Obviously a hoax I went off-line and started to clean out my system, finding several programs and other nasty programs that had installed. I also found the image file that had been used to simulate a warning message by setting as my desktop background.
Now after having cleaned it all up, everything is back to normal and I'm pretty sure I got it all. Only, it must have changed some setting or I have been a bit to thorough with deleting files, cause when right clicking on the desktop and selecting properties, the tab that used to be at the top allowing to change background is missing. There are only the "Screen saver" and "Settings" tab. I tried reinstalling my video-drivers but no go. Desktop background is simply a black screen.
I've followed the various instructions on this site about cleaning my system, and my logfile is attached. Hoping there is some simple solution.
Thanks.
Logfile of HijackThis v1.99.1
Scan saved at 23:52:41, on 14-04-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
d:\AVPersonal\AVGUARD.EXE
d:\AVPersonal\AVWUPSRV.EXE
D:\OUTPOS~1.0\outpost.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Snefens\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virtualpilots.fi/LLv34/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Outpost Firewall] "D:\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [AVGCtrl] d:\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: SpySubtract.lnk = D:\SpySubstract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\OUTPOS~1.0\trash.exe (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\OUTPOS~1.0\trash.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1100205412303
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.dans...B/e-Safekey.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - d:\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - d:\AVPersonal\AVWUPSRV.EXE
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - D:\OUTPOS~1.0\outpost.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe