cancel
Showing results for 
Search instead for 
Did you mean: 

Processors

seajayshome
Adept II

BSOD on boot when AMD fTPM is enabled in BIOS

If I disable TPM in the BIOS, my PC boots perfectly normally, using GPT and UEFI. If I enable AMD fTPM however it immediately goes to BSOD shown below when booting Windows 10 Pro (Version 10.0.18363 Build 18363)

I tried wiping the TPM settings in BIOS, but this has made no difference.

I've updated AMD chipset drivers to latest here for my motherboard (Gigabyte Aorus Pro B450 1.0) 
https://www.amd.com/en/support/chipsets/amd-socket-am4/b450 

AMD Ryzen 5 2600 Processor.

Recovery
There was a problem with a device connected to your PC
An unexpected I/O error has occurred.
File: \windows\system32\winload.efi
Error code: 0xc00000e9

errorbluescreen.jpg

1 Solution

Only perm fix is to stop using any Gigabyte program that interact with Motherboard Bios, Like Gigabyte RGB Fusion, or App Center, CIV and EasyTune
And try to convince Gigabyte to fix the problem

View solution in original post

43 Replies

This Tech site gives some good troubleshooting tips to fix Winload.efi BSOD errors: FIX: Steps to Fix Winload.EFI Error - Appuals.com 

Just don't download their "Recommended" software which is a scam. But the tips are valid.

From above link:,

Method 1: Disable Secure Boot

If you have a UEFI based computer instead of the old traditional BIOS, then the issue can be caused by a certain setting in UEFI called Secure Boot. It can stop your system from accessing the winload.efi file causing this error to appear. Windows 8 and later versions have this feature enabled by default.

Method 2: Repair Boot Record

To repair boot record, we will repair the files required by Windows to boot, which includes the file winload.efi.

Windows 8/8.1/10

To start W8/8.01 and 10 in Repair Mode, see steps here.

In the advanced option click Command Prompt.

Once the command prompt’s black window appears, type the following commands and press Enter after each line.

bootrec /fixbootbootrec /scanosbootrec /fixmbrbootrec /rebuildbcd

After the commands have executed successfully, restart your system and check if the issue’s still there.

Method 3: Using the BCDBoot Utility

Use the above given method to reach the Command prompt from start-up repair, once in command prompt, proceed with the steps below.

  1. type diskpart and press Enter.
  2. Type list volume and press Enter.
  3. Under the label row, find the label System Reserved and note its corresponding Volume number.
  4. Now type select Volume=N and press Enter, where N is the Volume number you noted earlier.
  5. Now type assign letter=w and press Enter.
  6. Type exit and press Enter.
  7. Type bcdboot c:\Windows /s w: /f uefi and press Enter.

Now restart your system and check. If the issue is still not resolved, proceed to Method 4.

Method 4: Disabling Anti Malware Protection

  1. Power on your system, then forcefully shut it down when you see the Windows logo. Repeat the process a few times until you get the Recovery screen.
  2. Click See advanced repair options.
  3. Then click on Troubleshoot > Advanced Options.
  4. Click Startup settings in Advanced Options.
  5. In the startup settings screen, click on Restart.
  6. Startup Settings menu will appear after restart.
  7. Now press 8 on your keyboard. Your windows will launch with anti-malware disabled only for this session.

From Microsoft concerning your BSOD Error 0XE9:

Bug Check 0xE9: ACTIVE_EX_WORKER_THREAD_TERMINATION

The ACTIVE_EX_WORKER_THREAD_TERMINATION bug check has a value of 0x000000E9. This indicates that an active executive worker thread is being terminated.

0 Likes

Thanks for that - yes I'd tried all those already when I was panicking thinking I'd broken my PC. 

Unfortunately none of them fixed the issue - I was on the verge of thinking I'd need to reinstall Windows, when I decided I would reset BIOS to defaults - when I did that I could boot up normally.

