ThisIsJo(e).com

Hello, this is my blog, where I document my thoughts and opinions. My current professional passions are cybersecurity, Linux, and networking.

Fixing windows recovery usb bug

3 min read

Hello, I just recently started dealing with this issue and I see a lot of others doing drastic fixes like reimaging the problem PC. There’s a simple fix for this issue until Microsoft solves this. Using a recovery drive or my preferred option is using Hiren’s BootCD PE ISO. If you followed my creating USB bootable USB drive guide you will most likely have this ISO or it’s just a download, drag and drop away.

News Here: https://www.malwarebytes.com/blog/news/2025/10/windows-update-breaks-usb-support-in-recovery-mode

Hiren’s BootCD PE here: https://www.hirensbootcd.org/

If needed, Recovery Drive here: https://www.hirensbootcd.org/

Rufus here: https://rufus.ie/en/

Requirements

  • USB drive with Hiren’s BootCD PE installed

If you have a blank USB drive just reflash it with Rufus with the Hiren’s BootCD PE. Once that’s ready boot into your Problem PC and disable Secure Boot. Then reboot into the temporary boot screen into the USB drive. If you’re having issues with this then I’ll put a guide here.

How to use here: https://www.youtube.com/watch?v=kjJCrZ4cwDU

Once that starts up let’s go into Command Prompt. Then enter the following:

manage-bde -status
# Because we are in Hiren Boot ISO we can also check this by looking at File Explorer
# Just click on "This PC" then look for the lock symbol, that's your drive
# Then right click on that to unlock if you prefer the GUI method

Volume C: [NAME]
[Data Volume]
     Size: (size)
     BitLocker Version:
     Conversion Status:
     Percentage Encrypted: 
     Encryption Method:
     Lock Status:
     Identification Field:
     Automatic Unlock:
     Key Protectors:

# Keep in mind you will get multiple drives like your USB drive

# Once we find the correct drive we will unlock that drive using this command
manage-bde -unlock C: -rp "recovery-key-here"

# Turn it off completely
manage-bde -off C:

That should be it, turn off the machine then reboot into Windows. Make sure to turn on Secure Boot.

Turning on Bitlocker and backing Up Your Recovery Key

Before turning BitLocker back on, it’s a good idea to backup your recovery key. Here’s how:

# Check BitLocker status and get the Key Protector ID
manage-bde -status C:

# Look for the "Key Protectors" section, you'll see something like:
# Numerical Password:
#     ID: {12345678-1234-1234-1234-123456789012}

# Backup the recovery key to your Microsoft account (requires internet)
manage-bde -protectors -adbackup C: -id '{your-id-here}'

Turning BitLocker Back On

Once you’ve fixed your issue and want to turn BitLocker back on:

# Turn on BitLocker
manage-bde -on C:

# Check the encryption progress
manage-bde -status C:

You can also turn BitLocker back on through the GUI by going to Settings > Privacy & Security > Device Encryption or Control Panel > BitLocker Drive Encryption. You might get a error for the first time, but try again after a reboot.

Leave a Reply

Your email address will not be published. Required fields are marked *