Can't Load Firewall

I'm trying to clean up an old Toshiba laptop running winxp pro. It was severely infested with many different trojans and spyware. I followed the directions on the posting of how to clean up and prevent spyware, malware and trojan infections. After running all the scans and removal tools it looks clean however I have an odd problem that makes me think I missed something. I cannot load firewall software. The installation seems to proceed normally but I cannot see any evidence afterwards that it is running nor can I access the control panel for the software. I have tried both zone alarm pro and sygate with the same results. I disabled my anti-virus software (mcaffee 8.0i) for both installations. I have not installed sp2 so the windows firewall is not present on the system.

Any ideas?

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Attachedis the log file.

 

First, please look in Add/Remove Programs and uninstall the following if found:

NewDotNet

After you uninstall the above, reboot into Safe Mode and run Spybot S&D. Before you run the scan, go into Advanced Mode and uncheck ALL of the ignored items. Once items are unchecked do a full scan and remove all infections.

Doing the above will remove the entries below. After you have completed the above, reboot and post a fresh HJT log from normal mode.

O10 - Hijacked Internet access by New.Net

 

Found and removed New.net, rebooted into safe mode and ran the ad-aware scan as instructed. Found one additional critical threat and some small stuff. all of which I removed.

Still no sign of the firewall after start up.

Attached is the second log.

 

Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled


Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank

O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)

O23 - Service: fxSVC (fxScanner) - Unknown owner - C:\WINNT\fxsvc.exe (file missing)
O23 - Service: jfpbgit - Unknown owner - \\216.164.50.75\ADMIN$\cpsdv.exe" -service (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Click Start > Run > type services.msc and Click OK

Locate fxSVC (fxScanner) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

NOW:
Click Start > Run > type services.msc and Click OK

Locate jfpbgit and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

NEXT:
Run CCleaner

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.