By a process of elimination in switching on things in the BIOS, I then tracked it down to be enabling AMD fTPM - that then causes it to BSOD immediately on boot.  Switch it off and it works perfectly.

Unfortunately none of the above things helped with that.

I suggest you open a AMD Service Request (Official AMD SUPPORT) and asked them why that specifiy UEFI Settings is causing your computer to BSOD from here: https://www.amd.com/en/support/contact-email-form 

Also Gigabyte Support which created the UEFI/BIOS for your motherboard. Possibly a defective Motherboard or corrupted UEFI installed.

Found this thread at a tech site concerning fTPM: cpu - AMD fTPM - What does this firmware option do? - Super User

"fTPM" is a type of TPM that's implemented in system firmware instead of using a dedicated chip.

The TPM is a tamper-resistant "secure element" used to hold cryptographic keys (including smartcard certificates and BitLocker credentials). BitLocker mainly uses it for the system disk, since the TPM can provide passwordless unlocking while still resisting external attacks (i.e. it seals the encryption key with the current system state). Without a TPM, you would have to unlock the system disk using a password, a recovery key, or a USB stick on every reboot.

This doesn't apply so much to data disks, since Windows is already fully running once they're accessed, it can provide automatic unlocking without a TPM by simply storing the data disk's password in your Windows account. (And obviously it doesn't affect unlocking with a password.)


The most likely reasons you need to disable the (f)TPM before upgrading firmware are:

  1. System firmware is part of the aforementioned "current system state". If you upgrade it, anything that was previously sealed against it would be unusable; e.g. if you used BitLocker with a TPM, you would need to use the recovery key. Some manufacturers insist that the TPM be manually disabled to serve as a reminder to the user that they'll need other means of unlocking the system disk.

  2. It's relatively common practice to force all secrets to be erased before a firmware upgrade can happen, also called "insider attack resistance". Because the fTPM is part of system firmware, upgrading it can become a security risk – if the new firmware is buggy or backdoored, it may bypass the protections that were supposed to be provided; e.g. it might conveniently "forget" to check system state before releasing the keys. I don't know if "disabling" fTPM erases its contents, but if it does, it would be a very likely explanation.

By the way, Really good troubleshooting in finding the one UEFI Settings being the cause of your BSODs!!

galan
Adept I

Bro, I got the same order problem right now. I haven’t found any solution to enable ftpm and boot windows. If you have found any, answer me please. Thanks. 

No so far no solution.   Don't want to have to completely reinstall windows.  Waiting at the moment for the Win10 2004 update to land (at the moment it's not available for my PC), just in case once that installs it makes any difference.

Just for reference I also raised a support call with AMD - they responded with this:

This seems like bug with AGESA patch, I will make a note of this and bring to eng team attention for further investigation.

Please wait for future BIOS updates and check the status.

galan
Adept I

I solved it, reinstall or update your bios. Get an usb drive and install the latest bios version for your motherboard. If you already have installed, simply reinstall it. It worked for me. Hope for you too.

Oh Wow!  This worked - thanks!  I already had the latest motherboard BIOS version installed, and I had previously tried using the "Reset BIOS to defaults" to clear it, but that didn't work.

However - as you said, reinstalling the BIOS firmware (even though it was exactly the same version!) has fixed it - now able to enable fTPM in BIOS, and booting straight into windows with no BSOD and can confirm fTPM is working in windows as well!  Thanks!

0 Likes

AArrghh!!!  Well I thought it worked (indeed it did work) - but only for one boot.  After restarting my PC, somehow it had disabled fTPM again, and when I restarted it, back to the BSOD above...   Had to disable it again to get it to boot up.  Obviously something with the BIOS is not right... will have to wait for a revised BIOS version I think.

I have the same problem, raised a ticket with AMD, and have had several replies, all the usual "fixes", none of which work.

