Neither XP's firewall (spit) nor your router provide outbound protection and where you are more vulnerable is if there is a keylogger trojan on your system, it could copy what you are doing, usernames, passwords, etc, it could then connect to the internet and there is nothing to stop them. So it would make sense to pause internet banking until you get a firewall that provides this protection.
It shouldn't effect your collection of email or browsing as those two are monitored by avast, but adding ewido to your defences (run it in safe mode for the first time, this should be a priority) will improve overall detection. No one program is likely to catch/detect everything.
What was suggested for the startup was basically removing a registry key to run that Windows Update.hta so you don't get the error message aout the "Error the system cannot find the file specified" I assume that you are no longer getting the message no you have rebooted ?