Shoutbox

This could mean a few things:

A) There is another process monitoring the hvex.exe process. You need to find this other process and kill it first using all the same steps as before.

B) Hvex.exe itself has a way to detect when it gets killed and places a copy of itself somewhere else or starts another process when it is closed.

C) Windows does his (in such cases crappy) method of preserving accidental file removals. I'm no expert in Vista, so I can't help you with that. But it involves turning this auto-backup/restore thing off.

---------

For A and B: you could also try to log in to Windows with an account which is not infected (I hope you can sign in as Administrator) and proceed with all the steps as before. So, reboot your computer and try to log in as Admin.

Or you could use MSCONFIG:

1) In MSCONFIG, go to the 'General' tab and choose 'Selective startup'.

2) Untick 'Load startup items'

3) Click 'OK' and reboot

4) execute all the steps listed in previous post.

5) Make sure you also identify that second monitoring process!! And execute the steps listed in previous post for that process too...

6) Reboot

7) Open MSCONFIG, go to the 'General' tab and choose 'Normal startup'.

8) Click 'OK' and reboot

--

The bottom line is that you need to boot up Windows without starting the hvex.exe process (or that other process).

In fact, this should _always_ be done when you're trying to remove malware though. You should _always_ boot up Windows in such a way that only the essential Windows processes are running and nothing, absolutely nothing, else... In Windows XP for example, you can do this by booting up in Safe Mode.

This is an extremely important step which most people forget to take. Even when scanning for malware it is best to take this step because quite a lot of malware has ways to hide themself from anti-virus programs. But they can't hide themselfs if they are not running.....