Table of Content
    Windows Data Recovery- Professional

    [Fixed] Trusted Platform Module (TPM) Has Malfunctioned Error


    Table of Content

      Summary: The Trusted Platform Module Has Malfunctioned error shows up with different stop codes for various reasons. You can fix the error by resetting the Microsoft 365 activation state, clearing TPM, and applying several other methods. Clearing TPM, however, may result in data loss in some instances. Download professional data recovery software to mitigate the risk of permanent data loss.

      Free Download Windows Free Download100% secure

      TPM is a physical or embedded security microcontroller placed inside a computer’s motherboard or processor. It helps prove users’ identity and authenticate their devices. However, multiple users have recently been facing issues while accessing or activating applications like Microsoft 365 and Outlook due to TPM malfunctioning. Read this guide to find out what causes this error and how to fix it.

      What is the Trusted Platform Module Malfunction Error?

      Trusted Platform Module Malfunction error may occur under different scenarios for multiple reasons. There could be different stop codes when you encounter this error, including

      • 80090016
      • 80090030
      • C0090016
      • 80090034

      Each stop code refers to some specific condition. For example, you may encounter stop code 80090016, with the Computer Trusted Platform Module Has malfunctioned error when

      • Trying to change the Microsoft 365 account password,
      • Trying to enable the BitLocker encryption, or
      • During the OneDrive synchronization with all Office 365 applications,

      Similarly, the error code 80090030 occurs when you try to connect your Outlook or 365 office accounts to the email server. C0090016 and 80090034 error codes usually occur when you try to sign in to the Office 365 app, Microsoft Teams, or other Office applications.

      What causes the Trusted Platform Module Malfunction Error?

      There could be many reasons behind the Computer Trusted Platform Module Has Malfunctioned error, such as outdated TPM drivers, corrupted NGC folder, issues with TPM keysets, corrupted Windows profile, and more. Let’ try some simple troubleshooting methods to fix the error.

      Simple Methods to Fix Trusted Platform Module Malfunction Errors

      The methods shared below are easy to follow. However, some of them may cause data loss. Hence, we’d advice you to back up your data first and then start with the troubleshooting.

      Method 1: Reset Microsoft 365 activation state

      Resetting the Microsoft 365 activation will allow you to re-activate the Office apps and resolve the computer trusted platform module has malfunctioned error. You can do so by following the steps given below:

      Install and run Microsoft Support and Recovery Assistant (SaRA) to reset the Microsoft 365 activation state.

      • Click ‘I agree’ on the Microsoft Support and Recovery Assistant window.
      click i agree on Microsoft SARA window
      • Select Yes to confirm it as the affected machine, and click Next.
      click Yes and Next when SARA asks if this is affected system
      • Then, select Office > Next.  After this, select Microsoft Teams or Outlook if the issue is with these products.
      select Office and click Next
      • Follow the on-screen prompts to complete the Microsoft 365 activation state reset process.
      choose your problem from the list in SARA and click Next
      • Finally, click Restart to finish the resetting process.
      click Restart after selecting all options

      Once done, reboot your system and see if the error persists.

      Method 2: Troubleshoot Microsoft Entra Hybrid Join

      You can resolve several potential issues by troubleshooting Microsoft Entra Hybrid Joint on your device running on Windows 10 or later and Windows Server 2016 or later versions. To do so, follow the given steps:

