In the past months I have been experiencing some paranoia with regards to trojans and rootkits and possibly targeted attacks. Infections with which someone would be able to see my screen would be pretty devastating in my line of work.
I would like your help to get rid of this paranoia for once and for all by having a complete and thorough system check up and hopefully also receive some tips to secure my system even further.
What I have done so far:
- Changed the local security policy for UAC to prompt for credentials for the Administrator (I am not sure if this is just as safe as not working as an Administration)
- Encrypted C: with Bitlocker
- Norton Security (I got this because of the SONAR function that seems to protect against 0day exploits)
- Malwarebytes Anti Exploit
- Cryptoprevent on Maximum
- Use a VM for everything not work related
- Changed my WIFI password (what is safer WIFI or Ethernet?)
- Use a VPN
- Disabled file and printer sharing
Today, after running a sfc /scannow command Windows Resource Protection found corrupted files and repaired them, I have saved the CBS.log if it is relevant for you. I also have dllhost.exe showing up with multiple instances in Process Explorer and when I google the process IDs I find all sorts of scary threads on fileless trojans that nest in the registry. I also like to keep my eye on TCPview and two days ago I found two unknown IP addresses connected to me that no processes associated with them.
I would like to do any and every check/scan you can think of to make sure my system is not compromised and get some peace of mind.
Here are the FRST reports both as attachments because FRST.txt was too long.