Did you do a search of your system for eovnpx.sys? You can use Windows Search feature
> More advanced options to locate it.
To do this, go to Start
-> All files and folders
-> More advanced options
. Checkmark these options:
- "Search system folders"
- "Search hidden files and folders"
- "Search subfolders"
Type in the name of the file and then click "Search
" to look for the file(s).
IceSword is a stand-alone tool that shows you program components (processes) in memory, Ports, API hooking, Services, Startups and more. It will not actually tell you if you are infected or not unless you know what you're looking for. If you don't, you're probably better off with something like AVG Anti-Rootkit
Not all hidden components detected by ARKs are malicious
- Double click avgarkt-setup-220.127.116.11.exe to install. By default it will install to C:\Program Files\GRISOFT\AVG Anti-Rootkit
- Accept the license and follow the prompts to install.
- You will be asked to reboot to finish the installation so click "Finish".
- After rebooting, double-click the icon for AVG Anti-Rootkit on your desktop.
- You will see a window with four buttons at the bottom.
- Click "Search For Rootkits" and the scan will begin.
- You will see the progress bar moving from left to right. The scan will take some so be patient and let it finish.
- When the scan has finished, a small window will open so you can view the results.
- Right click and select "Save Result To File".
- By default the file will be saved with a .csv extension. (You can use notepad to open the .cvs file)
- Copy and paste the results in your next reply.
- If anything was found, click "Remove selected items"
- If nothing was found, please click the "Perform in-depth Search" saving anything found to file as before.
. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. You should not be alarmed if you see any hidden entries created by these software programs after performing a scan.