You could just reinstall windows over the top of the one that's there already (or better, in a different folder - c:\win for example, then you can delete c:\windows and all the extra crap in there). You'd lose the use of all installed programs, but all your files would still be on the HD and accessible.

Really? Ah! I didn't know that was possible. I thought it was an all or nothing scenario. So that would probably clean out whatever is cacking up my machine. Hopefully. Thanks hugele for the info. I might give that a go. I should be able to do that from the Windows XP discs shouldn't I?

For installed programmes that I've bought without physical media (like Nero), any idea if there is a central place I can find all my passwords or access keys so I have them when I go to reinstall everything?

You can keep all your document and non-program data if you create another version of XP on the same partition.

Try downloading and running hijackthis! . You can paste the logfile it produces into www.hijackthis.de and it'll tell you what bad (and not always virus) stuff you have in there. The most common way to get ballsed up nowadays is through things like internet explorer activex components and the like. hijakcthis can disable them.

System Idle Process means that nothing's happening, so the higher the %age, the less that's going on with your PC.

Be wary of a windows reinstall over the top, some things will be reverted backwards (directx is a good example).

If you want to keep your program information, keys etc., your best bet is to use regedit to do a full backup, which you could then re-import afterwards.

I'd seriously try hijackthis! first though.

Just take some precautions. I don't know how XP handles it, but Win2K, which has a very similar directory structure will replace the "Documents and Settings" folder: if you are using the Administrator profile, during the install Windows will just replace your existing Administrator profile with a brand new one. As many programs store informations there (for example Firefox cache), you'll might want to have a backup of it.

[edit] if you really are on SP1, upgrade to SP2, even if you hear around that many "security" functions are useless. Some of them really are useless (like the one-way firewall), but SP2 includes many important security updates that might prevent further infections by backdoors and such. If you are going to reinstall anyway, first download the SP2 and then go to www.autopatcher.com and download the upgrade package for WinXP SP2. A free antivirus and a firewall will be a good addiction, too. Before reinstalling, unplug you net cable/modem, install, apply the SP2 and the upgrade package, install the antivirus, the firewall, reconnect your PC to the net, let the antivirus update and you'll have a reasonably safe OS to work with.

[edit2] URL corrected

Thanks guys. I'll give that Hijackthis a try and see what it gives me. Briareos, the funny thing about trying to upgrade is that it seems it won't let me do it through Firefox - and IE won't run long enough to get the upgrade going. I'm not sure why the upgrades seem to be tied to IE but I can't seem to get them to run.

Oddly enough, with whatever messing about I've been doing to fix this, I'm now getting a blue screen 'stopping windows' error when I boot up. It will only let me boot up if I press F8 on startup and choose 'last known good configuration'.

So I'll give that Hijackthis a go and let you know how I get on. Strangely enough, Firefox seems to be getting more stable as this goes on so I can surf properly again. I still can't navigate my folders though. Thanks for the help!


Edit: Okay, that Hijackthis picked up a few unknowns and one 'nasty' which was 'Service.exe'. So I fixed that through Hijackthis and rebooted (as it asked) but got the blue screen again which meant that I had to use 'last known configuration' again. Now I don't know how that works at all but Service.exe was back in all its glory. I tried deleting it manually and, once again, it reappeared when I rebooted. Any ideas if that is because of the nature of the malware or is that because I'm having to pick 'last known good configuration' each time? Also, would I be right in thinking that, if this is malware, installing XP again won't fix it?

These nasty little programs like to add registry entries to recreate themsleves ar startup or once deleted, if both Hijack and Spybot aren't able to track all entries down and delete them, it's safer to reinstall it from the beginning.

Of course, MS wants you to use its browser to update its operating system.
If you aren't able to upgrade, again, it would be faster to reinstall the whole thing. You can try adding patches to prevent further leaks or intrusions, but you'll still have a very unsafe base.

Probably Hijack deleted a registry entry created by the malware and the malware is trying to recreate it through an other registry entry, but Hijack is preventing it and the system locks up. Reinstalling Windows without formatting will solve the problem (it's a completely different directory that won't be considered "active" if you don't boot with that installation), though I find it...urhm...unelegant. Having two Windows directories on the same partition is huge waste of space and things can get messed up more than they are used to. If the situation is so dire, a clean format will give you less headhaches than managing two Windows installations. Just double check your backups first.

Cool, thanks for the help. I've actually thought of a backup solution which I'll have access to later in the week so I might live with this as much as possible for now and then back up and do a clean format. Because I have so much crap on my machine, I think having two Windows directories could be really messy.

Thanks for the help - I really appreciate it.

When you reinstall everything you should make partitions on your drive. I like having 1 partition for windows and all my program files and several others for media and storage so that if anything goes wrong I can just format the windows partition and all my other stuff will be preserved.

Anyone know where in Regedit I'll find my keys to activate certain programmes? Regedit seems tricky to navigate and I would assume I don't want to keep everything as there will likely be bits of whatever nasty stuff in my computer in there.