Servers hosted on Azure randomly stop accepting RDP connections, or are observed hanging. Symantec Endpoint Protection (SEP) 14.0.x is installed. This issue can occur even when only the "Basic Protection for Servers" Client Install Feature Set is installed.
Deadlock conflict with filesystem activity by MSSenseS.exe (Windows Defender Advanced Threat Protection Service Executable).
In order to avoid the conflict with SEP, the process must be trusted in the SEP client's assigned Virus and Spyware Protection policy. To make this change from the Symantec Endpoint Protection Manager (SEPM), please do the following:
Under the Policies tab, select Virus and Spyware Protection.
Click the policy you would like to modify and select Edit the Policy.
Under Scanning, click Advanced Scanning and Monitoring.
Ensure the box marked Do not scan files when trusted processes access the files is checked.
Check the box marked Enable custom list.
Click Customize process list...
Enter in: MSSenseS.exe, and click OK.
Click OK three more times to save the changes.
Subscribing will provide email updates when this Article is updated. Login is required.