System Encryption Fails

Topics: Technical Issues
Jun 17, 2015 at 9:51 PM
Hi,

I'm new to VeraCrypt but I'm a long time TrueCrypt user.
I wanted to encrypt my System drive. I wanted to use AES256, normal encryption(not hidden).
VeraCrypt wanted to do a Pre Boot test which failed.
VeraCrypt asks me for a password, when I type it in it says verifying password, this takes about 10min then it says Password OK, Booting....
Well after 20min I turned the PC off and booted without the password.
VeraCrypt works on this PC because I have a encrypted volume(40 GB) with a hidden volume.

To my PC, Windows 7 Ultimate (I have extra uninstalled Windows 10 Insider because i couldn't find anything about Windows 10 Support). I have two drives, one normal Harddisk and one SSD. The System is installed on the SSD, the other drive contains only Data (like the 40GB volume). The system is set to boot from the SSD. I don't know if its important but the normal drive is ID0 and the SSD is ID1. Maybe also important (or not) both drives are connected to a PCIE Sata3 controller card...

What could I try to get the System drive encrypted?

Thanks

LordRayden
Jun 19, 2015 at 3:04 PM
If the Windows System Reserved partition exists, is it on the SSD drive or the second drive?

Can you attach to your post a picture of your Windows Device Management?
Jun 19, 2015 at 6:17 PM
HI,

unfortunately there is, Windows 7 creates one for Bitlocker. It's on the SSD. I can disconnect the normal HardDisk and the System boots without problems.
In the settings before the test I set VeraCrypt to take the whole drive including the SRP.
Do you know a service where I can upload the Device Manager Image without registering? I can't upload it here (or am I just overseeing it?)

Thanks

LordRayden
Jun 19, 2015 at 6:21 PM
Edited Jun 19, 2015 at 6:23 PM
Found one...
Which section should I expand?

Image
Jun 19, 2015 at 8:15 PM
In the settings before the test I set VeraCrypt to take the whole drive including the SRP.
.
You cannot encrypt the Windows System Reserved partition with either TrueCrypt or VeraCrypt due to your system will not be able to boot. Select encrypt OS partition only option.

You can make the password the on the Data drive the same as the system encryption password if you want to mount the Data partition during booting using System Favorites.
Coordinator
Jun 19, 2015 at 11:31 PM
This issue is strangely similar to the one previously reported here: https://veracrypt.codeplex.com/workitem/151

can you please post screenshort of the your disks layout as displayed by Windows Disk Management?
Another user posted the following screenshot of his disks and I would like to compare between you two:
DiskLayout
Jun 20, 2015 at 12:10 AM
Hi,

Thanks Enigma, I will try that. Why build in an option you can't use?
How about Windows 10? I have to go back to Windows 10 since a new Build is coming and I am an active tester and trough that I get the final for free...

Idrassi,

It's the same as above...
Now I have a third HardDisk connected...
Here is the image..

Image

Thanks

LordRayden
Jun 20, 2015 at 2:07 AM
Edited Jun 20, 2015 at 2:14 AM
Hello Mounir,

Does it matter that the system drive is not disk 0?

I notice both the ticket and LordRayden have the System Reserved and OS on disk other than disk 0. Just a possibility. This may not be the issue, however thought I would ask.

EDIT:

Sorry Mounir. I see you answered my question in the ticket.

https://veracrypt.codeplex.com/workitem/151

Idrassi wrote:
In the code, we look only for active partitions on the boot drive given to us by the BIOS. So, if the BIOS is configured to boot on disk 2, then VeraCrypt will only work on disk2. Other disks are not relevant in the code...at least theoretically.

There must be something messing with this logic...and it is probably linked to the Windows reserved partition. I'll have to replicate the issue to be able to study it in depth.
.
LordRayden wrote:
Thanks Enigma, I will try that. Why build in an option you can't use?
How about Windows 10? I have to go back to Windows 10 since a new Build is coming and I am an active tester and trough that I get the final for free...
.
Windows versions prior to Windows 7 did not have the System Reserved partition. Some installed Windows 7 and later versions without the System Reserved partition.

You will have to decrypt the Windows 7 OS partition before performing Windows 10 upgrade.
Jun 20, 2015 at 2:44 AM
Hi Enigma,

thanks for the fast response.
The System Drive is not encrypted at the moment so the upgrade shouldn't be a problem but can I encrypt it after the upgrade?
Will VeraCrypt work in the Windows 10 Pro 64Bit Environment(for my Data and for the System Encryption)?
I really don't want to use BitLocker...

Thanks

LordRayden
Jun 20, 2015 at 9:02 AM
Edited Jun 20, 2015 at 9:06 AM
The System Drive is not encrypted at the moment so the upgrade shouldn't be a problem but can I encrypt it after the upgrade?
Will VeraCrypt work in the Windows 10 Pro 64Bit Environment(for my Data and for the System Encryption)?
I really don't want to use BitLocker...
.
Yes, that is correct for both questions. Mounir explains this in the link below which includes the discussion of having a hidden OS.

http://tinyurl.com/p8lw9eh in the thread decrypt before windows 10?

Kind Regards.
Jun 28, 2015 at 1:25 AM
Hi,

OK, I have installed Windows 10 and after that I have successfully encrypted the System partition, but that is not what I want to do. I want to encrypt the whole drive. Unfortunately it is not true that TrueCrypt can't encrypt the whole drive. I know for a fact that TrueCrypt can do that I also know for a fact that VeraCrypt can do that. I made a Virtual Machine and Installed Windows 7, same configuration as above, 100MB for BitLocker rest of the drive one System partition. TrueCrypt can encrypt the whole drive, then I tried VeraCrypt and it also can encrypt the whole drive. It even says in the option Description that the whole drive will be encrypted except for „Track 0“ where the „MBR“ is written, where it is going to write the Bootloader. So I have tested that I know that it works but why is it not working with the actual computer. There are two differences between the Virtual Machine and the real Machine. The System drive is „ID0“ on the Virtual Machine and „ID1“ on the real Machine. The second is: VirtualBox is simulating a normal HardDisk so it’s also simulating the „Track 0“ for „MBR“ on the real Machine I have a SSD so there is no psychical „Track 0“ and nothing that is simulating it…
Could that be it?

Thanks

LordRayden