This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
(SOLVED EXPLANATIONM BELOW)
I have the Problem that I did a fresh install of Windows 10 pro (twice) and enabled Secure Boot as well as fTPM (amd) to be Win 11 ready, but Windows still says that it doesn't recognize a tpm module. I installed the ryzen chipset drivers (because under Device Manager it said: "pci encryption/decryption controller") and under Security devices it only says: "AMD PSP 11.0".
Under System Information it says that Secure Boot State is : On
PCR7 Configuration: Binding Not Possible
Device Encryption Support: "Reasons for failed automatic device encryption: TPM is not usable, PCR7 binding is not supported, Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected, TPM is not usable."
I'm loosing my marbles trying to just install Win 11 ffs..........! Pleas help meeee
My PC:
Mainboard: NZXT N7 B550 (Newest BIOS Ver)
CPU: Ryzen 9 5900x
RAM: 32GB 3200Mhz
GPU: RTX 3090
OS: Windows 10 pro
EXPLANATION:
Okay so as I found no real answer I started to look into another Problem that I had, my USB devices were on even after I turned the PC off. Turns out that the same setting that fixed this also fixed my PCR7 binding Problem as well as the tpm problem. I had to go to ACPI Configuration settings and change the Deep Sleep settings to "S4 and S5 enabled".
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 44%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
We had the same problem, on multiple computers (all of the same model, all with Win 10 Pro). The bios was already up-to-date.
The fix turned out to be: Reset the bios to defaults. Then set all the bios settings again as they were before. This makes no sense but it worked thrice.
Answer accepted by question author
Hello @Tschat
Thank you for posting this concern on this community space.
I read your case scenario description and I would like to share those links down below:
https://www.makeuseof.com/windows-11-pcr7-binding-not-supported/
I hope that can be useful for you.
Looking forward to your feedback,
Cheers,
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hello,
Thank you, but sadly In my search for an answer I also already encountered both those links and they couldn't help me. Like I mentioned, Secure Boot is enabled (System Information confirms this) and I have turned AMD fTPM on, but Windows still tells me that PCR7 isn't binding and that there is no TPM module....
P.S.: You requested that I press "Accept answer" if it helped which is why I thought I had to do the opposite if the answer wasn't able to solve my problem yet. I hope this button isn't for giving negative feedback (the button to indicate that it wasn't solved) but rather just to inform that the solution sadly didn't work, because it wasn't my intention to give feedback with this feature nor to "dislike" the help.
It seems that I accidently found the answer to my problem and it was indeed connected to the Modern Standby support. While the second article mentioned Modern Standby Support, it didn't really provide a proper solution. However, I managed to fix it by researching another problem that I had (USB devices not turning off after shutting the pc down) and while I was trying to fix that, under ACPI Configuration, I found the Deep Sleep settings. These had to be changed to S4+S5 enabled and that also fixed my PCR7 and tpm problem.
Thank you !
Many thanks for your findings.
I also get educated with your response as well buddy: )
I really appreciate your effort and time on this.
Have a good one!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 7.000000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
I ran into this and found it frustrating. Sleep states were enabled, TPM was owned by the OS, drivers and firmware up to date, no thunderbolt docks or (pci external?) hardware.
What did it for me (conclusively, as I only changed one thing) was checking the BIOS with a fine toothed comb. I have an ASUS ROG motherboard, so this might help others. There were three DMA security states in one setting: Disabled, Enabled with OS (management?), and Enabled fully at boot. I'm not positive on the wording. My BIOS default has set it to the second option, sth like "Enabled with OS Management" but I flipped it to "Enabled Fully At Boot" and changed nothing else, and suddenly my DMA Protection PCR7 binding errors all went away and I've happily enabled bitlocker to auto unlock.
Hope this helps whoever needs to heard this, but do check your BIOS carefully for DMA settings and... turn those all the way on I guess? Surprised Enabled with OS Management was default, and from the sound of the setting, you'd think that would be enough, but evidently not.
