repair-bde.exe
- File Path:
C:\windows\system32\repair-bde.exe - Description: BitLocker Drive Encryption: Repair Tool
Hashes
| Type | Hash |
|---|---|
| MD5 | 8A8A24256B145338E025DCD848CBC1EF |
| SHA1 | B798EA11903D13ABB41A9485546146EFDA5CDFFA |
| SHA256 | BD64933EBFEF87F2CCBDC270625C7D2533F82CBF558F08D61605EAEB06387F08 |
| SHA384 | 8634E2ABFA7CBACAECECDC2437A095E32879AA057D1A8FD2B0FF3D3F9DAE7B25D0D4EE4F7BC221881D8F279205CA7C64 |
| SHA512 | 43AFBFD153FABA24FCEFD1713498326112A35009B5BED01606A080D0D6B905D7540A76539F738F9F79A7DF933DDA96C0C7D7D375917729DD13384A4B891ED5EA |
| SSDEEP | 3072:hVn5UdQ7FzkRlGwwnVS570M9kdatGCO+xmBc+hMPhPsx:CQ7FQR+Vs7nyatGt+SYF |
Signature
- Status: The file C:\windows\system32\repair-bde.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
- Serial: ``
- Thumbprint: ``
- Issuer:
- Subject:
File Metadata
- Original Filename: repair-bde.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
- Product Version: 6.3.9600.16384
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
File Similarity (ssdeep match)
Additional Info*
*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.
repair-bde
Attempts to reconstruct critical parts of a severely damaged drive and salvage recoverable data if the drive was encrypted by using BitLocker and if it has a valid recovery password or recovery key for decryption.
[!IMPORTANT] If the BitLocker metadata data on the drive is corrupt, you must be able to supply a backup key package in addition to the recovery password or recovery key. If you used the default key back up setting for Active Directory Domain Services, your key package is backed up there. You can use the BitLocker: Use BitLocker Recovery Password Viewer to obtain the key package from AD DS.
Using the key package and either the recovery password or recovery key, you can decrypt portions of a BitLocker-protected drive, even if the disk is corrupted. Each key package works only for a drive with the corresponding drive identifier.
Syntax
repair-bde <inputvolume> <outputvolumeorimage> [-rk] [–rp] [-pw] [–kp] [–lf] [-f] [{-?|/?}]
[!WARNING] The contents of the output volume will be completely deleted and overwritten by the decrypted contents from the damaged BitLocker drive. If you want to save any existing data on the selected target drive, move the existing data to other reliable backup media first, before running the
repair-bdecommand.
Parameters
| Parameter | Description |
|---|---|
<inputvolume> |
Identifies the drive letter of the BitLocker-encrypted drive that you want to repair. The drive letter must include a colon; for example: C:. If the path to a key package isn’t specified, this command searches the drive for a key package. In the event that the hard drive is damaged, this command might not be able to find the package and will prompt you to provide the path. |
<outputvolumeorimage> |
Identifies the drive on which to store the content of the repaired drive. All information on the output drive will be overwritten. |
| -rk | Identifies the location of the recovery key that should be used to unlock the volume. This command can also be specified as -recoverykey. |
| -rp | Identifies the numerical recovery password that should be used to unlock the volume. This command can also be specified as -recoverypassword. |
| -pw | Identifies the password that should be used to unlock the volume. This command can also be specified as -password |
| -kp | Identifies the recovery key package that can be used to unlock the volume. This command can also be specified as -keypackage. |
| -lf | Specifies the path to the file that will store Repair-bde error, warning, and information messages. This command may also be specified as -logfile. |
| -f | Forces a volume to be dismounted even if it cannot be locked. This command can also be specified as -force. |
| -? or /? | Displays Help at the command prompt. |
Limitations
The following limitations exist for the this command:
-
This command can’t repair a drive that failed during the encryption or decryption process.
-
This command assumes that if the drive has any encryption, then the drive has been fully encrypted.
Examples
To attempt to repair drive C:, to write the content from drive C: to drive D: using the recovery key file (RecoveryKey.bek) stored on drive F:, and to write the results of this attempt to the log file (log.txt) on drive Z:, type:
repair-bde C: D: -rk F:\RecoveryKey.bek –lf Z:\log.txt
To attempt to repair drive C: and to write the content from drive C: to drive D: using the 48-digit recovery password specified, type:
repair-bde C: D: -rp 111111-222222-333333-444444-555555-666666-777777-888888
[!NOTE] The recovery password should be typed in eight blocks of six digits with a hyphen separating each block.
To force drive C: to dismount, attempt to repair drive C:, and then to write the content from drive C: to drive D: using the recovery key package and recovery key file (RecoveryKey.bek) stored on drive F:, type:
repair-bde C: D: -kp F:\RecoveryKeyPackage -rk F:\RecoveryKey.bek -f
To attempt to repair drive C: and to write the content from drive C: to drive D:, where you must type a password to unlock drive C: (when prompted), type:
repair-bde C: D: -pw
Additional References
MIT License. Copyright (c) 2020-2021 Strontic.