      • Go to Search, type cmd, and when you’ll see the Command Prompt in the result, select Run as administrator.
      Run CMD as administrator
      • Now, type dsregcmd /status command in the elevated window and hit Enter.
      +———————————————————————-+
      | Device State |
      +———————————————————————-+
      AzureAdJoined: YES
      EnterpriseJoined: NO
      DeviceId: 5820fbe9-60c8-43b0-bb11-44aee233e4e7
      Thumbprint: AA11BB22CC33DD44EE55FF66AA77BB88CC99DD00
      KeyContainerId: bae6a60b-1d2f-4d2a-a298-33385f6d05e9
      KeyProvider: Microsoft Platform Crypto Provider
      TpmProtected: YES
      KeySignTest: : MUST Run elevated to test.
      Idp: login.windows.net
      TenantId: aaaabbbb-0000-cccc-1111-dddd2222eeee
      TenantName: Contoso
      AuthCodeUrl: https://login.microsoftonline.com/msitsupp.microsoft.com/oauth2/authorize
      AccessTokenUrl: https://login.microsoftonline.com/msitsupp.microsoft.com/oauth2/token
      MdmUrl: https://enrollment.manage-beta.microsoft.com/EnrollmentServer/Discovery.svc
      MdmTouUrl: https://portal.manage-beta.microsoft.com/TermsOfUse.aspx
      dmComplianceUrl: https://portal.manage-beta.microsoft.com/?portalAction=Compliance
      SettingsUrl: eyJVc{lots of characters}JdfQ==
      JoinSrvVersion: 1.0
      JoinSrvUrl: https://enterpriseregistration.windows.net/EnrollmentServer/device/
      JoinSrvId: urn:ms-drs:enterpriseregistration.windows.net
      KeySrvVersion: 1.0
      KeySrvUrl: https://enterpriseregistration.windows.net/EnrollmentServer/key/
      KeySrvId: urn:ms-drs:enterpriseregistration.windows.net
      DomainJoined: YES
      DomainName: CONTOSO
      +———————————————————————-+
      | User State |
      +———————————————————————-+
      NgcSet: YES NgcKeyId: {aaaaaaaa-0b0b-1c1c-2d2d-333333333333} WorkplaceJoined: NO WamDefaultSet: YES
      WamDefaultAuthority: organizations
      WamDefaultId: https://login.microsoft.com
      WamDefaultGUID: {B16898C6-A148-4967-9171-64D755DA8520} (AzureAd)
      AzureAdPrt: YES

      If you encounter the EventID 220 in the User Device Registration event logs, you may refer to the guide to troubleshoot Microsoft Entra Hybrid joined devices.

      However, if you see the error code 0x801c001d after running the command, you’d need to configure the service connection point.

      Method 3: Remove Office Credentials

      When you try to sign in to Office and Windows accounts using different credentials, you may not be able to launch or access Outlook. Instead, you may end up receiving the ‘Your computer’s trusted platform module has malfunctioned’ error with stop code 80090016 (keyset doesn’t exist). To solve it, you can try cleaning the credential caches in Windows Credential Manager. It will clear all your Office accounts-related entry.

      • Go to Start and type Credential Manager. Click Open to access it.
      Open Credentials Manager
      • Now, select Windows credentials given under Manage your credentials.
      Select WIndows Credentials
      • If you see MicrosoftOffice16 in the list of items or programs with credentials, click the arrow next to it. Choose Remove, and then close the Credentials Manager.
      • Afterward, go to Settings and follow Accounts > Access work or school.
      • If your account is listed there to sign into office.com but is not the same account you used to sign into Windows, you need to select it and click Disconnect.
      • Once disconnected, reboot your device and try to activate Microsoft 365 again.

      Method 4: Enable Memory Integrity

      Memory Integrity, a native security feature, protects high-security processes from virus attacks. Enabling this can help you fix the Trusted Platform Module Malfunctioned error. To do so, follow the given steps:

      • Access Settings (Windows + I) and then follow Update & Security.
      • Next, go to Windows Security > Device Security.
      Select Device Security
      • Select Core Isolation details on the next prompt.
      select Core Isolation details
      • Turn on the Memory Integrity option and reboot your system.
      turn on memory integroty

      Method 5: Clear the Trusted Platform Module (TPM)

      Clearing TPM keys as a troubleshooting step or as a final step before you clean install Windows can help resolve multiple system issues with the Trusted Platform Module’s functionality. You can clear the keys from the TPM from Windows Settings using the following steps:

      Note: Clearing the TPM will reset it to an unknown state, which makes Windows automatically reinitialize it and take ownership again. As a result, you may encounter data loss. Hence, always take precautions before clearing the TPM.

      Steps to clear the TPM keys are as follows:

      • Go to Search, type Settings, and click Open when you see the result. You can also simply press the Windows + I keys to access Settings.
      • In Settings, go to Update & Security > Windows Security.
      • Then, select Device Security on the Windows Security page.
      • Select Security processor details under Security processor.
      select security processor details
      • Then, select Security processor troubleshooting.
      select security processor details
      • Choose Clear TPM on the following prompt.
      Choose Clear TPM
      • Finally, reboot your system. Check if the issue is resolved now.

