cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 1 of 8

ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

In our test environment of systems we've discovered that on systems that have been freshly installed or upgraded to Windows 10 1903 that either had ENS 10.6.1+May (version supporting upgrades if already installed) during upgrade or ENS 10.6.1+July installed on a fresh Windows 10 1903 system would prevent AMD video drivers from loading.  This would result in a default Windows driver being used with a notification on the device in the Device Manager that the device wasn't working because the driver could not load.  We also noticed the AMD Radeon Settings application would no longer load too.

  • Windows 10 1903 64bit (upgrade from 1809 or fresh install of 1903)
  • Dell OptiPlex 3040
  • AMD Radeon R5 340X
  • Intel HD Graphics 530
  • ENS 10.6.1+May and 10.6.1+July
    • Platform
    • Threat Prevention
    • Firewall
    • ATP
  • AMD Drivers
    • Windows in-box & WSUS (18.x)
    • Dell's latest provided (17.7)
    • AMD's latest (19.7.1)

Scenario 1: Upgrade from 1809 to 1903

Systems already had 1809, AMD drivers working as expected, ENS 10.6.1+May installed.  Performing an upgrade to Windows 10 1903 after upgrade completes and reboots a dual monitor system will revert to 1 monitor and the device manager shows the video card is in a bad state because it can't load the driver.

Scenario 2: Fresh 1903 install

System is freshly installed with Windows 10 1903 and the video card loads the in-box Windows AMD driver (18.x release) and works as expected.  Installing ENS 10.6.1+July goes as expected but once the system is rebooted the 2nd monitor is lost and the device manager shows the video card is in a bad state because it can't load the driver.

Attempted Workarounds

We did several driver cleanups using both the Device Manager and the AMD driver installation tool to completely remove all traces of previous drivers.  We installed the Dell official driver (AMD version 17.7), the in-box AMD driver, the Windows WSUS AMD driver, and the latest AMD official 19.7.1 driver.  All of these install as expected but they never load.  The devices gets the correct name in the Device Manager but never loads the drivers on reboot.

We made a variety of BIOS changes like disabling the built in Intel GPU, altered device load orders, etc.  None of those worked.

We disabled all of the ENS functionality via ePO shutting down Threat Prevention, ATP, & Firewall but the system continued to have the same issues.  We tried several reboot tests and driver cleanup and install tests and none worked.

Solution

The only solution we finally found was to remove ENS completely from a system.  Once ENS was removed and the system rebooted the drivers would load.  We didn't have to reinstall them if they were previously installed, whatever was last there would load and begin working.

1 Solution

Accepted Solutions
McAfee Employee TSEDmenten
McAfee Employee
Report Inappropriate Content
Message 8 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

Hi All,

I've been working with the same issue, and the AMD Drivers released the last September 12th in the official site solved the issue.

Driver Package Version: 19.9.2

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Darío
Tech Support Engineer

7 Replies
Reliable Contributor SWISS
Reliable Contributor
Report Inappropriate Content
Message 2 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

@brentil 

 

Thank for the post this information is highly interesting for people who do MCAFEE and DEPLOYMENT 😉

Just finished a Dell MDT 2013 Deployment W10 Project with 1809 and did other larger W10 migrations with Enteo/Frontrange. Had to integrate over 10 dell laptops Modells for this customers.

 

What we had was a mix of DELL PNP, WSUS-Drivers, Windows Update (DUAL SCAN) and our Silent SETUP installation of AMD and Nvidia. The clients had full WAN Access for setup and this was new (We normaly have McAfee Webgateway).

In the middle of the Project we moved ENS 10.6.1 install itself AFTER our Silent setup.exe of GFX drivers. I don't think the ENS 10.6.1 touched or disturbed the GFX Driver Deployment but when you look at the 400-600MB Driver files from Nvidia or AMD it could...

In this cutomer case it was just a mix AND large timing Problem where the Client got the PNP and the full driver. We also had large Problem gettings the RIGHT CLick contex menus for NVIDIA and AMD right with a lot of expiernce with HP Modell.

 

Main soltuion was to BLOCK Driver OPTION in WSUS-Option (No driver from WSUS) and really complicated scripts with DEVCON.exe tool to check (Wehn we come with our silent installer) if there is already something there from PNP or Windows UIpdate (DUAL SCAN).

 

Make SURE you don't block OSCP Certificate Revocation on the FIREWALL. McAfee MAY Trigger the CERTIFICATE Request on drivers. If there is no McAfee and the cache is valid this may happen after the Deployment and you will never notice.

 

Hopes this help a Little bit.

Greetings from Switzerland

Cert revocation and W10 Problems: LINK

 

 

 

 

 

 

Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 3 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

We allow TCP outbound on all ports which would allow for OCSP validation via the McAfee firewall.  

These exact same drivers work on Windows 1803 & 1809 with all versions of ENS currently available.  For us that's a pool of DELL PNP, WSUS-Drivers, Windows Update (DUAL SCAN) and manually installing the latest AMD drivers.  Those same drivers also work on Windows 1903 if ENS is not installed.  As soon as ENS is introduced to a Windows 10 1903 system with any of these drivers already installed they're prevented from loading during system boot.

Reliable Contributor SWISS
Reliable Contributor
Report Inappropriate Content
Message 4 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

Hello,

 

On Fortigate in the Application or IPS Filters there was a RULE and (Target IP range collection).

With the protocoll it's clear if you have all open. But with application filters Fortigate once was Missing certain entry in that large list.

The Firewall people regulary used that.

There where thousand of officials CERT REVOCATION URLs' in there but some MAJOR Driver URL like Infineon, Intel or Nvidia where Missing there. A PNP river Integration from w WIM setup in Enteo once failed largely and random because of that. 

A Client which is isolated in a seperate VLAN (Like a Lab machine) or as example an Exchange DAG behind Hardware Load Balancer STILL Need to reach those IP-ranges. Even if the complete WAN is blocked for that endpoint.

Otherwise you will see the DELAY (Random) when you start an executable. Often this is triggered by McAfee which touched the EXE or DLL and the the Cert revocation process starts and people think it's McAfee.

This can ALSO happen as early during BOOT phases or even in WIM Setup Mode.

Which part of ENS Exploit IPS rule do you think triggers that? I am not sure if the EXPLOIT IPS rules even pull during boot phase. Theres is that one tool from Microsoft which you can use to track down delay EVEN over reboots (For driver developers mainly). Maybe you see more with that?

 

Reliable Contributor SWISS
Reliable Contributor
Report Inappropriate Content
Message 5 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

Ah see in the original Post you already mentioned ENS 10.6.1 JULY that would have been my last recommandatrion to test. What about the JULY 07/2019 service Stack Updates?

 

The WIm you have is it like in Fronrange where you have a VALIDATED WIM and don't slipstreame Updates or is it like with MDT 2013 where you can Slipstream Updates into the WIM (Just some two approaches).

Did you try Drivers from the a) PRODUCER DELL and the ones from like b) INTEL and NVIDIA?

I think with DELL most of them are the same not like JP right?

 

 

Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 6 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

We've tried all of the latest Windows 10 1903 updates as well.  This still happens either way.

This also happens with fresh installs from Windows 10 1903 ISO, WIM images, systems that were 1809 and upgraded to 1903 via SCCM or WSUS.  I've built and destroyed dozens of systems trying to find some sort of work around and the only one I've found so far is uninstalling ENS.

Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 7 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

I've built several more test systems and it appears the issue is coming from the DoD DISA STIGs configuration.  A system not in our domain or in an OU of the domain that does not apply the GPOs for STIG security configuration works as expected.  Once I move it into an OU with the STIG configuration the issue begins.  Systems running Windows 10 1709/1803/1809 do not have issues with this configuration only the 1903 build does.  I'm going to try to find what specific setting is causing this issue but this could be pretty nasty since the DoD has standardized on their HBSS suite with McAfee products for all of their systems and require their STIGs be used.

McAfee Employee TSEDmenten
McAfee Employee
Report Inappropriate Content
Message 8 of 8

Re: ENS + Windows 1903 + AMD = Blocked video drivers

Jump to solution

Hi All,

I've been working with the same issue, and the AMD Drivers released the last September 12th in the official site solved the issue.

Driver Package Version: 19.9.2

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Darío
Tech Support Engineer

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community