ive just rebuilt my pc and left it on the net overnight without a firewall or virus checker, download a few things, installed firewall and avg and after a scan it reported picking up lovesan virus. it said it cleaned it successfully. the firewall also picked up action with netsvc.exe and lsa shell trying to access the net, but they are now disabled.

the problem is now every time the windows screensaver activates avg reports lovesan is still around. after doing a full scan it says the system is clean, i also insalled norton av and it says clean, also ran mcafee stinger which also reports clean. for some reason avg sheild keeps reporting lovesan is active fromc:/system volume information/ blah blah ect/0004472.exe and when i browse that dir (its hidden) it says its empty.

im not sure if im infected or not?

Sounds like windows backed the file up to the system restore directory. Disable system restore and delete the lot, then switch it back on again.

Else, format again and this time dont leave your pc open to the internet like that, install the firewall before you even consider connecting in fact.

another possibility is that its overwritten the screensaver

when you turn off system restore does it automatically delet the restore files?
the system volume information directory is not accessible for manual delete.

It's all well and good to install and update your antivirus scanner but did you actually download the Windows patch for the Lovesan exploit here (http://www.microsoft.com/downloads/details.aspx?familyid=e70a0d8b-fe98-493f-ad76-bf673a38b4cf&displaylang=en) (along with all the other Windows security updates you need from Microsoft)? I'd also recommend visiting this page (http://www.microsoft.com/security/incident/blast.asp) too.

yup installed those, seems lovesan has gone and the system restore files are automatically deleted.

lots of netsky in my inbox today, looks like i will be busy at work this week.