Showing results for 
Search instead for 
Did you mean: 

Solidcore error

We are getting error for execution denied for C:\Windows\SysWOW64\esif_uf.exe and C:\Windows\System32\drivers\esif_lf.sys

When checked the logs it is saying
\Device\HarddiskVolume3\Windows\System32\drivers\esif_lf.sys' which has been DENIED EXECED. Exec perms = 0, deny_reason = 0x1000 App Control Policy - Denied by User

please assist on this to what needs to done in this scenarios.



1 Reply

Re: Solidcore error


The easiest solution would be to whitelist the file and allow it to execute. However I would recommend that you investigate why the binary is not currently solidified, ensure that it isn't malicious in nature and understand its purpose. Has it only just come into existence, and if so why was it NOT created by an authorised change agent (i.e. an Updater or Trusted User) so it was dynamically added to the whitelist. Have you performed an AV scan to ensure it is free of malicious code?

Once your satisfied of the latter then you could whitelist using the command `so -v C:\Windows\System32\drivers\esif_lf.sys`.



More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator