small.APC trojan horse creats irsbzdvy.dll anyone see this and had any luck removing it?

I have a infected computer with a windows login trojan horse small.APC it installs a dll irsbzdvy.dll.
When this happens on log in you get a desktop with no icons or start menu. I worked around the issue by chance: I renamed the explorer.exe to explorer2.exe and found that explorer2.exe would run by using the task manager. I then changed the shell in the registry to use the explorer2.exe and was able to boot into safe mode anduse msconfig and run in diagnostic start up and remove the trojan.

PROBLEM as soon as I restart in regular mobe and reset the mscomfig the dll shows up again.(irsbzdvy.dll) Any one see his before or have any ideas?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SDFix should remove this.
You might also try downloading, updating and running in Safe Mode Malwarebytes.
You can get it free from
Once updated, reboot into Safe Mode (F8 at startup) and run a scan.
You should do this with your current antivirus product as well.
taagangelAuthor Commented:
Ran malwarebytes multiple times in safe mode it appered it removed it and I ran hyjackthis multiple times until the dll was no longer showing up. It reapered as soon as I restarted normally. I will run the sdfix in save mode and see what happens and rerun the malware and virus and then see if that takes care of it.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Just want to add that when you clean a virus or malware from your machine one of the first things you should do is disable system restore. This is not a recommended procedure unless you are infected and cannot seem to remove the virus. Many of these newer viruses have code that backs it up to the system restore folder and will spawn a new copy once you have removed it so you have to clean out the system restore data which will keep you from ever restoring to an earlier time after you are done so once you are done make sure you turn it back on and create a new restore point.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.