zerohearne

Understood. Thank you for your reply.

Hi! I'm a bit confused atm. Malwarebytes 3 load time was kind of slow since its launch. I've recently updated to the latest version and it loaded much quicker (tray icon). yesterday I had to restore my system from a system image and ever since the load time went back down for MBAM, I tried reinstalling it but its load time is bad again... I have a very fast system, MBAM loads from a (Samsung 640 evo pcie) any tips that might help getting the load time back to the way it was? version 3.1.2

Hello! just curious, what are the basics behind signature-less anomaly detection? Is it a new layer of security? What does it do? What does it protect against?

I'm about to enable Virtualization Based Protection of Code Integrity and after running the Device Guard Readiness Test for Incompatible HVCI Kernel Driver Modules it found some mbae processes. this is a common procedure in enterprise IT system so I would think this wouldn't be an issue. Please let me know if I can continue with the VBP deployment. DG Readiness PowerShell Data.txt

I went exploring in the exploit protection setting and noticed not every mitigation is checked. For example Bottom Up ASLR enforcement is disabled. Will selecting these boxes improve security?

reinstalling MB fixed this issue...

output.txt

I played around with Microsoft's EMET toolkit some and added Chrome what was previously not working with MBAE DLLs and I can now see EMET64.DLL injections on the chrome browser. I then went on to add the Edge browser and I still do see its injection on either mbae or emet dlls.

logs.zip

any updates? Exploit protection still doesn't enable automatically and browsers aren't being protected. I your testing program to see if any injections show up and it it would block an exploit attempt and it worked its only browsers and windows app store programs. mbae-test.zip

Gotcha!

Google Chrome's dll injection is also missing

FRST.txt Addition.txt

Something I also forgot to point out it that every time my computer starts all protections are On except for it's exploit protection that I have to toggle manually. it could be when that happens some applications that are on the mbae list dont fully turn on. idk..

I've noticed that all my Windows App Store programs are also not showing any dll injections. I think it could be conflicting with its sandboxing protocols and since Edge employs some of these sandboxing technics it might be the reason why its also not showing I could be completely wrong but that's the only link I can think of in this case. Skype.exe, steam, internet explorer, iTunes all show dll injections. The ones that aren't showing any that i've tested so far are the Photos app, Movies & TV/media player and Edge. Let me know what else I can do to help. MB-CheckResult.txt