Hi,
I work as an operational risk consultant in banks/insurance industry.
I have my own old (2012) Sony Vaio laptop VPCSE with a TPM chip running Windows 7 Ultimate SP1 with only 1 physical hard drive with a visible partition for c: (W7 only + other MS apps like Office) and a partition for d: (user data only).
TPM was enabled, activated (owned), and c: & d: put under Bitlocker protection. I have the Bitlocker recovery keys, no issues there.
It worked well for several months. I disable Windows update on 3 Nov 2014 for some reason. Never change something that works: last week, I re-enabled it. Inevitably, I saw 75 updates requested to flow in (I have the history list
in xls).
Context: no system image prior to install and system restore flag is turned off.
Issue after the mass W7 updates, all "successful" so to speak:
1) symptom: after each boot, just after bios boot requiring my bios password, the system asks for the bitlocker password (NB: it cannot read it from recovery USB stick so I retype each time)
2) probable pointer to root cause: in device driver list, the Trusted Platform Module is no longer listed there & tpm.msc does not find it either anymore. Apparently vanished after Windows updates!
To avoid the recurring annoyance of typing the key, I suspended Bitlocker on c: so the machine works again fully but with reduced data protection (raw data still encrypted I guess).
I cannot write off a coincidental TPM hardware failure but the likelihood of the 2 events occurring simultaneously is minimal.
Microsoft tpm.sys 6.1.7600.16385 14/07/2009 appears in an all installed driver list produced on 29/03/2015. It is still the same now checking with driverquery, eliminating a TPM driver update cause.
On these Vaio Sony laptops, the "Insyde" BIOS shows only basic config & no TPM enablement / dis-enablement feature, at least in the standard non-advanced menu. Advanced menu is not available to normal users. So I cannot check whether
it is on or off in BIOS. But I surely didn't turned it off. Also, it is (should be) probably encrypted, so the BIOS TPM feature should be a "no touch" item for "normal" users of my kind.
I am no specialist. I can only speculate that the most probable cause is one of the 75 Windows updates updating / erasing a critical component or preventing access to existing features. Which one would then become the 100$
question?
System recovery:
There should be a recovery W7 (OEM) somewhere on the OEM disk. I counted 788 Microsoft updates installed since... (with the 75 included).
I have Windows system images using Windows backup, a bit old but no issue here. I should have also Acronis disk image somewhere (freshness is not an issue), plus backup dvds.
All user data (350gb) is solidly backed up.
But a W7 reinstall + all apps can be a time nightmare. With TPM activated but no longer visible (what may have been written in this chip?) & Bitlocker still applied to the data, I am not sure that I can keep consistency (TPM,
c: & d:) without starting from scratch. I risk becoming quickly [more] out of my depth.
So, the question is:
- Is it a know issue? Is there a simple workaround?
- else, is a system restore (or Acronis disk image restore) the only sure & "less long" way out, knowing I should reset the TPM at some point, meaning W7 must be able to regain access to it then restore the user data?
May not be the right place to raise this pointed question (many threads more or less related) but the title seems related. Thanks for any advice.
Regards
acontrario