I have a clean installation Of Windows 10 on a brand new NVMe 1TB drive,  I have an AB350-Gaming3 motherboard with a Ryzen 5 CPU, BIOS version  F51b. If I enable fTPM and reboot it crashes, File \  windows\system32\winload.efi Error code 0xc00000e9. Tried all the recommended procedures, but it still will not activate the fTPM. It shows AMD PSP 3.0 in the Device Manager.

All the drivers are updated. The machine runs very well, I can play Microsoft Flight Simulator on a 49" monitor with the graphics set on Ultra with no issues. 

So the way thing are, I won't be able to upgrade to Windows 11 when it comes out!

This is their latest reply: 

Response and Service Request History:

Thank you for the response.

Since you have updated the latest chipset driver and after enabling the FTPM in bios still you are experiencing BSOD error.

I would like to inform you that System stability issues such as BSODs and WHEA hardware error events can be caused by the following:

· Outdated or incorrect BIOS configuration

· Incorrect memory configuration

· Unstable CPU / RAM overclocking

· Outdated Windows and motherboard chipset drivers

· 3rd party software conflicts

· Faulty CPU / RAM / motherboard / PSU / power connections

Provided here are some troubleshooting suggestions to help isolate the root cause(s) and resolve the problem. Make sure to check the system for stability after completing each step below:

1. Update the system BIOS to latest version available from motherboard manufacturer (refer to motherboard user manual for instructions on updating the BIOS).

2. Set the BIOS to use factory default settings / optimized default settings (refer to motherboard user manual for instructions on restoring BIOS default settings).

3. In the BIOS, locate the Power Supply Idle Control option and set it to Typical (this option should be available in the Advanced section of the BIOS).

4. Update Windows to the latest version and build via Windows Update. For instructions, refer to article.

5. Update to latest chipset driver from AMD. For instructions, refer to article.

6. In Windows Control Panel, select Power Options and choose the Balanced (recommended) power plan. In Windows Settings, select Power & sleep and set the Performance and Energy slider to the middle.

7. Disable non-Microsoft services and startup items using the System Configuration Tool. For instructions, refer to article.

8. Reseat CPU, RAM, and all PSU power connections (end-to-end for modular PSUs). For more instructions, refer the product’s user manual.

a. Verify RAM sticks are installed in the correct DIMM slots (for socket AM4 motherboards with 4 DIMM slots, use A2 & B2).

Please let us know the result after performing the suggested troubleshooting steps.

Thank you for contacting AMD.

In order to update this service request, please respond without deleting or modifying the service request reference number in the email subject or in the email correspondence below.

NOT VERY HELPFUL! 

 

0 Likes
galan
Adept I

Thought it worked as well, my bad i only booted once. I will be searching another solution while waiting a new bios version. Thanks.

0 Likes

Reflashed again, and again it seems to have worked.  Did a shutdown/power off and also a restart.  Seems to be working again at the moment - showing in windows as there.

One thing I did try to do last time was switch on memory integrity under core isolation - it failed saying my device was not compatible, and I wonder if during its attempt at switching on it is breaking something in TPM...?

Haven't tried switching that on this time and at the moment TPM is still working... will give it a day or so and see if it stays enabled.

2020-07-08 20_00_30-Window.png

0 Likes

FIne, I will wait as well.

0 Likes

Unfortunately it did not stay working.
A change to my Windows Hello PIN killed it again - seems to be when TPM is written to it dies?

0 Likes
gingerdude
Journeyman III

I'm also having the same problem.  Bitlocker enabled using AMD fTPM on the 2700x and B450 Aorus Pro Wifi board.

It works fine for awhile...

Then one day I will boot it and it will ask for my recovery key.  Upon entering it will come to this same BSOD.  The only way to actually boot is to turn off the fTPM in BIOS.  Then I have to type in my recovery key each time I boot, but at least I can use the computer. 

Turning fTPM back on results in the same BSOD.  Only resolution is to completely erase CMOS by shorting the pins on my board and setting up from scratch, even a restore of BIOS settings breaks it again.  Then it works fine again for awhile only to have this issue at some point later. 

