Thanks, I'll update with the logs when they're done. I've found these System overrides in my Windows Exploit Protection settings and I don't remember ever setting these, are they suspicious? Thanks so much for the help
<?xml version="1.0" encoding="UTF-8"?>
<MitigationPolicy>
<AppConfig Executable="ExtExport.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="ie4uinit.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="ieinstal.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="ielowutil.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="ieUnatt.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="iexplore.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="mscorsvw.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
<AppConfig Executable="msfeedssync.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="mshta.exe">
<ASLR ForceRelocateImages="true" RequireInfo="false" />
</AppConfig>
<AppConfig Executable="MsSense.exe">
<StrictHandle Enable="true" />
<SEHOP Enable="true" TelemetryOnly="false" />
</AppConfig>
<AppConfig Executable="ngen.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
<AppConfig Executable="ngentask.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
<AppConfig Executable="PresentationHost.exe">
<DEP Enable="true" EmulateAtlThunks="false" />
<ASLR ForceRelocateImages="true" RequireInfo="false" BottomUp="true" HighEntropy="true" />
<SEHOP Enable="true" TelemetryOnly="false" />
<Heap TerminateOnError="true" />
</AppConfig>
<AppConfig Executable="PrintDialog.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
<AppConfig Executable="runtimebroker.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
<AppConfig Executable="SystemSettings.exe">
<ExtensionPoints DisableExtensionPoints="true" />
</AppConfig>
</MitigationPolicy>