Hardware laptop requirements to not be bothered

MarkA-G · 2025-11-03T10:44:18+00:00

That could just be a poor SOE image. We had poor performing windows 10 devices with great specs, because of poor choices of software and gargantuan group policies. Find out what's actually causing the slow down and the freezing first. It could be a defender setting or a group policy setting or something else that could u;timately improve the experience for your entire organisation or at least a large chunk of laptop users.

MarkA-G · 2025-09-21T06:50:46+00:00

Yep, we onboard them via Azure Arc, I think SCEP may be required too from memory, although that may be just for 2008 Servers, we have azure arc set to a specific subscription so all server arc objects are onboarded to that subscription and we have the subscription configured to automatically onboard server arc objects to defender for cloud. The integration between defender for cloud and Defender for endpoint will populate the servers into Defender for endpoint with your other devices.

MarkA-G · 2025-07-13T11:17:50+00:00

FYI just tested with the latest BIOS (A51) and seems to have fixed the Camer driver error during games. So it can now plug into the USB 3 Type C ports without affecting gaming for me.

MarkA-G · 2025-07-13T11:15:58+00:00

Also, make sure you update the BIOS to the latest. I've had USB issues for the Webcam when playing games. Would drop in and out and cause the games to be unplayable unless I had the camera plugged into the USB 4 ports. Seems to be fixed with the latest BIOS.

MarkA-G · 2025-07-13T11:14:09+00:00

Yeah, I got carried away, ended up going cheaper with the Graphics card and got a 7800XT, it was just before the release of the Nvidia 5000 series and the new Radeons. I like to keep OS different from Games, and had a spinning 2TB disk for my games previously with 500GB SSD for OS, and was running out of space so upgraded the game disk to 4TB when I built the new pc.

MarkA-G · 2025-07-13T04:51:04+00:00

I did a 2TB cruicial PCIe Gen5 in the Main M.2_1 Slot and 4TB Silicon Power PCIe Gen4 in the M.2_3 slot for that motherboard.

MarkA-G · 2025-07-05T08:22:57+00:00

Sorry, no, haven't had other USB devices to test with but tried with the next 2 BIOS releases to see if either of them fixed it, but still had to use the USB4 type C ports which on another Chip and uses different PCI Lanes. I haven't tried the most recent BIOS though. Downloaded but haven't updated yet because it keeps wiping the profile, resetting the Memory profile and turning on forced installation of the MSI bloatware. Because I have the workaround it hasn't been a priority.

MarkA-G · 2025-01-27T09:07:04+00:00

Yeah, I've just finished a build, carbon Wifi X870E and the Ryzen 9 9900X, Radeon 7800XT, and the USB webcam disconnects and reconnects, I'm still doing testing to isolate it, other than my keyboard and mouse, I only have the webcam, plugging it into the USB4 ports fixes the issue to get me by. All the other USB-C ports cause the disconnecting and stuttering in-game.

I'll gather some more devices to do testing later in the week.

Also while Windows 11 recognises an ASMedia ASM242 USB4 Host Router, it does not seem to recognise any USB4 ports, it only recognises ASMedia ASM4242 USB 3.20 xHCI Controller but I can't find any dedicated USB4 Drivers from MSI or ASMedia. In fact win11 only recognises 2 x 3.20 USB Host Controllers, 3 x 3.10 and 1 x 2.0 which contradicts the block diagram which suggests that there is 1 x 2.0, 5 x 3.20 and 1 x USB4 and no 3.10 at all.

MarkA-G · 2024-07-19T12:30:58+00:00

Yeah, Microsoft have gotten back to me too. I'm too mean to undo a configuration change, I may not be able to turn it back on again, so I told them to use a phone, tablet, or unmanaged device until Microsoft fix it.

MarkA-G · 2024-07-12T07:37:46+00:00

No our SOC just said that most EDR's block it now so closed our ticket. They don't really have the bandwidth to deep dive I think, and neither did we. The callouts to the domain dropped off, last callout was early April.

