Odradio sam ovo sa HitmanPro, očistio je sve osim jednog, activity je i dalje na 100%
Evo log nakon čišćenja i restarta
HitmanPro 3.7.20.286
www.hitmanpro.com Computer name . . . . : PUZZLER
Windows . . . . . . . : 10.0.0.15063.X64/8
User name . . . . . . : PUZZLER\Hasib Halilovic
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (31 days left)
Scan date . . . . . . : 2017-11-25 09:15:14
Scan mode . . . . . . : Quick
Scan duration . . . . : 44s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 2
Objects scanned . . . : 4.928
Files scanned . . . . : 4.928
Remnants scanned . . : 0 files / 0 keys
Suspicious files ____________________________________________________________
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8D04443-F8D2-4406-AAD1-B8F39B9C32AF}\MpKslfd58b000.sys
Size . . . . . . . : 58.120 bytes
Age . . . . . . . : 0.5 days (2017-11-24 21:43:56)
Entropy . . . . . : 6.7
SHA-256 . . . . . : F6DB64112CC50EEE495E2D7C61B8BDBE757A31B03144B0396615FD38C312824E
Product . . . . . : Microsoft Malware Protection
Publisher . . . . : Microsoft Corporation
Description . . . : KSLDriver
Version . . . . . : 1.2.1009.0
Copyright . . . . : © Microsoft Corporation. All rights reserved.
Service . . . . . : MpKslfd58b000
LanguageID . . . . : 1033
Fuzzy . . . . . . : 47.0
The file is hidden from Windows API. This is typical for malware.
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
Starts automatically as a service during system bootup.
Program starts automatically without user intervention.
Time indicates that the file appeared recently on this computer.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Startup
HKLM\SYSTEM\CurrentControlSet\Services\MpKslfd58b000\
Sad ću pokušat i sa DoctorWeb-om, pa javim šta se dešava