Cantatech
asked on
sysfer.dll not found and LiveUpdate Stops
We have a Windows Server 2003 server which is running SEPM. In the past few weeks, Liveupdate stops working and clients show that the antivirus definitions are out of date.
To maintain the server we access it via remote desktop, which fails with the message "The application failed to start c:\windows\system32\sysfer
If we restart the server, Liveupdate runs successfully, and similarly remote desktop also works without the above error.
The server then runs successfully for a random time (1-3 days) and then the above symptoms repeat. (ie liveupdate stops, no RDP).
We have ran a full Symantec scan, and Malwarebytes scan over the server, and no errors/malware is detected.
Searching the internet reveals a number of "product" for fixing missing sysfer.dll errors - we are reluctant to randomly choose one of these.
What would you suggest?
To maintain the server we access it via remote desktop, which fails with the message "The application failed to start c:\windows\system32\sysfer
If we restart the server, Liveupdate runs successfully, and similarly remote desktop also works without the above error.
The server then runs successfully for a random time (1-3 days) and then the above symptoms repeat. (ie liveupdate stops, no RDP).
We have ran a full Symantec scan, and Malwarebytes scan over the server, and no errors/malware is detected.
Searching the internet reveals a number of "product" for fixing missing sysfer.dll errors - we are reluctant to randomly choose one of these.
What would you suggest?
The only other solution would be to uninstall the NTP (Network Threat Protection) part of SEP.
This is down to you and only IF you believe it's not required.
But to do this;
1.Click Start> Settings> Control Panel.
2.Double-click Add or Remove Programs.
3.In the list of installed programs, click Symantec Endpoint Protection.
4.Click Change.
5.Click Next.
6.Click Modify.
7.Click Next.
8.Click on the Network Threat Protection icon
9.Click This feature will not be available.
10.Click Next.
11.Click Install to apply the changes.
12.Click Finish once the installation is complete.
13.Restart the computer.
Job Done!
This is down to you and only IF you believe it's not required.
But to do this;
1.Click Start> Settings> Control Panel.
2.Double-click Add or Remove Programs.
3.In the list of installed programs, click Symantec Endpoint Protection.
4.Click Change.
5.Click Next.
6.Click Modify.
7.Click Next.
8.Click on the Network Threat Protection icon
9.Click This feature will not be available.
10.Click Next.
11.Click Install to apply the changes.
12.Click Finish once the installation is complete.
13.Restart the computer.
Job Done!
ASKER
Thanks for your response - I have checked folder c:\program files\symantec\symantec endpoint protection\12.1.671.4971.1
For the moment the server is running correctly, and the next time it fails, I'll remove NTP.
For the moment the server is running correctly, and the next time it fails, I'll remove NTP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the suggestions but the ongoing issue can be more efficiently resolved in a somewhat more heavy handed fashion
This is associated with failed logon attempts on the computers that were blocking logons
Do you have by any chance a sysfer.dll.bak file in the main SEP install folder??