My friend has a computer which has an odd malware or setting, or something, on it. It's using Windows XP Pro SP3
There is 1 harddrive, split into 3 partitions. The other partitions don't look like they have anything odd, just some photos, videos, music, games, etc.
So the problem:
When I install a program, after reboot, the program is gone
When I uninstall the junk that's on here, after reboot, it's back
When I update the anti-virus, or Windows Updates, etc, after reboot, it's back to the initial out-of-date state
When I try to change settings, like turning on Windows Firewall, after reboot, it's off again
When going into Safe Mode, there's two administrator accounts (Administrator and lEt'sgO!)
lEt'sgO! is the default user that the computer uses when running Windows normally.
I've tried deleting lEt'sgO!, after reboot, it's back, and it's the default user logged on to.
During boot, there are 2 options, Windows XP, and a Norton Ghost thingy - no idea how to use it or how it works (couldn't understand a thing when I tried going into it to see what it was)
I updated Avast and it found 2 items, but that didn't change again.
Spybot Search and Destroy found various things, but nothing changed
I am now going through all the various tools I can find to scan the system (https://forums.malwarebytes.org/index.php?/topic/159381-malwar...wnloading/
Will this work? Or is there something else?
I really want to avoid having to reinstall Windows, but if that's the only option, then I guess it must be done.
Any ideas anyone?