Allow non Microsoft signed binaries for svchost.exe This can break third-party antivirus programs that tries to load non-MFT signed DLLS, such as McAfee (MfeAmsiProvider.dll). Enable the audit policy to keep an eye on what's being loaded by svchost.exe