win32 Trojan-gen problem

[Staind]

Hi. I've been helping my friend with his virus problems, and avast! picked up  win32 Trojan-gen, but it can't seem to remove it.  The virus is supposedly located in hxdefdrv.sys.  Avast, Mcafee and Norton (Mc/Nor he used those specialty remove programs).

Anyways, is it safe to just delete hxdefdrv.sys?

[Staind]

Nevermind, found full guide at another forum. Since this might be helpful I'll post it here:

http://forums.spywareinfo.com/index.php?showtopic=505

1) Restart in Safe Mode (see "How To:" below)
2) Enable Hidden Files (see "How To:" below)

Locate and delete the following:

hxdefdrv.sys
inatjoy.dll
motkrtin.dll
witadr.dll
winunins.exe
winunins.ini
svhost.exe (not "svchost.exe")
trj4j6js.exe
ddd.exe

Open Regedit and click Edit > Find
(enter) "HackerDefenderDrv100" (no quotes)
Click Find Now

Highlight and delete all references found.
Click "F3" to continue searching, repeat until you see the "Completed Search" message.

Next, do the same steps for each of the above files.

Note: If you cannot delete the registry keys (Access Denied) then Right-click key and click Permissions.. Set Full Control to Allow everyone rights

While still in Safe Mode: Run a full system scan with Avast.


Note: if for some reason "hxdefdrv.sys" seems to be running again in Safe Mode, repeat the "net stop" command again and then delete the files.