Skip to main content

Disabling TPM

What is TPM?

TPM (Trusted Platform Module) is a security chip that provides hardware-based, security-related functions. It's a core component of Windows 11's security features, but sometimes needs to be disabled for certain software to function properly.

Methods to Disable TPM

Method 1: BIOS Settings

  1. Enter BIOS/UEFI Settings:

    • Restart your computer
    • Press the BIOS key during startup (usually F2, Del, F12)

  2. Locate TPM Settings:

    • Look under "Security," "Advanced," or "Trusted Computing"
    • Find "TPM Device," "Security Device," or "TPM Security"
    • Set to "Disabled" or "Off"

  3. Save and Exit:

    • Save changes (usually F10)
    • Allow system to restart

Method 2: Removing TPM.sys (Advanced)

Backup Warning

This method involves modifying system files. Create a backup before proceeding.

  1. Backup TPM.sys:

    copy C:\Windows\System32\drivers\tpm.sys C:\tpm_backup.sys

  2. Take Ownership:

    takeown /f C:\Windows\System32\drivers\tpm.sys
    icacls C:\Windows\System32\drivers\tpm.sys /grant administrators:F

  3. Delete or Rename:

    ren C:\Windows\System32\drivers\tpm.sys tpm.sys.old

    or

    del C:\Windows\System32\drivers\tpm.sys

Method 3: Services Disable (Permanent)

  1. Open Command Prompt as Administrator

  2. Disable TPM Services:

    sc stop tpm
    sc config tpm start= disabled

    sc stop TPMConnect
    sc config TPMConnect start= disabled

    sc stop MsSecFlt
    sc config MsSecFlt start= disabled

  3. Disable Additional Related Services:

    sc stop SharedAccess
    sc config SharedAccess start= disabled

    sc stop TBS
    sc config TBS start= disabled

Method 4: Registry Modifications

  1. Open Registry Editor:

    • Press Windows + R
    • Type regedit and press Enter

  2. Navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPM

  3. Modify Values:

    • Find "Start" value
    • Change to "4" (Disabled)

  4. Additional Registry Keys:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TBS
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPMConnect
    • Set "Start" to "4" for each

Group Policy Method

  1. Open Group Policy Editor:

    • Press Windows + R
    • Type gpedit.msc

  2. Navigate to:

    • Computer Configuration > Administrative Templates > System > Trusted Platform Module Services

  3. Disable TPM:

    • Find "Turn off TPM"
    • Set to "Enabled" (yes, "Enabled" turns off TPM)

Verifying TPM Status

Command Line Check

tpm.msc

or

Get-Tpm

System Information

  1. Press Windows + R
  2. Type msinfo32
  3. Look for "TPM Status"

Restoring TPM

If you need to restore TPM functionality:

  1. If you renamed tpm.sys:

    ren C:\Windows\System32\drivers\tpm.sys.old tpm.sys

  2. If you backed up tpm.sys:

    copy C:\tpm_backup.sys C:\Windows\System32\drivers\tpm.sys

  3. Re-enable Services:

    sc config tpm start= auto
    sc config TPMConnect start= auto
    sc config TBS start= auto
Important Notes
  1. Some Windows features may not work with TPM disabled
  2. Create system restore point before making changes
  3. Keep backup of tpm.sys in safe location
  4. Document any changes made for future reference

Troubleshooting

Common Issues

  1. Services Keep Re-enabling:

    • Use both registry and service methods
    • Check for Windows updates resetting settings
    • Consider using Group Policy method

  2. Windows Security Warnings:

    • These are normal when TPM is disabled
    • Can be ignored if TPM disable is intended

  3. Boot Issues:

    • Boot in safe mode if problems occur
    • Restore from backup if necessary
    • Use system restore point

For additional support, contact our support team or consult your system manufacturer's documentation.