This project has moved. For the latest updates, please go here.

Help VeraCrypt Bootloader gone

Topics: Technical Issues
Aug 27, 2016 at 10:28 PM
I encrypted Windows 10 and now I can't boot. Only Windows Repair window pop's up. The bootloader is gone in BIOS. Secure Boot is disabled. Tried to mount the disk via Live CD but it tells me that the password is incorrect. That is not true. I know my password very well. I have no Rescue Disk. What can I do? Why is bootloader gone?

Running VeraCrypt 1.18a
Coordinator
Aug 27, 2016 at 10:57 PM
You mention a Live CD that you used to boot. What's this live CD? Did you try launching VeraCrypt bootloader directly from EFI partition? Can you check that VeraCrypt EFI bootloader files are still on the boot partition.

It seems that you didn't copy the zip file containing the Rescue Disk. It would have helped restore the bootloader to the boot menu and restore EFI bootloader files is they are missing.

I will wait for your answer about the live CD mentioned above. until then, a simple solution: boot on a Linux Live CD, download and install VeraCrypt for Linux, launch VeraCrypt and mount the encrypted Windows partition after checking the option "Mount partition using system encryption (preboot authentication)". Once mounted, you can browse its content and look for the file "VeraCrypt Rescue Disk.zip". Copy it so that you can use to create a Rescue USB Disk.

Also, from Linux Live CD, can you check the content of the boot partition and see if the "EFI\VeraCrypt" is still there?

last question: what antivirus/security solution are you using? I'm asking because the only explanation to your problem is that something on your machine has removed VeraCrypt bootloader from boot menu.
Aug 27, 2016 at 11:08 PM
I'm using Macrium Reflect Live CD to make backups.

There is no VeraCrypt Bootloader in BIOS. Only Windows Bootloader Manager and Windows. In Macrium Reflect I could see 4 partitions.
  1. 450MB Recovery, 2. 100MB EFI, 3. 16MB MSR, 4. Windows Partition.
I never made a backup on Rescue Disk. It's gone forever.


I'm not good at Linux. Can you explain in more detail how to get Live CD and commands to install VeraCrypt in Linux Live CD.

I'm using Eset Smart Security. I have used it before with VeraCrypt and worked fine. No problem at all.
Coordinator
Aug 27, 2016 at 11:23 PM
OK, thanks for the explanation.
can you browser the content of the 100MB EFI partition from Macrium? I'm interested in knowing if the folder EFI\VeraCrypt exists and has files.

As I explained above, you can still access your data using a Linux Live CD. Since you are not familiar with Linux, I will not time to give you step by step instructions but even with this you will need to learn basic Linux concepts.
It is very late here in Paris and I need to go to bed, so tomorrow I will try to give more instructions if others can not do it.
Meanwhile, you can find in Youtube many videos explaining how to use VeraCrypt in Linux like this one: https://www.youtube.com/watch?v=Gf3lo_1KLBY. You can also find instructions on how to create an Ubuntu Linux Live CD or Live USB.
Aug 28, 2016 at 12:15 AM
Followed the youtube guide in your post. Used Ubuntu try before intsalling. The install went well but I can't find VeraCrypt when searching for it.
Aug 28, 2016 at 1:08 AM
I finally managed to open it up with Linux Mint Live CD. I can now see all it's content but I can't find "VeraCrypt Rescue Disk.zip". As I said I did not store the Rescue Disk upon installation.

I don't know how to open the EFI partition?

Will I be able to restore it without new Windows install?
Developer
Aug 28, 2016 at 7:09 AM
Edited Aug 28, 2016 at 7:21 AM
Hello,

Do you see contents of EFI volume?

You can use "efibootmgr" from linux to create boot menu for VeraCrypt.

Note: You can try to boot "hard disk" form boot menu instead of Windows. The difference is the following
Windows starts EFI\Microsoft\Boot\bootmgfw.efi
Hard disk starts EFI\Boot\bootx64.efi

Normal VeraCrypt loader is EFI\VeraCrypt\DcsBoot.efi
Aug 28, 2016 at 11:29 AM
I entered "efibootmgr" in Terminal and nothing special came up. I must say I have no skills in Linux and I need more technical details on how to move forward. I would appreciate it a lot. All I could was mounting Windows partition. Nothing else.
Coordinator
Aug 28, 2016 at 2:49 PM
I have done a Youtube video that demonstrates how to use Linux Mint to troubleshoot EFI system encryption boot issues and also how to recover the zip file of the rescue disk from the encrypted system partition: https://www.youtube.com/watch?v=4xJrVGzAk0Y

In this video, you will see me typing the efibootmgr command that kavsrf mentioned above. The command is:
sudo efibootmgr -c -d /dev/sda -p 2 -l \\EFI\\VeraCrypt\\DcsBoot.efi -L VeraCrypt-DCS
The value 2 used in the switch -p and the value /dev/sda used in the switch -d are the usual defaults but I have shown in the video how to get these values using the "Disks" Linux Mint application.

After typing the above command as shown in the video, you will be able to boot VeraCrypt as usual.

Also, the video show unzipping the Rescue Disk zip file into a 1GB USB key formatted as FAT. The machine can be boot on this USB key to launch VeraCrypt Rescue Disk but this is not shown in the video.

I hope this will help.
Aug 29, 2016 at 8:03 PM
First and foremost, thank you for this excellent step by step guide :)

Second, I was so eager to fix my OS that I made a fresh install before this guide came up but I do appreciate it a lot for taking your time and made this guide. This will be very useful in case it happens again and for others too. I created also a clone of the disk just to be extra safe. I have not any issues so far.

I'm not 100% sure but I could restore it without the rescue disk?

Again. Thank you for your time and for this wonderful VeraCrypt software :)
Aug 30, 2016 at 9:23 PM
So I ran in same problem again. As I said I made clean install and encrypted again with VeraCrypt. I then made a backup with Macrium Reflect. I created a image of the disk sector by sector. All partitions were imaged. Then I had to use that backup and then again the VeraCrypt bootloader was gone. I tried to follow your guide but I could not open the encrypted partition in Linux Live CD. It said that the password was wrong or PIM value. I am sure of my password. I know it's right. So I can't enter the disk and get hold of Rescue Disk. Is it possible to fix this?
Developer
Aug 31, 2016 at 4:00 PM
You can use VeraCrypt rescue disk from other computer to restore boot loader menu.

Note: Do not restore volume header If you use rescue disk from other computer.
Aug 31, 2016 at 11:36 PM
Thank you kavsrf.
Coordinator
Sep 2, 2016 at 8:23 AM
@VCuser: concerning the password error on Linux, it is certainly due to keyboard layout issue. Using the US keyboard layout on Linux and typing the same keys as you type when booting should fix the issue.