bluescreened on windows

[ljrand]

My system: Windows 10 system booting off an unencrypted Western Digital hard drive with a secondary Samsung EVO 850 SSD that I wanted to secure-erase. The Samsung SSD had been enabled as eDrive when I was experimenting with deployment. But the motherboard did not meet the requirements so I had to give up that idea and never did encrypt it. I needed to undo the eDrive setting though and Samsung support was giving me the runaround.

I ran the Windows sedutil executable to erase the Samsung. sedutil reported success.

But then the system bluescreened and subsequent attempts to start it up again came up with "Insert Boot Media in selected Boot device..." Which means sedutil also hosed the WD hard drive! Thankfully there was nothing important on that drive other than a base Windows 10 install.

The Samsung SSD does seem to have been securely erased as it is back to neutral and I am now able to re-deploy.

[r0m30]

Were both drives in the system when you installed Windows? I have seen Windows place its boot information on a secondary drive (which baffles me). I have not seen sedutil do this before I have reverted drives many times and it had never done anything to the other drives in my system (both TCG and non-TCG drives).

When you did the re-install were there partitions on the WD drive or was it uninitialized?
Did you boot a PE or Linux system and see what the state of the drive was?

[ljrand]

I have not yet re-installed but used PartedMagic to check: short test reported the drive is healthy (it was a relatively new drive when I installed Windows). Partition Editor sees:

/dev/sda1 fat32 500MB (22 used) boot /dev/sda2 ntfs 243.65GB (29.6 used) unallocated 221.62GB

/dev/sda1 mounts fine and shows 4 folders and 4 files at the top level: Boot/, Recovery/, System Volume Information/, $RECYCLE.BIN/ and files like bootmgr, BOOTNXT… The $RECYCLE.BIN/ contained only one file = desktop.ini timestamped from the day previous to running sedutil.

But when I tried to explore /dev/sda2, I get an Error box saying: 14: Windows is hibernated, refused to mount... the NTFS partition is in an unsafe state... try mounting read-only.

So I did try to mount /dev/sda2 read-only. That worked and I can see the usual Windows 10 folders and files.

And to answer your first question: there is always just one SATA drive in the system when I installed Windows 10 from a bootable USB.

[r0m30]

I'm not sure what would cause this, what you describe appears to be a normal windows drive and I do several reverts during the release process with no issue. Windows sedutil doesn't read or write to any of the drives (linux does read sysfs to check that allow_tpm is set) it only issues identify, trusted send and trusted receive to the device(s) it is working with.