Finally, using all available information from HT and from information on the web relative to trojans on XP, I killed the beast as follows:
1. Remove the following files and all the registry entries referencing these:
WINNT\system32\: cmd32.exe, z11.exe, z12.exe, z13.exe, z14.exe, dial32.exe
2. Shutdown the computer.
3. Remove the hard drive.
4. Set the hard drive up as a slave drive.
5. Install the hard drive in A DIFFERENT WINDOWS COMPUTER as a SLAVE.
6. Start Windows on the second computer.
7. Open a command window.
8. Switch to the original drive (containing the trojan)- eg. "I:"
9. cd to the directory containing the trojan: cd WINNT\system32
10. Delete the trojan dll: "del browsela.dll"
11. Shutdown the second computer. Remove your original hard drive.
12. Set the hard drive up as MASTER (do not forget this).
13. Re-install the hard drive in your computer.
14. The computer should boot now without running browsela.dll (it is no longer there).
15. Run HiJackThis and remove fix any residual registry issues.
16. Restart the machine.
17. Repeat 15. This time you should have a clean machine.
Edited by ElanEdTheSailor, 02 January 2006 - 04:20 PM.