From a technical/security standpoint, there is a lot of things that's wrong with Windows XP. Things that naturally makes Windows particularly vulnerable besides just being a big, fat, target.
Internet Explorer, for example, is vulnerable through BHOD attacks, ActiveX, and is highly integrated into the OS' low-level processes. That's why Microsoft is making IE7 a "mandatory update". However, you can get away from all those vulnerabilities right now just by using FireFox or Opera.
Windows security features? Rather anemic. Windows firewall, for example, is only one way (protects you from the outside, but doesn't protect you data going out-bound), whereas most robust firewalls protects both ways, and they can be had for free.
And windows itself? The kernel isn't wide open, but too many processes and applications unnecessarily access it. On some other operating systems such as BSD, it's locked down tight. Access is done only through limited privileges, and touching only parts of the kernel that's relevant. The way it should be.
For those who are not sure what the kernel is, imagine if Windows is a car. In that case, the GUI such as the windows, the start button, and the menus are like the steering wheel, pedals, and controls in the dash; things you interact with. Well, the kernel then is the engine under the hood. You do NOT want a criminal getting under the hood of your car!
And yet, that's exactly what some (black hat) hackers can do with your OS without you even realizing it! Spywares and worms, in particular, are programs that can do all that automatically, and once installed, the first thing they usually do is pop your computer wide open (yes, even when you have all those security softwares installed), then phone home, and automatically update itself with patches! Yes, some get patches to further avoid detection.
Of course, once your computer is wide open, a black hat can then do whatever they want with your computer. No data on it is safe. And all this is done behind your back and the only thing you have to do is to turn on the power. And yes, some will even send you pop-up ads, which is why it lead me to believe your computer may have been severely compromised.
That's why IT geeks have the saying, "Nuke it from orbit. It's the only way to be sure!" Nuking as in repartitioning, reformatting, and reinstalling a fresh copy of Windows. Ghosting is acceptable as well.
Oh sure, I could be fearmongering, placing Windows in an unfair light. And yet, these are exactly the same things that Microsoft is racing hard and fast to get out the door with Vista.
Here's a related article on the security improvements one can expect in Vista. In it, it also implicitly names some of the current security woes inherent with Windows XP.
Sudden Deluge of Pop-ups
