Tech Support banner

1 - 20 of 24 Posts

·
Registered
Joined
·
26 Posts
Discussion Starter · #1 ·
I have a Usb stick which was encrypted with BitLocker. This has somehow been damaged and the password and recovery key do not work anymore to unlock it.

I am trying to format, I used all 'usual' stuff found on the web, but either format is not available, it says 'Was Unable to Complete the Format' or simply it says the drive is encrypted and thus cannot clean/format etc..

Some of the links I used:


It seems BitLocker encryption is stronger than any of these tools.


Is there another way to be able to format this disk?

Thank you!
 

·
TSF Moderator , Hardware Team , Networking Team
Joined
·
7,816 Posts

·
Registered
Joined
·
26 Posts
Discussion Starter · #3 ·
Ok, I tried everything again from this article now and got the same results. Here they are listed on order of the article:


DISKPART> select volume 3

Volume 3 is the selected volume.

DISKPART> detail volume

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
* Disk 1 Online 58 GB 0 B

Read-only : No
Hidden : No
No Default Drive Letter: No
Shadow Copy : No
Offline : No
BitLocker Encrypted : Yes
Installable : Yes

Volume Capacity : 58 GB
Volume Free Space : 58 GB

DISKPART> FORMAT FS=NTFS LABEL="New Volume" QUICK COMPRESS

The volume you selected to format is encrypted with BitLocker Drive Encryption.
BitLocker encryption will be removed and the encrypted data on the volume will be erased.
You may enable BitLocker again after formatting is complete.
To proceed with the format, run FORMAT again using the OVERRIDE parameter.

DISKPART> FORMAT FS=NTFS LABEL="New Volume" QUICK OVERRIDE

0 percent completed

Virtual Disk Service error:
BitLocker encryption on the volume could not be removed.

-------------------------------------------------

DISKPART> list partition

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 58 GB 0 B

DISKPART> DELETE PARTITION

There are no partitions selected.
Please select a partition, and try again.

DISKPART> SELECT partition=1

There is no partition selected.

DISKPART> clean

DiskPart has encountered an error: The request could not be performed because of an I/O device error.
See the System Event Log for more information.



-------------------------------------------------


c:\windows\SYSTEM32\cleanmgr.exe /d: --> Disk Cleanup cnnot cleanup drive ::\.
Makre sure that there is a disk in the drive.


-------------------------------------------------


Ease Us Partition Magic
  • when trying to create new partition on the partition it says: "The operation did not complete because the media is write protected"
  • right click - only Change drive letter, Surface Test and Properties available - no Format


-------------------------------------------------
Explorer
Format is available -- error : Windows Was Unable to Complete the Format

-------------------------------------------------

Disk Management
Format is greyed out - In the description it says Unkown (BiLocker encrypted)


-------------------------------------------------


DISKPART> detail disk

Generic Flash Disk USB Device
Disk ID: 00000001
Type : USB
Status : Online
Path : 0
Target : 0
LUN ID : 0
Location Path : UNAVAILABLE
Current Read-only State : Yes
Read-only : No
Boot Disk : No
Pagefile Disk : No
Hibernation File Disk : No
Crashdump Disk : No
Clustered Disk : No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Unkno Removable 58 GB Healthy

DISKPART> select volume 3

Volume 3 is the selected volume.

DISKPART> format fs=ntfs quick

The volume you selected to format is encrypted with BitLocker Drive Encryption.
BitLocker encryption will be removed and the encrypted data on the volume will be erased.
You may enable BitLocker again after formatting is complete.
To proceed with the format, run FORMAT again using the OVERRIDE parameter.

DISKPART> format fs=ntfs quick override

0 percent completed

Virtual Disk Service error:
BitLocker encryption on the volume could not be removed.

--------------------

On the usb drive ther eis no "Turn Off BitLocker" option , only 'Unlock drive'
 

·
TSF Moderator , Hardware Team , Networking Team
Joined
·
7,816 Posts
If the USB flash drive does not have a physical external write-protect slider that can be moved from On to Off, it sounds like USB flash drive is either defective, intentionally non-reusable, or *no longer any good and needs to be replaced.

*No longer any good meaning all flash drives have a limited number of read/write cycles before they are rendered useless.
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #5 ·
I doubt that this is the case as it is my newest one and before encrypting it was working fine.

I thought we can do something about this:



DISKPART> FORMAT FS=NTFS LABEL="New Volume" QUICK OVERRIDE

0 percent completed

Virtual Disk Service error:
BitLocker encryption on the volume could not be removed.
 

·
TSF Moderator , Hardware Team , Networking Team
Joined
·
7,816 Posts

·
Registered
Joined
·
26 Posts
Discussion Starter · #7 ·
Well I also ran a recovery software on it and it was possible to read all files and make them available for recovery.
This is why I think the stick would be readable without the encryption. Please correct me if thats wrong.
 

