Using the steps below, I managed to eliminate most visible traces of infection. The only persistent symptoms are:
1) google searches are redirected (in both IE and Firefox) to go.google.com ad sites
2) most websites (including bleeping computer) are blocked.
3) during the scan-and-fix process, the integrity of my system's logon screen got corrupted. Now, about half the time, the computer simply hangs while I type my logon password (XP Professional SP3).
Steps taken to resolve:
1) When I thought it was all XP Antivirus 2009, I followed manual deletion steps I found online, cleaning out all critical system folders of all files with specific names, and all files created or last modified at the same time as those files.
2) When that didn't work, I used a second computer to download malwarebytes, sdfix, spyhunter, norton360, hijackthis, smitfraudfix, and other anti-spyware programs. I transferred them through hard disk to the infected computer and systematically tried every possible scan for several days. The only thing which helped was running SDFix in Safe Mode. That temporarily resolves the problem. But it keeps coming back.
3) I tried killing various services, mucking with registry settings, and combining that with various bits of software from step 2.
4) I tried running different variations of software AFTER running SDFix. I found the software could at least download its definition updates once SDFix had run.
5) I followed all the pre-posting directions on your website. Again, the only thing that really provides any temporary relief is SDFix.
I've attached several log files:
1) sd_fix_report.txt - This is the most recent run of SDFix, finished just a few minutes ago, which is how I can connect to your site.
2) hijackthis_right_after_sdfix.log - as the name implies
3) hijackthis_redirecting.log - a HijackThis log I took yesterday, with symptoms present.
4) hijackthis_not_redirecting.log - a HijackThis log I took yesterday, after an SDFix run, without symptoms present.
5) rapport.txt - For good measure, I've attached a SmitFraudFix report that I ran at some point during this process, after most infections had been removed.
I appreciate any and all help.