Same issue after upgrade to Windows 10. Found this:
Issue: When you upgrade an endpoint with ENS 10.5 installed from Windows 7 x64 to Windows 10 x64, Exploit Prevention fails to initialize and remains disabled.
Cause: The issue is caused by a race condition between mfetp and the VSCore driver, ESP, or MA Service during the installation flow. This race condition leaves the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mfeepmpk\Enum set to 1 by mistake, indicating a failure during initialization. The end result is that Exploit Prevention remains disabled and cannot be initialized.
Workaround: Perform the following steps to avoid the issue:
- Before starting the Windows 10 upgrade process, disable ENS Self Protection.
- Press Windows+R, type regedit, and click OK.
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mfeepmpk\Enum.
- Set INITSTARTFAILED to 0.
- Enable ENS Self Protection.
- Start the Windows 10 upgrade process.
but have yet to find a fix for when you did not know to do the above and you want to clear the red exclamation mark after the fact.
Any suggestions? Thanks!