F
ForgottenSeer 95367
Blocking these processes on the basis that they are Microsoft digitally signed will result in a "black screen system":I will have to get back on this I have had all blocked except MS. But I am going to try them too just for the heck of it
- system (ntoskernel.exe)
- smss.exe
- winnit.exe
- services.exe
- csrss.exe
Whatever you are using to block processes might not apply its block rules early enough in the system boot sequence to quash processes such as smss.exe, csrss.exe and services.exe. (NOTE: winlogon.exe is not digitally signed). Consequently, a partially bootable system might still happen even if you are blocking critical Windows processes that are signed.
Additionally, if you test in a virtual machine, you might get unexpected results whereby system boots despite blocking critical Microsoft signed processes.
In your testing, you can try a single "catch-all" block rule that will block everything unsigned and unsigned:
block= *
Last edited by a moderator: