cancel
Showing results for 
Search instead for 
Did you mean: 

Solidcore error

We are getting error for execution denied for C:\Windows\SysWOW64\esif_uf.exe and C:\Windows\System32\drivers\esif_lf.sys

When checked the logs it is saying
\Device\HarddiskVolume3\Windows\System32\drivers\esif_lf.sys' which has been DENIED EXECED. Exec perms = 0, deny_reason = 0x1000 App Control Policy - Denied by User

please assist on this to what needs to done in this scenarios.

Regards,

Abhijit

1 Reply
Highlighted

Re: Solidcore error

Abhijit,

The easiest solution would be to whitelist the file and allow it to execute. However I would recommend that you investigate why the binary is not currently solidified, ensure that it isn't malicious in nature and understand its purpose. Has it only just come into existence, and if so why was it NOT created by an authorised change agent (i.e. an Updater or Trusted User) so it was dynamically added to the whitelist. Have you performed an AV scan to ensure it is free of malicious code?

Once your satisfied of the latter then you could whitelist using the command `so -v C:\Windows\System32\drivers\esif_lf.sys`.

HTH,

Mick

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community