Not much showing here. I would like more of a description of the 'redirect' though. We will have to dig deeper:

Consider disabling Stopzilla while we're working:


Please download ComboFix from Here and save to your Desktop.

• 
  [1]. Do NOT rename Combofix unless instructed.
  [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  [3].Close any open browsers.
  [4]. Double click combofix.exe & follow the prompts to run.
• NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
  [5]. If Combofix asks you to install Recovery Console, please allow it.
  [6]. If Combofix asks you to update the program, always allow.
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  [7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..

Run Eset NOD32 Online AntiVirus Scanner HERE

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the Active X control to install
• Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
• Click Start
• Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
• Click Scan
• Wait for the scan to finish
• Re-enable your Antivirus software.
• A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

Leave the 2 logs in your next reply.

I'm going to move a file that was found in Eset, which you ran first. The file is also mentioned in Combofix as infected. There is a chance that this will not remove it, but try first and if it does not, I'll have you submit it for further identification:

Please download OTMovit by Old Timer and save to your desktop.

• Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  Code:

  :Processes	
  
  :Services
  
  :Reg
  
  :Files  
  c:\windows\system32\ws2_32.dll
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt3

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please include that log in your next reply.

It would also be best if you disabled the following programs while I'm helping you:
Trend Micro
Stopzille
Spybot
I need to be sure that malware is found and handled properly and not whisked off by a program that might not remove it totally.

Okay, I'm a bit short on information here- all you typed was:

1. Are you able to get into the system at all?
Most STOP 0xC000021A errors occur because Winlogon.exe fails. This typically occurs because of a faulty third-party Graphical Identification and Authentication (GINA) DLL.

2.Were you having any other system problems? If yes, what?

3. Your logs are dated 6/5. Did you do anything with the system maybe on 6/4 that could have involved the following:

• Mismatched system files have been installed.
• A Service Pack installation has failed.
• A backup program that is used to restore a hard disk did not correctly restore files that may have been in use.
• An incompatible third-party program has been installed.

4.A reboot brought up the Dell BIOS. Did you choose the Recovery Module? How did it get from Recovery to the Windows Startup? And did the BSOD come up itself or after you did something?

When I asked if you had done any system work in ant of the categories I mentioned, I meant before I started helping you.

As for getting Windows started again, it sounds like you don't have any choice but to boot into the Recovery Module.

The ws2_32.dll that was removed, in itself, is a valid system file.But it was infected with this:
C:\WINDOWS\system32\ws2_32.dll Win32/Patched.ED trojan
and was also in memory
${Memory} Win32/Patched.ED trojan

What most likely happened is that the malware corrupted the winlogon. This can present a problem of saving files and putting them back on after you do a recovery. Since the system is booting into the Recovery, you are going to need to run it.

The following is from BitDefender and might help you understand the 'patched' term:

Paul, you didn't have much choice here! I can't take any credit. but I am glad there pair went well. How about running Combofix and an online AV scan to make sure no malware remains?

I have your original Combofix report to refer back to if needed. So your can delete the file on the desktop (not the program, just the first log) then rerun Combofix.

When finished:
Run Eset NOD32 Online AntiVirus Scanner HERE

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the Active X control to install
• Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
• Click Start
• Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
• Click Scan
• Wait for the scan to finish
• Re-enable your Antivirus software.
• A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

Leave both logs in next reply.

Paul, I thought I answered this. the one files in the Eset log is the one moved in OTM and there are no new entries. You told me you did a repair and the the problem was resolved. O wrote that I couldn't get anything useful out of the 7 years of entries in the Combofix log(s)

You've been very short on giving me information. Are you having a problem now? What is it? If resolved, I
ll have to remove the cleaning tools.

I don't know where the reply went, but I did send it. Sorry.

You're welcome- glad I could help. Sometimes things get swallowed up in cyberspace!

Since the redirect had been resolved, you can remove all of the tools we used and the files and folders they created

• Uninstall ComboFix and all Backups of the files it deleted
• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

• Download OTCleanIt by OldTimer and save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

• You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
• Go to Start > All Programs > Accessories > System Tools
• Click "System Restore".
• Choose "Create a Restore Point" on the first screen then click "Next".
• Give the Restore Point a name> click "Create".
  
• Go back and follow the path to > System Tools.
  [*]Choose Disc Cleanup
  [*]Click "OK" to select the partition or drive you want.
  [*]Click the "More Options" Tab.
  [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

Empty the Recycle Bin

Let me know if I can be of more help in the future.