      If you lose data after clearing the TPM, and no data backup is available, get professional data recovery software, such as Stellar Data Recovery Professional. The software recovers all types of data lost due to deletion, drive corruption, or formatting. Moreover, it can recover your files even from non-booting Windows systems.

      Method 6: Update TPM 2.0 Driver

      You can also try to update the TPM 2.0 driver to fix the Trusted Platform Module Malfunctioned errors. To do so, follow the steps given below:

      • Go to Start (Windows + X), and select Device Manager to open it.
      • There, expand Security devices category.
      • Right-click on Trusted Platform Module 2.0 and select Update driver.
      choose to update driver for TPM
      • Select Search automatically for drivers on the next prompt.
      search automatically for drivers
      • The Windows will start looking for the latest driver available.

      If you already have an updated driver installed, try uninstalling and reinstalling the driver. You can follow Device Manager > Security devices > Trusted Platform Module 2.0. Right-click on the driver and select Uninstall device > Uninstall > Yes to confirm your action.

      uninstall TPM driver

      Method 7: Re-Enable or Re-add the device in Microsoft Entra ID

      The Microsoft Entra ID, even if enabled already, might stop functioning properly and cause a Trusted Platform Module Malfunction issue. You can re-enable or re-add the device in the Microsoft Entra admin center, holding sufficient privileges by following the below steps:

      • Log into the Azure portal and then choose Microsoft Entra ID.
      • Next, go to Devices and examine the disabled devices list there. (You can just search the username or device name to find the device in the list.)
      • Once you find the device, choose Enable.

      If the device was deleted from the Microsoft Entra ID, you will need to re-register it manually. Refer to this guide to re-register the device.

      Method 8: Take Ownership of the NGC Folder and Delete it

      You can delete the NGC folder to solve the Trusted Platform Module Malfunctioned error. However, since it requires ownership to access and perform any action, you must follow the given steps to get the ownership and then delete it.

      • Open File Explorer, and then go to This PC.
      • Open C: drive and then go to Windows.
      Open C Drive and go to Windows
      • Next, go to ServiceProfiles.
      go to ServiceProfiles
      • Now, go to LocalService.
      go to localservice
      • Thereafter, select AppData, go to Local, and then go to Microsoft.
      • There, locate Ngc folder, right-click on it, and select Properties.
      locate NGC folder and open its properties
      • Now, click Advanced under the Security tab.
      • Click Change under Owner. Provide administrative privileges to proceed.
      on security tab click Change
      • Next, enter your local account username, and click Check names > OK.
      enter your local account and click check names then click OK
      • Now, select Replace owner on sub containers and objects > OK.
      • Right-click on the NGC folder, and select Delete to remove its content.
      delete NGC folder
      • Restart your system and check if the issue is resolved.

      Trusted Platform Module Has Malfunctioned Error Solved

      Although the computer-trusted platform module has malfunctioned, errors can be tricky to deal with. The problem may occur with any Windows system of any brand. However, HP and Dell systems are reportedly affected by this issue. Fortunately, you can fix the issue by following the methods discussed in this blog. Further, you can also fix the issue by enabling the Office Protection policy, and checking BrokerPlugin Process. If required, try creating a new Windows user account. All these methods can also help you solve the TPM malfunctioning error.

      Remember, clearing the TPM to resolve the issue will cause data loss. So, if you have no backup available, and you end up losing your crucial data, use professional data recovery software. The software can restore data from formatted, corrupted, encrypted, or even unbootable Windows PCs and laptops.


      Was this article helpful?

      No NO

      About The Author

      Mansi Verma linkdin

      Mansi is a seasoned tech enthusiast, holding over a decade of experience in writing blogs, articles, guides, press releases, and tips for different industries, including Data Recovery, IoT, Artificial Intelligence, and Robotics.

      Related Posts

      WHY STELLAR® IS GLOBAL LEADER

      Why Choose Stellar?

      • 0M+

        Customers

      • 0+

        Years of Excellence

      • 0+

        R&D Engineers

      • 0+

        Countries

      • 0+

        PARTNERS

      • 0+

        Awards Received