Can't help you with the possible Trojan, sorry.

XP's firewall restricts inbound traffic, BUT doesn't stop unauthorised outbound traffic. So if your malware IS a Trojan and starts sending your personal stuff out, like passwords, keystrokes, etc, then XP's firewall will let it.

ZoneAlarm, Outpost and others protect in both directions, so your best bet is to disable XP's firewall and use a good alternative.

AA