How To Remove Encryption With The Option Remove DE

On this guide, we are going to remove encryption from a disk that was encrypted with McAfee Drive Encryption. This option will only work if the Crypt List Region Count is 1, to check the Crypt List Region Count please see the guide on “How To Get Disk Information“. The Crypt List, contains the information of where the encryption starts and ends for each partition. If the Crypt List Region Count is 0, this procedure to remove encryption will fail.

After we confirm that the Crypt List Region Count is set to 1, boot the systems using the EETech/DETech tool. You will need to Authenticate and Authorize, before proceeding with the next steps.

Note: If you are removing MDE from a laptop, make sure is plugin to an electrical outlet. This is to prevent from interrupting the process to decrypt the disk drive.

  1. After the system is authorize and authenticated, click on “Remove DE”.
  2. A window will pop up confirming that we are trying to remove DE, click on “Remove”.
  3. The process to Remove DE will start. This can take several hours, in my experience working with Drive Encryption, I had a system that took 4 weeks to remove encryption. This is because sometimes some sectors might be damage, the tool will continue to try to decrypt the sector several times. Then it will move to the next sector, and if you have several bad sectors, this process can take couple of days or weeks.
  4. Never turn off the system during this operation, or cancel. Wait until you get an error, as I said before this can take weeks. If this process is cancel or there is a lost of power, we won’t be able to know what was the last sector that it was decrypted, and ending up with a partial encrypted disk. You must Wait! Until you get an error or the process complete.
  5. Once the process is completed click “OK”.
  6. Next click “Quit”, to exit the remove DE process.
  7. The next process after removing Drive Encryption from a disk, is to restores the original Windows MBR. Click on “Restore MBR”.
  8. Next select to restore “Original MBR” and mark “Keep the current Partition Tables”, then click “OK”.
  9. Once the Windows MBR has been restores, click “OK”.
  10. To exit and reboot the system click “Quit”.
  11. Next you will get a warning letting you know that the system will restart, click “OK”.

Once the system reboots, you should be able to login to Windows without any issues. Make sure that the Drive Encryption policy for this system is disable, or as soon as it connect to ePO, the drive will start encrypting again.

This concludes this guide on how to remove encryption with the option Remove DE, using EETech/DETech tool, if you have any question or comments please let me know in the comment area.

One thought on “How To Remove Encryption With The Option Remove DE

  1. Hi there! I know this is kinda off topic but I’d figured I’d ask.

    Would you be interested in trading links or maybe guest writing
    a blog article or vice-versa? My website discusses a
    lot of the same topics as yours and I think we could greatly benefit from each other.
    If you’re interested feel free to send me an email.
    I look forward to hearing from you! Fantastic
    blog by the way!

Leave a Reply

Your email address will not be published. Required fields are marked *