Endpoint Protection servvice terminating on muliple machines (Network Steve Forum)

Endpoint Protection servvice terminating on muliple machines

System Center Endpoint protection

Since the 20th of June we have been seeing Windows 7 machines (not everyday but most) have the Antimalware service stopped and we get the following log entry with different files listed under Resource:

Log Name:      System
Source:        Microsoft Antimalware
Date:          6/29/2015 11:58:31 AM
Event ID:      5008

Microsoft Antimalware engine has been terminated due to an unexpected error.
  Failure Type: Hang
  Exception code:
  Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-memory-l1-1-0.dll

or

Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-rtlsupport-l1-1-0.dll

Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-processenvironment-l1-1-0.dll

file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-sysinfo-l1-1-0.dl

It looks like the service hangs between 11:30 AM and 12:30 PM

Can't find any kind of Malware on them. Does anyone know what would suddenly cause the antimalware service to hang.

June 29th, 2015 12:50pm

You really should open a case with Microsoft customer support service ASAP.

Free Windows Admin Tool Kit Click here and download it now

June 29th, 2015 1:30pm

This topic is archived. No further replies will be accepted.