security Bulletin MSO3-026 .It would appear that your OS is out of date as this if correct shows a vulnerability patched ages ago.