System Center Endpoint protection
Since the 20th of June we have been seeing Windows 7 machines (not everyday but most) have the Antimalware service stopped and we get the following log entry with different files listed under Resource:
Log Name: System
Source: Microsoft Antimalware
Date: 6/29/2015 11:58:31 AM
Event ID: 5008
Microsoft Antimalware engine has been terminated due to an unexpected error.
Failure Type: Hang
Exception code:
Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-memory-l1-1-0.dll
or
Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-rtlsupport-l1-1-0.dll
or
Resource: file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-processenvironment-l1-1-0.dll
or
file:C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-sysinfo-l1-1-0.dl
It looks like the service hangs between 11:30 AM and 12:30 PM
Can't find any kind of Malware on them. Does anyone know what would suddenly cause the antimalware service to hang.