Nasty little virus thing

Hi everyone.
I have a virus of some sort trying to pass itself off as a 7-zip program, it's harmless for now, but I just can't get rid of it.
It's set itself up as a startup program nag and I cannot remove it or it's weaker clone (I was able to open the clone in notepad, delete everything, then save, then delete the file, but it came back upon log off/on), and the 2 registry keys keep coming back.

It wants to launch a program called dywjsuruukltmbqp.exe, which I deleted no sweat.

The thing I can't get rid of, ltyonspl.exe keeps forcing a popup asking me to let it open the command prompt/console so it can do it's nasty thing (although with dywjsuruukltmbqp.exe deleted, it will probably just fail), but this goes away when you kill it's process.
However, it is still running somehow as I cannot delete the 2 ltyonspl.exe files and I can't even set hijackthis to delete them upon reboot for the same reason, which makes little sense to me. Also cannot delete it's entry in the HijackThis scan, in which it's an 04 item, found in the HKCU group.

One of them sits at my name>AppData>Local>dnhcdpjx>ltyonspl.exe (the one I can temporarily delete with notepad trick)
and the other at my name>AppData>Roaming>Microsoft>Windows>Start Menu>Programs>Startup>ltyonspl.exe

I was hoping I could attack them by making another administrator account but of course I cannot access the other name's files/setup folders.

Not sure where to go from here, any help will be appreciated.

Boot into safe mode and do Virus Scan also Spybot search and destroy update scan and immunize.

Worse case Scenario, backup your data and format.

But first boot into safe mode and try and remove it with basic windows loaded.

Thanks a ton, I was able to get rid of it in Safe Mode, forgot it existed (And I've never used it), although I had to unplug the computer at the wall in order to get the option heh.

The nag to allow/deny startup change reappeared again (I actually chose deny the first time, but it didn't deny it for some reason), and this time when I denied it, it stayed down, so in all honesty I consider it 99% gone.

Thanks again.

np at all, it is what we do.

just keep doing scans every few days and if it keeps acting up then we would need to explore infection again but sounds like everything is fine.

If you have any more issues post up.

It came back and ran rampant and wouldn't go away heh.
I had to make a new computer account and migrate to it with a bit of haste, doing a latest backup of my files etc, as I started getting memory errors and all sort of things, despite not allowing the console access it nagged me for.

The new account went fine, the old one deleted, but upon trying to use a game console emulator (not sure if it's ok to name it here), one that I'd had for ages, the dywjsuruukltmbqp.exe spawned in my temp folder and wanted computer console access as before, and it brought that ltyonspl.exe with it, both embedded themselves into the startup. I was unable to remove them via safe mode or hijack this' delete-on-reboot function. And surely the memory and other assorted errors followed.

I'm not sure what caused this as I never had this problem for months when I first had that emulator, and it doesn't connect to a server in order to function (I'm 99.9% certain).

I've made another new account and binned the emulator and deleted the registry key of ltyonspl (none for the dywjsuruuk thing) and everything is peachy. Weird, but at least I don't have to buy a new PC tower.