Manually removing rootkit-based malware can be extremely difficult. You can’t delete the offending Registry entries because the malware process is running. You halt the malware process, but Windows restarts the malware before you can delete the Registry entries. Many rootkits also set the Registry entries’ owner to someone other than the user, thus complicating things further.
To fairly easily remove rootkits by hand, boot the infected computer with a Windows distribution CD. Use the repair option’s command line interface to delete the malware executable file. Then, at your leisure, delete the offending Registry entries and data files.