Win XP - cannot boot into safe mode

Yes! Delete the folder and anything in it and have HJT fix the line for it.

Then get RegistrarLite install and start searching for those CLSIDs. If you don't know what I mean or need help trying to do that, tell me.

 

You're welcome! That looks better! And that was after a reboot and running an IE session right! Maybe you should take a quick right now (even with the browser open this time).

 

Okay looking good! As far as the firewall! You have to police yourself and becareful when you give applications permission to go out or come in. You need to know what the application is before you say yes. Anytime you install something new or uninstall and reinstall you may get a message about some component looking to get out. It's up to you to decide what's good and what's bad and also even if good you can also say no to allowing it access to the internet. I do this last one all the time for applications that I feel have no business needing anything from the net.

One last comment I also sat on. This line in you HJT:
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)

That would appear to me that something is missing for your WinPcap program. Do you need this?

 

This is what it is from: http://winpcap.polito.it/
and http://winpcap.mirror.ethereal.com/301a/docs/main.html

Do you have WinPcap installed? Check Add/Remove programs. It is a valid program for capturing packets. It could be that you installed it along with something else to analyze ethernet packets or similar.

 

Malware is real good at leaving stuff all over the place and it is not always easy to find all the pieces. What were the file names that Avast found? Did it fix them?

 

Okay! So therefore I assum we are finished here! Right?

 

You're welcome.