You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recently, the installation of Microsoft that came bundled with the device, Asus Vivobook, had to be reset. The device had been originally setup with full-disk encryption with the latest version of Veracrypt. Microsoft Windows was reset with the option to remove everything following the steps in the instructions - https://www.asus.com/support/faq/1013063/. The device wasn't decrypted prior to resetting Microsoft Windows to prevent any files to be written to disk. This resulted in the device returning the "Blue screen of death" on restart.
To gain access to the Windows installation, the device was booted using the generic Veracrypt rescue disk that was generated from another device with full-disk encryption. To continue the Microsoft installation process, the option to decrypt the OS was selected and oddly, it returned the message that it wasn't successfully in yellow. The device restarted and the installation process resumed. On completion of the installation, the device continued to prompt for the Veracrypt boot password. Attempting to remove the bootloader using the rescue disk did not work.
To get around the issue of the bootloader, Veracrypt was installed on the device again and the option to encrypt the system partition was picked. Towards the end of the process, it returned the message that another bootloader was already installed and may cause issues. Ignoring the warning, the process was completed and the device restarted. On restart, it prompted for the password and although the password was authenticated, it did not progress any further.
The device was booted again with the Veracrypt rescue disk and the option to boot the original bootloader was chosen. It successfully launched Microsoft Windows. Once logged in, the option "Permanently Decrypt System Partition/Drive" was selected and only then was the bootloader removed.
Questions
Since the device was reset without first decrypting Veracrypt, can it be safely assumed that all previous files have been securely removed/deleted and cannot be recovered?
As Veracrypt was installed again, the initial bootloader removed and full-disk encryption enabled again, can it be safely assumed that the device is successfully encrypted with no historical remnants?
Is there a better way to achieve the same outcome with OEM versions of Microsoft i.e. the installation files are on a recovery partition?
The text was updated successfully, but these errors were encountered:
Recently, the installation of Microsoft that came bundled with the device, Asus Vivobook, had to be reset. The device had been originally setup with full-disk encryption with the latest version of Veracrypt. Microsoft Windows was reset with the option to remove everything following the steps in the instructions - https://www.asus.com/support/faq/1013063/. The device wasn't decrypted prior to resetting Microsoft Windows to prevent any files to be written to disk. This resulted in the device returning the "Blue screen of death" on restart.
To gain access to the Windows installation, the device was booted using the generic Veracrypt rescue disk that was generated from another device with full-disk encryption. To continue the Microsoft installation process, the option to decrypt the OS was selected and oddly, it returned the message that it wasn't successfully in yellow. The device restarted and the installation process resumed. On completion of the installation, the device continued to prompt for the Veracrypt boot password. Attempting to remove the bootloader using the rescue disk did not work.
To get around the issue of the bootloader, Veracrypt was installed on the device again and the option to encrypt the system partition was picked. Towards the end of the process, it returned the message that another bootloader was already installed and may cause issues. Ignoring the warning, the process was completed and the device restarted. On restart, it prompted for the password and although the password was authenticated, it did not progress any further.
The device was booted again with the Veracrypt rescue disk and the option to boot the original bootloader was chosen. It successfully launched Microsoft Windows. Once logged in, the option "Permanently Decrypt System Partition/Drive" was selected and only then was the bootloader removed.
Questions
The text was updated successfully, but these errors were encountered: