Oui, j'ai besoin d'une solution
While tracking down an unrelated issue, I happen to look at the list of processes that should not start (Global Options > General > Global Poliy Lists) and I noticed that every entry has a Signature Flag of 'Q01'. Does anyone have an idea of why this flag is present? It seems to be some kind of bogus entry. If, for example, I try to launch fpt.exe, I will never see the Q01 flag in the event details. The net effect is that none of these processes will be stopped without altering the list. The bogus flag ensures a match will never happen.
Thoughts?
Will