Google redirect malware: Combo Fix help request

I have run Combo Fix (before seeing that I was supposed to wait for a helper to direct me), and it last told me to wait while it rebooted the computer. That was about 30 minutes ago. The Windows XP desktop background photo is on the screen, with the mouse cursor available to move around. There are no other taskbars, or anything else on the screen. What is the most time that this step could take and still be operating normally? If this is not normal, what should I do next to get the process going again?

I restarted the computer, and ComboFix completed. Here is the ComboFix Log:

ComboFix 11-02-26.01 - Eric 02/27/2011 6:46.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2430 [GMT -5:00]
Running from: c:\documents and settings\Eric\Desktop\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Eric\Application Data\07978FF2AECBC6B5B0F66B3B36E3A92E
c:\documents and settings\Eric\Application Data\07978FF2AECBC6B5B0F66B3B36E3A92E\enemies-names.txt
c:\documents and settings\Eric\Application Data\07978FF2AECBC6B5B0F66B3B36E3A92E\local.ini
c:\documents and settings\Eric\Application Data\07978FF2AECBC6B5B0F66B3B36E3A92E\lsrslt.ini
c:\documents and settings\Eric\Application Data\Adobe\plugs
c:\documents and settings\Eric\Application Data\OfferBox
c:\documents and settings\Eric\Application Data\OfferBox\config.dat
c:\documents and settings\Eric\Application Data\OfferBox\config.xml
c:\documents and settings\Eric\Desktop\Improve Your PC.lnk
c:\documents and settings\Eric\Start Menu\Programs\System Tool
c:\documents and settings\Eric\Start Menu\Programs\System Tool\System Tool 2011.lnk
C:\Install.exe
c:\windows\system32\spool\prtprocs\w32x86\Ppbiproc.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((( Files Created from 2011-01-27 to 2011-02-27 )))))))))))))))))))))))))))))))
.

2011-02-27 10:30 . 2011-02-27 10:30 -------- d--h--w- c:\windows\msdownld.tmp
2011-02-27 10:29 . 2011-02-27 10:29 -------- d-----w- c:\program files\Microsoft
2011-02-27 10:29 . 2011-02-27 10:29 -------- d-----w- c:\program files\MSN Toolbar
2011-02-27 10:29 . 2011-02-27 10:29 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-27 10:28 . 2011-02-27 10:29 -------- d-----w- c:\program files\Bing Bar Installer
2011-02-27 06:47 . 2011-02-27 06:47 -------- d-----w- C:\$AVG
2011-02-27 06:09 . 2011-02-27 06:09 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2011-02-27 05:39 . 2011-02-27 05:39 -------- d-----w- c:\documents and settings\Eric\Application Data\AVG10
2011-02-27 05:37 . 2011-02-27 11:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-02-27 05:29 . 2011-02-27 05:35 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-02-27 05:05 . 2011-02-27 05:05 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-27 05:02 . 2011-02-27 05:02 -------- d-----w- c:\documents and settings\Eric\Local Settings\Application Data\Sunbelt Software
2011-02-27 05:00 . 2011-02-27 11:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2011-02-27 03:28 . 2011-02-27 03:28 76696 ----a-w- c:\windows\system32\drivers\pxrts.sys
2011-02-26 21:57 . 2011-02-27 03:17 -------- d-----w- c:\program files\Common Files\PC Tools
2011-02-26 21:57 . 2011-02-26 21:57 -------- d-----w- c:\documents and settings\Eric\Application Data\PC Tools
2011-02-26 21:57 . 2011-02-27 03:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-02-23 10:49 . 2011-02-23 10:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2011-02-01 12:29 . 2011-02-01 12:29 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-02-01 12:28 . 2011-02-01 12:29 -------- d-----w- c:\windows\ShellNew
2011-02-01 11:42 . 2011-02-08 00:38 -------- d-----w- c:\documents and settings\Eric\Application Data\ntr

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-08 19:53 . 2010-08-29 22:54 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 23:09 . 2011-01-06 08:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2011-01-06 08:32 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-20 17:26 . 2004-08-04 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2004-08-04 12:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38 . 2004-08-04 12:00 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2004-08-03 22:59 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPWebCap"="c:\progra~1\ScanSoft\PAPERP~1\PPWebCap.exe" [2001-10-15 43008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-25 98304]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-15 623992]
"SoundMan"="SOUNDMAN.EXE" [2010-09-01 77824]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2009-12-22 1092872]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-12-15 274608]
"OneTouch Monitor"="c:\program files\Visioneer OneTouch\OneTouchMon.exe" [2002-05-20 86016]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2010-9-14 984352]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"c:\\Program Files\\ScanSoft\\PaperPort\\NAVBrowser.exe"=

S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys --> c:\windows\system32\DRIVERS\cmderd.sys [?]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys --> c:\windows\system32\DRIVERS\cmdguard.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [6/15/2010 8:14 AM 87336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 6:01 AM 2799808]
.
Contents of the 'Scheduled Tasks' folder

2011-02-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-630328440-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]

2011-02-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-630328440-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-DW6 - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-27 12:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

- - - - - - - > 'lsass.exe'(736)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2220)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\program files\ATI\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\ATI\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2011-02-27 12:30:27 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-27 17:30

Pre-Run: 49,426,882,560 bytes free
Post-Run: 49,410,183,168 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - AA69758F500B31E8F1E055BB50798645

Edited by boopme, 27 February 2011 - 01:41 PM.
Moved to AV forum. ~ OB

Fixed the problem by running Kaspersky Anti-Virus 2011. Previous anti-virus/malware that did not work: Ad-Aware, Malwarebytes, Comodo, AVG, PCTools, and a few others that I do not recall.

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.