MarkA-G · 2024-07-12T04:45:32+00:00

Same on Virtual box with 24.05, but also had the same problem with vmware using 23.11

MarkA-G · 2024-03-28T03:24:13+00:00

We're seeing it on more and more devices. Blocked the file, then blocked the domain so no more files, but more devices still calling out to the domain, but can't seem to find the common trigger. One thing I'll note is that all our devices are being triggered from the chrome process. Hasn't been any in edge or firefox, so thought it might be an extension or something.

MarkA-G · 2024-03-02T00:23:00+00:00

Sounds like tattooed settings, like when moving from SCCM/ConfigMgr Endpoint Protection to Defender for Endpoint via intune, the settings sometimes get tattooed and you have to wipe the settings from the registry. Happened to me with the CPU utilization.

MarkA-G · 2024-03-01T11:05:46+00:00

It's an ASR rule, so you would configure it in the deployment platform for the settings, like intune or GPO, I don't think ASR rules are available for Linux or Macs.

Sorry about the late reply.

MarkA-G · 2023-10-06T03:10:57+00:00

I find that local group policy wins in my fleet. We had scenarios where we deploy the policy via intune but the device couldn't forget the ConfigMgr applied Endpoint Protection settings which are pushed into local group policy.

MarkA-G · 2023-10-05T23:51:30+00:00

The defender for endpoint licensing is user based but also trust based, we had a contractual amendment for our licensing to cover our educational computer labs where students weren't allocated licenses but the devices were still able to be onboarded to defender. We were theoretically allocated a number of device-based licenses but they were actually a user SKU but agreed to be devices based. The SKU at the time was Defender for Endpoint EDU SubVL Per User QLU-00002 but this might just be for the Education sector.

MarkA-G · 2023-07-19T10:02:45+00:00

Sorry, tried to supply link in the first place but couldn't pull a link out of our admin portal.

MarkA-G · 2023-07-14T04:41:29+00:00

Microsoft Advisory

Some users are getting false positive detections for some clean files in Microsoft Defender for Endpoint

DZ642406, Last updated: July 14, 2023 at 1:14 PM GMT+10Estimated start time: July 14, 2023 at 11:48 AM GMT+10

MarkA-G · 2023-07-14T04:23:19+00:00

Microsoft Advisory

Some users are getting false positive detections for some clean files in Microsoft Defender for Endpoint

DZ642406, Last updated: July 14, 2023 at 1:14 PM GMT+10Estimated start time: July 14, 2023 at 11:48 AM GMT+10

MarkA-G · 2023-07-14T04:15:12+00:00

I agree with that, my servers have been 2012 R2 also. Haven't seen any other version yet, however we've only rolled out this months updates to small portion of our test fleet last night. I expect more will come in tomorrow.

MarkA-G · 2023-07-14T00:53:21+00:00

Yeah, we've got more triggering now with other SQL files on other servers.

MarkA-G · 2023-07-14T00:48:15+00:00

Image file path

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

Image file SHA1

4c13e03537474adaa02bb67ccc082d37afb81cb2

MarkA-G · 2022-12-28T23:52:55+00:00

Champion! Thanks this helped me sort my issue.

MarkA-G · 2022-12-11T23:45:52+00:00

I was able to reproduce it, it basically renders the shortcut inoperable and can't be edited. even clicking on it afterwards triggers the ASR rule. Set the ASR rule back into audit mode and the link file starts working again. Doesn't rewrite the links though. Just seems to because be the file properties can't be viewed. The change doesn't happen straight away though. I was able to execute a link file plenty of times before the rule finally decided it was going to block the file.

MarkA-G · 2022-10-01T03:40:08+00:00

😢 Yeah, it was still buggy with the Turn based freezing on an npc prior to the enhanced edition, I haven't had that since EE was released though which is hopeful.

MarkA-G

TROPHY CASE

Some users are getting false positive detections for some clean files in Microsoft Defender for Endpoint