Failure to permanently decrypt non-system drive
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hi,
I have a 2TB external HDD that was encrypted with FDE (I can't recall the encryption algorithm, but I think I used 3-part). The drive has a regular encrypted section, and a hidden volume.
I attempted a permanent full-drive decryption of the drive, and selected to ignore the hidden volume (which I didn't mind sacrificing), as proceeded per the instructions. The next morning, I received a success message that decryption had completed successfully, but another message said that I couldn't access the data until windows had assigned a drive letter. I tried to select a drive letter in the provided drop-down, but received a message (something like "can't assign this letter"). I was given two buttons on this pop-up message: to either retry or cancel, so after retrying a few times I chose the other button, and cancelled. At this stage, Z: (the main volume being decrypted) was still listed as a drive in the Veracrypt.
I looked at the disk manager (Win 10 pro), and it shows only disk 1, partition 1, as having a "Simple" layout, "Basic" type, "" File System, and as a healthy primary partition with 100% free space. All options apart from "Delete Volume" are greyed out.
I then dismounted all in Veracrypt and rebooted my system.
I then tried the Resume Interrupted Process under the Veracrypt volumes menu. Unlike the disk manager (which only shows 1 non-system drive), this shows (also aside from the system drive) Harddisk1\Partition1 as 1.8TB, and Harddisk2\Partition1 as 8GB. Resuming the decrypt process using either of these partitions fails with the message:
"Operation failed due to one or more of the following:
Source: ResumeInPlaceEncWaitThreadProc:355"
Clicking OK gives the following message:
"Verycrypt has not found any volume where the process of encryption/decryption of a non-sytem volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile..."
I am sure the password I am using is correct for the non-hidden volume. I have also tried the password that I had used for the hidden volume, also without success.
I then tried the "ConcealDrive.zip" tool from this forum's thread "e85c1040" ("Permanently decrypting a non-system drive fails at 100 % "), developed by IDRASSI. This didn't work either, so I ran the program to undo it again.
Is there anything else I can try to resume decryption and complete this process?
Thanks,
B
Just bumping this before I go ahead and format drive. Restoring from backup will be slow so I'm keen to explore options for completing the decryption
OK, proceeding to format drive and then restore.