RC operates before any Windows Explorer (or other gui shell) runs, maybe this will help you remove it, by booting to it!
You can bootup from your install CD & run it, OR install it as a bootup option via:
[cd-rom driveletter]:\...i386\winnt32.exe /cmdcons
IIRC, that is how you install it as a bootup option.
Once in it? Use its "DOS-like" commandline interface & its DEL command to fry that s.o.b. & see if it goes away... if not, then it has "tentacles" & backup helping it elsewhere, which means you'd need a FULL startup list possibles, so here that is:
================================================== ===
<Prior to Logon Prompt>
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServicesOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices
<Logon Prompt>
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run
StartUp Folders (BOTH the COMMON TO ALL USERS type & CURRENT USER only folder type)
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\RunOnce
(WIN.INI & PROGMAN.INI Run= & Load = lines as well)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe"
================================================== ===
* If that all doesn't help? Then, whatever it is starting this thing up has overwritten or infested executables the OS uses... that means antivirus removal tools time, & possibly even reinstalling your service pack & hotfixes that came after it, to hopefully replace the infected files.
(That's what I'd try, short of any removal tool being useless against it, that is possible too, I have seen it in the Win32 PinFi virus back in 2001 on my nephew's PC... iirc, that was its name, you have to "repave" once you sucked that one in, because nothing would/could remove that one, @ least back then, & I'd strongly wager that now as well!)
APK