Aug 22 2019 01:51 AM
Need to exclude file/folders from MsSenseS.exe scanning. Due to this sometimes MS patches getting failed when the patch size is around 1.4 GB and resulting in "Access Denied" in CBS log. Not sure whether others facing the same kind of issue.
Kindly suggest
Aug 22 2019 02:55 PM - edited Aug 22 2019 02:55 PM
Hello @NotNirmal,
You can refer to the documentation below on how to configure exclusions for the Windows Defender / Microsoft Defender Advanced Threat Protection:
Configure and validate exclusions for Windows Defender Antivirus scans
Configure Windows Defender Antivirus exclusions on Windows Server
Best regards,
Leon
Aug 23 2019 01:20 AM
Have tried excluding the MsSenses.exe from scanning.. but that didn't worked and i believe that will not work. This is specific with Microsoft Security Center where we did implemented WDATP in MMA Agent of configuring Azure Workspace ID and Proxy. After which the mentioned MsSenseS.exe is getting popped up in process and from proc mon i could see this is frequently been logged (Attached the snippnet). After removing the Azure workspace key, i could able to install the patch successfully with no access denied in CBS logs.
Aug 23 2019 01:48 AM
Might want to reach out to the experts in the Microsoft Defender Advanced Threat Protection community.
Aug 23 2019 05:05 AM
Jun 14 2021 05:16 PM
@Leon Laude It looks like @NotNirmal posted a question where you suggested, https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/mssenses-exe-is-scanning-file... , and no expert replied.
I also found this question Proper way to exclude applications from ATP protection