Je možné že to "028C3A53.sys" se nenchází v "C:\WINDOWS\SysNative\drivers\" ale v "C:\Windows\System32\drivers", (dočetl jsem se že přes 64-bit system se tam jen tak nedostanu) pokud ano, zde jsou výsledky testu
https://www.virustotal.com/en/file/e9539a4f85fe30f5baed742778ca74c879995728668abe6877c37633716d8770/analysis/1483659729/ a zde přidávám log z OTL:All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C936B705-D23F-43FC-A827-4794AE236EEF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C936B705-D23F-43FC-A827-4794AE236EEF}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C936B705-D23F-43FC-A827-4794AE236EEF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C936B705-D23F-43FC-A827-4794AE236EEF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: foxmarks%40kei.com:4.3.19 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\modules folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\META-INF folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\defaults\preferences folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\defaults folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\components folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\skin\modern\images folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\skin\modern folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\skin folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\zh-TW folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\zh-CN folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\vi folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\uk-UA folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\tr-TR folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\sv-SE folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\sk-SK folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\ru-RU folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\ro folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\pt-PT folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\pt-BR folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\pl-PL folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\nn-NO folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\nl folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\ko-KR folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\ja-JP folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\it-IT folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\hu-HU folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\fy-NL folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\fr folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\fi-FI folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\eu-ES folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\et-EE folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\es-ES folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\en-US folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\el-GR folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\de folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\da-DK folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\cs-CZ folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\bn-IN folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\bg-BG folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale\ar folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\locale folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\content\shared folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome\content folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com\chrome folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com folder moved successfully.
C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions folder moved successfully.
File C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi not found.
File C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi not found.
File C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi not found.
File C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi not found.
File C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\WINDOWS\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
========== FILES ==========
File move failed. C:\WINDOWS\System32\TBM8FB4.tmp scheduled to be moved on reboot.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File move failed. C:\Windows\SysWow64\TBM8FB4.tmp scheduled to be moved on reboot.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat moved successfully.
C:\Users\luvan\AppData\Roaming\AVAST Software\SecureLine\cookie folder moved successfully.
C:\Users\luvan\AppData\Roaming\AVAST Software\SecureLine folder moved successfully.
C:\Users\luvan\AppData\Roaming\AVAST Software folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
->Temporary Internet Files folder emptied: 0 bytes
User: luvan
->Temp folder emptied: 230682615 bytes
->Temporary Internet Files folder emptied: 106035 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 201291101 bytes
->Flash cache emptied: 492 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 102344 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25008 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 412,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01062017_002810
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\System32\TBM8FB4.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\TBM8FB4.tmp scheduled to be moved on reboot.
File move failed. C:\Users\luvan\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...