·
Premium Member
Joined
·
41,821 Posts
If you can recover the files, then do that. The USB drive may not be salvageable.
You can download Disk Genius in my signature, select the Flash drive, go to the Toolbar to Partition / Bit Locker Management / Unlock
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #9 ·
I tried it, the unlock option was only available after I managed to list its partition below, on the flash drive it was greyed out.

AfterI enter password or recovery key it returns: ERROR_VOLUME_STATE_NOT_SAFE

I ran a verification and everything is green, message "Disk verify completed. No bad tracks found." Good 7645 Nomal 4 All others 0

I also tried other stuff from the menus, but did not manage to unlock or erase it.
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #11 ·
Hi,

I have read suggestions from this website and tried it, but with not much success.
Here are some of the points I did/saw:

- There is no permission on this mchine to open GroupPolicy

- I did not find Intune on this machine

- After opening TPM it is quite empty, can't see anything in that window



- Manage-bde -status
BitLocker Drive Encryption: Configuration Tool version 10.0.19041
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Disk volumes that can be protected with
BitLocker Drive Encryption:
Volume C: [Windows]
[OS Volume]

Size: 117.44 GB
BitLocker Version: 2.0
Conversion Status: Fully Encrypted
Percentage Encrypted: 100.0%
Encryption Method: AES 256
Protection Status: Protection On
Lock Status: Unlocked
Identification Field: Unknown
Key Protectors:
TPM And PIN
Numerical Password

Volume D: [Label Unknown]
[Data Volume]

Size: Unknown GB
BitLocker Version: 2.0
Conversion Status: Unknown
Percentage Encrypted: Unknown%
Encryption Method: AES 256
Protection Status: Unknown
Lock Status: Locked
Identification Field: Unknown
Automatic Unlock: Disabled
Key Protectors:
Password
Numerical Password


- Manage-bde -protectors -get d: --> returns Password and Numerical Password , none of then is accepted when entering as password to unlock

- get-tpm


TpmPresent : True
TpmReady : True
TpmEnabled : True
TpmActivated : True
TpmOwned : True
RestartPending : False
ManufacturerId : 1398033696
ManufacturerIdTxt : STM
ManufacturerVersion : 73.8.17568.5511
ManufacturerVersionFull20 : 73.8.17568.5511

ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : False
AutoProvisioning : Enabled
LockedOut : False
LockoutHealTime : 10 minutes
LockoutCount : 0
LockoutMax : 31
SelfTest : {}




- The Bitlocker registry looks different than in on the website, see attached. Is it possible to disbable bitlocker from here ? If yes, with which value(s)?

- In the eventLog at bitLocker-API - Management I did not find useful entried, there are some error events 785 and 846 , "Failed to backup BitLocker Drive Encryption recovery information to Active Directory ", but I do not think these help here.
 

Attachments

·
Moderator , Security Team
Joined
·
1,144 Posts
You could try booting your computer from Linux (installed on a USB) and then once booted into Linux try reformatting the encrypted USB.

This does not always work, but I've often been able to reformat things in Linux that I've not been able to in Windows.

If this works, then when you next insert the reformatted disk in a Windows machine, Windows may tell you it's faulty, in which case just reformat it again (this time with Windows) and that usually resolves things.
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #16 ·
I tried, it cannot do step 3:
fdisk: /dev/sdb kann nicht geöffnet werden: Das Dateisystem ist nur lesbar

which means fdisk: /dev/sdb cannot be opened: The file system is only readable
 

·
Moderator , Security Team
Joined
·
1,144 Posts
For a USB drive that is set to read only, try the following ....


... it's instructions are for Ubuntu, but should work for any distro that has a terminal program.
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #18 ·
Ok, will try and report back.

Meanwhile I tried on another computer with registry keys to disable encryption, but that did not remove encryption and password was still asked to decrypt or saying it was encrypted at attempts to format.
The intune registry keys did not exist on that machine , I just tried with the standard keys, which can be found on the web.
I really thought this is a good chance..
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #19 ·
Hi,

I ran the instructions, it again says the device is only readable:

dosfsck -a /dev/sdb
fsck.fat 4.1 (2017-01-24)
open: Das Dateisystem ist nur lesbar

Maybe it is worth mentioning it was not shown with df -TH and also it was not possible to unmount.
It was though shown with lsblk:

lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 18,7G 0 disk
└─sda1 8:1 0 18,7G 0 part /
sdb 8:16 1 58,6G 1 disk
sr0 11:0 1 58,3M 0 rom

Is there any chance to come around bitlocker and format it?

Thank you!
 

·
Moderator , Security Team
Joined
·
1,144 Posts
At this point I'd say it looks as if the disk is damaged.

If it were me, I wouldn't waste any more time trying to resurrect it, I'd just dump it. When all's said and done, unless you've got one with large capacity, USB drives aren't exactly expensive.
 
1 - 20 of 24 Posts
Top