I have a registry entry found by HiJack this that contains this entry: O4 - HKLM\..\Run: [vadijovahe] "C:\WINDOWS\system32\lewineri.dlg,x The full path is: HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/Windows/CurrentVersion/Run When I delete the registry entry, it reappears within 5 seconds. I have had this infection before and was able to kill the process by using Security Task Manager. I had also used Microsoft TASKLIST command to find the malware program in a running process. The malware program name was not named lewineri.dlg. I ended the process and then I would then go to the SYSTEM32 directory and delete obvious malware programs, e.g. a.exe, b.exe, etc. I would then delete the registry entry, reboot and the problem disappeared. I also noticed that if I left the malware process running and tried to delete the programs from the SYSTEM32 directory, new programs would reappear and the names would be a different letter e.g. delete a.exe and a new program j.exe would appear. However, I have become reinfected and the malware programs are not easily identified now. I have googled "lewineri" and have found nothing. Has anybody else ran into this or knows how to rid the machine of this malware? Thanks in advance for any help.
