We are getting error for execution denied for C:\Windows\SysWOW64\esif_uf.exe and C:\Windows\System32\drivers\esif_lf.sys
When checked the logs it is saying
\Device\HarddiskVolume3\Windows\System32\drivers\esif_lf.sys' which has been DENIED EXECED. Exec perms = 0, deny_reason = 0x1000 App Control Policy - Denied by User
please assist on this to what needs to done in this scenarios.
The easiest solution would be to whitelist the file and allow it to execute. However I would recommend that you investigate why the binary is not currently solidified, ensure that it isn't malicious in nature and understand its purpose. Has it only just come into existence, and if so why was it NOT created by an authorised change agent (i.e. an Updater or Trusted User) so it was dynamically added to the whitelist. Have you performed an AV scan to ensure it is free of malicious code?
Once your satisfied of the latter then you could whitelist using the command `so -v C:\Windows\System32\drivers\esif_lf.sys`.