Hi Steve and welcome to BC!
This file can normally deleted by using the delete-on-reboot function that many tools possess. Basically, instead of deleting a file in safe mode, it deletes the file on reboot, before the operating system has been loaded, therefore giving much less chance of the file being active when you try to delete it. This normally means the file if more often than not, deleted. In the future I would recommend this method..
Do you have Hijackthis installed on the user's PC? If not, download/install it:http://www.trendsecure.com/portal/en-US/_d.../HJTInstall.exe
Here are instructions for using the tool.
Open hijackthis, click 'config
' (bottom right) Choose the tab 'misc Tools' on top.
Choose 'delete a file on reboot'. In the field, copy and paste the filepath you want to delete.
Click open. Hijackthis will tell you that this file will be deleted on next reboot and if you want to reboot now.
When asked if you want to reboot now, say Yes..
Allow the PC to reboot, if it doesn't do it automatically, reboot manually.
In my experience, that's one of the best and safest
methods to removing stubborn files.
In regard to your other question, it's impossible to tell whether the file was deleted by your AV on the other computer without seeing the detection logs. However, it is possible that even though both PCs were infected with the same malware, it just so happened on one it was able to 'hook' itself deep into the computer, wheras on the other that failed. Hence, on one PC it was almost impossible to delete yet on the other it was easy. Malware can fail to install fully in certain circumstances, ie increased security and protection.