cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Faulting application name: SenseNdr.exe

David Weston
Copper Contributor

‎Aug 23 2023 08:16 AM

‎Aug 23 2023 08:16 AM

Faulting application name: SenseNdr.exe

We have several systems (Server 2019, Windows 10, Windows 11) that are getting Event ID 1000 in Application log twice per day:

 

Faulting application name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Faulting module name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Exception code: 0xc0000409 Fault offset: 0x000000000071f9c1 Faulting process id: 0xd9c Faulting application start time: 0x01d9d532b71623c9 Faulting application path: C:\Program Files\Windows Defender Advanced Threat Protection\SenseNdr.exe

 

These started with the July monthly updates. Apparently we are not the only ones. See Windows Defender SenseNdr.exe Application Crashing Events - Microsoft Q&A.

 

Anyone have a clue?

2,061 Views
1 Like
4 Replies
Reply
4 Replies
eliekarkafy

‎Aug 23 2023 10:46 AM

‎Aug 23 2023 10:46 AM

Re: Faulting application name: SenseNdr.exe

did you apply august monthly updates to check if your issue will persists
0 Likes
Reply
David Weston

‎Aug 23 2023 11:12 AM

‎Aug 23 2023 11:12 AM

Re: Faulting application name: SenseNdr.exe

Yes, I did. I waited for those to come out before raising the issue.
0 Likes
Reply
eliekarkafy

‎Aug 23 2023 11:19 AM

‎Aug 23 2023 11:19 AM

Re: Faulting application name: SenseNdr.exe

try to offboard and re-onboard one of your machines and check the logs. if your issue persists, I suggest opening a case with MS so they can check as it might be a bug with the latest release.
0 Likes
Reply
David Weston

‎Sep 03 2023 10:00 AM

‎Sep 03 2023 10:00 AM

Re: Faulting application name: SenseNdr.exe

Tried this. Offboarding does not remove the C:\Program Files\Windows Defender Advanced Threat Protection folder or make any change to the files within. Events stopped while offboarded but started again when onboarded again.
0 Likes
Reply