1.3 Permanently unlock a Bitlocker drive using recovery key file

  • OPSWAT MetaDefender Drive allows users with BitLocker protection on their systems to run a scan on their protected drives.

  • All the instructions are available on the MetaDefender Drive itself in case the user doesn’t have access to the internet.

How can I tell if a drive is encrypted with BitLocker?

  • OPSWAT MetaDefender Drive will let users know during the scan if one or more of their volumes are encrypted with BitLocker.

  • Upon detecting BitLocker encryption, OPSWAT MetaDefender Drive will display a notification in the lower-right corner of the screen, detailing the steps needed to unlock their drives.

images/download/attachments/1072084/2019-11-04-135307_1920x1200_scrot.png

Unlocking Bitlocker using a Recovery Key File

  • To unlock the BitLocker encrypted volumes for use with OPSWAT MetaDefender Drive, users must boot into Windows and then insert the OPSWAT MetaDefender Drive.

  • Depending on the version of Windows (pre-Windows 10 Creators Edition or Windows 10 Creators Edition and later) users will either see three removable disk volumes appear under ‘This PC’labeled “MetaDefender Drive”, “...” and “USB Drive” (Windows 10 Creators Edition and later), or one single volume labeled “MetaDefender Drive” (pre-Windows 10 Creators Edition).

images/download/attachments/1072084/screenshot_%283%29.png

  • To unlock their drives, users must open “This PC” (or “My Computer”, depending on the version of Windows), right click on the encrypted drive icons with the locked yellow padlock icon, click "Unlock Drive" and provide the Password.

images/download/attachments/1072084/screenshot_%284%29.png images/download/attachments/1072084/screenshot_%285%29.png

images/download/attachments/1072084/screenshot_%286%29.png images/download/attachments/1072084/screenshot_%287%29.png

  • Once the encrypted drive has been unlocked, the user should navigate to the "MetaDefender Drive" volume

  • Next, navigate to the "tools" folder within the "MetaDefender Drive" volume

images/download/attachments/1072084/screenshot_%283%290.png images/download/attachments/1072084/screenshot_%288%29.png

  • Users should then see three files: “bitlocker.bat" (used to unlock your BitLocker drives), “bitlocker.ps1” (a Windows PowerShell script utilized by bitlocker.bat), and "README.txt" (instructions on how to unlock BitLocker encryption for a diagnostic scan).

  • Right click on “bitlocker.bat” and select the "Run as administrator" option, which should trigger an administrator rights elevation prompt to appear, to which the User should click “Yes” to allow the script to proceed.

images/download/attachments/1072084/screenshot_%289%29.png images/download/attachments/1072084/screenshot_%2810%29.png

  • Once the script has run, a file named “bitlocker.key” will appear in the "tools", indicating to users that they are ready to run a scan.

images/download/attachments/1072084/screenshot_%2811%29.png

  • If all the above steps have been followed correctly, and BitLocker is unlocked, the next time users start a scan they should notice that the BitLocker encryption notification on the lower-right does not appear and that files from their encrypted volumes are successfully being scanned.