Tempted to just enable Bitlocker password unlock in the registry so at least I can login with something I can remember rather than chasing down my recovery key every time.

I'm on the latest BIOS version for my board which was released pretty recently.  Seems to be some kind of underlying issue.

Yeah - I went up to most recent BIOS for mine and tried again.  As you say everything works fine for a while, however I noticed it was killed when I tried to change my "Windows Hello" PIN.  This would have attempted a write to the protected TPM storage I think, so perhaps it whenever anything attempts to write to it...?  (So unusable therefore!)

0 Likes
erich_et
Adept I

This is caused by a corrupted BIOS, you can flash the bios again which will fix the problem.
This is also happening to me, apparently it has to do with RGB Fusion being used in conjunction with fTPM on a Gigabyte motherboard with Chipset 400.
However, if you do not stop using either fTPM, or RGB Fusion, this problem will recur.
I tried to contact support, however they showed no interest in trying to correct the error.
Some recommendations to avoid errors when flashing the BIOS.
Disable fTPM before the flash.
And the first boot after the flash will finish the bios update process, so wait for the reboot to enter the BIOS.

craxton
Adept II

i had the same problem. if i recall, i uninstalled the driver in side device manager for tpm. currently trying to find out if ryzen 5 5600x even has tpm period as its turned on in bios but not actually doing anything... you can try turning off secure boot and then leave tpm on. if that works then you need to manually enter the keys yourself. takes a while to find the right ones but when you do itll boot with tpm and secure boot. 

0 Likes

Try to Flash the bios with fTPM turned off

0 Likes
hariraong
Journeyman III

This kind of BSOD sometimes occurs when windows is unable to detect the bit locker keys during boot. I think before enabling fTPM, you need to fully decrypt all drives, reboot and then enable fTPM and encrypt drives. 

0 Likes

Thanks, but none of my drives are encrypted - bitlocker isn't active - so that's not the problem.  I haven't tried erich_et's suggestion regarding RGB Fusion yet though - although I would hate to have to switch off my pretty lights!

0 Likes

What fixed it for me was reflashing the bios. Give that a shot!

0 Likes

Thanks BIOS has been reflashed so many times. I reflash the latest version every time they release one in the hope it will be fixed. Not so far...

No, i mean try to flash a different bios, then reflash the other while TPM is on for the first one, then turn it off for the flash on the bios your "actually" aiming to use. 

 

do turn off Secure boot as well. 

and make 100% sure your boot order is the same when you get TPM turned on. 

god dang fellas, i wished i could remember 100% what it was i did to fix my issue. 

had no idea there was "actually" others with this problem going around. 

but its 100% a bio issue causing it, then once its trying to "get" into windows 

something inside windows prevents it from booting. 

 

ok, try this, 

1- restore default TPM and secure boot settings, (turn secure boot BACK ON) as im sure if one is 

running TPM they're probably using secure boot as well?
turn OFF TPM after,

2-do not exist without saving. save then exit or exit while saving either or make sure to save the changes

3-boot to windows, go to "device manager" and show/unhide hidden devices, 

find the one that says security devices, and trusted platform module 2.0 (uninstall it!)

4- reboot, and FLASH the bios, and BEFORE YOU ALLOW POSTING turn TPM back ON

 

!i am NOT responsible if you try what im suggesting! this is what i did after remembering me posting here

that day stating TPM made me BSOD or no post or get the "loading ring constantly"

but this should remove TPM in theory from your windows install, and turning it back on in bios,

will have windows re-initialize it once your booted.

just do NOT remove it while your TPM is actually working as thats probably not going to go well for you!

