Hi, Last week I install Windows 11 24H2 on a friends computer and saw that MickySoft now forces it's encryption crap on everyone so I had to disable TPM on my friends computer. I google a bit on how to do this without disabling TPM in the BIOS because I know some crappy Laptop OEM's don't have such option in thier BIOS. But I have 3 question: 1. If "PreventDeviceEncryption" is set to "1" why do we have to also set "TCGSecurityActivationDisabled to "1"? 2. If "TCGSecurityActivationDisabled" is set to "1" do we also have to set "DisableEncryptedDiskProvisioning" to "1"? 3. If any of this registry option are set to "1" will it still be possible to use all the Encryption options when turning on BitLocker in the Windows Settings menu?
Either you don't read, or you don't understand what you read, there is no third. From the links in the previous post
3. If any of this registry option are set to "1" will it still be possible to use all the Encryption options when turning on BitLocker in the Windows Settings menu? => yes you can later use bitlocker
To Turn BitLocker Off Without Activation on windows 11 24H2 In Command Prompt Copy & Paste manage-bde c: -off manage-bde d: -off
The service has to be running in order to be able to decrypt it, so just to be sure: Code: rem Disable Bitlocker/Windows ransomware sc config "BDESVC" start= demand net start BDESVC fsutil behavior set disableencryption 1 manage-bde -off C: manage-bde -off D: manage-bde -off E: sc config BDESVC start= disabled net stop BDESVC /y