Screenshot (58).png

0 Likes
rakion99
Adept I

july 2021 and still this haven't been fixed and time is running out as windows 11 need it, there many users now enabling AMD fTPM and getting this issue after days or a few restarts/shutdowns so please AMD fix this before windows 11 is out

i have Aorus b450 Pro Wifi and this happen too after a day!, there no perm fix only reflashing bios and issue come again after a little time

Only perm fix is to stop using any Gigabyte program that interact with Motherboard Bios, Like Gigabyte RGB Fusion, or App Center, CIV and EasyTune
And try to convince Gigabyte to fix the problem

is not only with gigabyte LOL, is happening in lots of others brands if you google it you will find even more,

Yeah - I'd contacted AMD support again to ask if there was any update on this, after I'd logged it the first time. Got a rather snippy reply to say they couldn't give timescales as to when it would be fixed and basically not to keep logging calls about it... of course other people can still log calls!

"Only perm fix is to stop using any Gigabyte program that interact with Motherboard Bios, Like Gigabyte RGB Fusion, or App Center, CIV and EasyTune
And try to convince Gigabyte to fix the problem"

 

This has worked for me so far, before when I flashed the BIOS I would get 1 boot where windows could load and TPM was enabled, then blue screens after every reboot. After uninstalling Gigabyte software then flashing BIOS I'm able to restart no problem with TPM enabled.

0 Likes


@erich_et wrote:

Only perm fix is to stop using any Gigabyte program that interact with Motherboard Bios, Like Gigabyte RGB Fusion, or App Center, CIV and EasyTune
And try to convince Gigabyte to fix the problem


So I removed all the Gigabyte software, and uninstalled the app launcher - then reflashed the BIOS again. 

TPM enabled and so far we are on day three and all seems to still be working.

I think you may have something with the Gigabyte software...!  here's hoping it carries on working!

So now ten days after removing all the Gigabyte software and then re-flashing and re-enabling fTPM in AMD BIOS.  Everything still working perfectly with TPM enabled. 

Definitely seems to be some type of clash therefore with one or more of the gigabyte apps, or their underlying libraries.  You can uninstall by going to add/remove programs and searching for the gigabyte app centre - uninstalling it should also ask you if you want to uninstall all the other apps as well.

 

seajayshome_0-1629381865299.png

seajayshome_1-1629381875825.png

 

 

0 Likes

1700x with AX370-Gaming K7

Can confirm the BSOD is fTPM related.

It did this was triggered twice... once during install and then again when it hibernated.

Upon flashing the bios i was able to re-enable fTPM. I was very afraid this was linked to the Zen1 not being officially supported.

Thank you so much for this thread!!!!

0 Likes

Anyone still having this issue?

Using an aorus b450 elite with a fresh win 10 install, and can't for the life of me figure out how to fix it.

No software installed at all yet

Seems to be a lot of issues related to fTPM in different ways but using AMD cleanup utility and reinstalling chipset/video drivers have seemed to fix my fTPM issues (so far) only got it fixed today but seems to be an issue with the PSP driver from what I can see since there was a huge security update to it recently. That's the driver that talks to the little arm co processor on the chip which also handles TPM. 

If you've definitely not got anything else installed yet, I'd make sure you have the latest BIOS from your motherboard manufacturer, and also the latest chipset drivers from AMD at https://www.amd.com/en/support/chipsets/amd-socket-am4/b450

0 Likes

I tried this, uninstalled all GigaByte programmes, but it made no difference. As soon as I enabled fTPM and restarted, back to the BSOD.

 

0 Likes

Once it has BSOD you also have to reflash the BIOS, so if it had already had BSOD, then you disabled fTPM and removed the gigabyte programmes, then simply re-enabled fTPM, it won't work - you still need to reflash the BIOS as well after removing the gigabyte stuff.  Sorry if that doesn't work though!

0 Likes

My son had this issue with his B450 also. We solved it by switching off CSM support (which provides backwards compat legacy BIOS support) and enabling fTPM. No more BSODs and he was able to install Win11. LMK if this fix works for you too. 

0 Likes
ModalTex
Journeyman III

FYI - here's my experience Gigabyte X470 AORUS GAMING 5 WIFI (rev. 1.0) motherboard with Windows 10 20H2 (fully updated). Been working fine for about a month (no BSODs) *with* the Gigabyte App center and SIV installed but they do not run by default on startup.

====

I executed with the newest BIOS F62d (13Oct2021), which makes fTPM default.

I run App Centre B20.0723.1 (23Jul2020) but do not let it start at startup. I run SIV (B20.0701.1 01Jul2020 - latest as per my motherboard but not latest SIV app which is B21.0824.1 24Aug2021). I do not run RGB Fusion but notably was updated 04Oct2021 (version B21.1001.1). I do not use @BIOS (instead use Q-Flash) and uninstalled the unused version 4.21.0208.1 (09Apr2021) prior to updating BIOS.

I do not have bitlocker turned on and prior to fTPM windows 10 “TPM Administration” reports “compatible TPM cannot be found”. 

To access “Manage bitlocker” goto settings and type “bitlocker”. Once “Manage bitlocker” is launched, you can click “TPM Administration” in the bottom left hand corner under “See also”.

I installed the latest chipset driver recommended for my Gigabyte motherboard: version 3.08.06.148 13Oct2021 (*full package of installed chipset drivers below). My Motherboard chipset is AMD X470 (AM4 Socket) The latest driver is actually 3.10.08.506 21Oct2021 directly via AMD: https://www.amd.com/en/support/chipsets/amd-socket-am4/x470 (chipset install how-to: https://www.amd.com/en/support/kb/faq/chipset-install) . The previous version of this driver listed at the site is 3.09.01.140 13Sep2021 so I decided to go with the chipset version recommended by Gigabyte rather than go directly to the newest version. Interestingly, the driver install didn’t like my shutdown, power off, start process and kept nagging me until I actually clicked “reboot”. 


Chipset version 3.08.06.148 installs:

Name             : AMD Ryzen Power Plan

Version          : 6.0.0.9

 

Name             : AMD PCI Device Driver

Version          : 1.0.0.83

 

Name             : AMD GPIO Driver

Version          : 2.2.0.130

 

Name             : AMD GPIO Driver (for Promontory)

Version          : 2.0.1.0

 

Name             : AMD PSP Driver

Version          : 5.17.0.0

 

Name             : AMD SMBus Driver

Version          : 5.12.0.38

 

I then updated the BIOS via Q-Flash (click “Del” key upon rebooting to access BIOS menu and then Q-Flash). After updating it reboots and I click “Del” again and setup my BIOS settings. In BIOS version F62d I confirmed fTPM is ENABLED by default. I then setup all my other BIOS customizations as usual. Then saved the BIOS settings and it rebooted twice after that before going into Windows 10. Then I always do a “hard boot”; shutdown the machine, disconnect power, wait 30 seconds and then boot again. Just to be sure nothing is funny in RAM.

After this BIOS update, the machine takes notably longer to show the login prompt; probably an additional 1 minute which is a lot since I’m used to fast boots due to having an SSD.

I always run the AMD App Center and SIV after booting to load my fan profile and temperature alerts, which get wiped after BIOS updates. It ran fine but was missing about half the temperature alert options. So I ran the SIV update to B21.0824.1 via the App Center. At which point App Center starts downloading every single Gigabyte App which I cancel all except SIV. Then I notice a “TPM 2.0 hotfix” download. Not sure what that is about! Internet search on a Gigabyte TPM 2.0 hotfix yielded nothing… Ultimately the download failed via the App Center so I enabled the temperature alerts for the missing sensors via the BIOS.

Windows 10 now shows a TPM in “TPM Administration” and in the “Device Security” screens. 

On doing the Windows 11 health check was successful BUT, only after creating a temporary admin account to run it from (since I have work accounts associated to my primary login that causes health check to fail) AND disabling any custom group policy edits for *windows update* (which I had to reboot before the health check app recognized the group policy CHANGES). Alternatively can use "WhyNotWin11" app to check compatibility (I did not use though):
https://www.tomsguide.com/how-to/how-to-check-windows-11-compatibility-if-pc-health-check-doesnt-wor...

0 Likes