This project has moved. For the latest updates, please go here.

Installed Grub2 to drive with veracrypt bootloader. Lost my life's work and personal information.

Topics: Technical Issues
Oct 24, 2016 at 10:54 AM
Basically everything worked fine until i accidentally installed grub (or grub installed itself) to my veracrypt FDE.

I was installing grub to an external drive but somehow i screwed up and my internal drive got a copy of grub to produce a grub rescue error. The reported message it gives is about a missing device.

the reported message:
http://imgur.com/a/XHenQ

i've backed up the 500 megabytes of the first parition. this has allowed me to attempt my own fixes and try others.

i've tried rescue discs (they do nothing). i've tried various fixes of mbr using a windows 10 disc. more of the same.

i've also copied over a fresh veracrypt bootloader from another win10 installation. the first 388 bytes of it. to /dev/sda.

( i created that one's FDE using the exact same pass-key. )

When i do that i get the veracrypt bootloader screen instead of the grub nonsense! but ultimately it reports (after a noticably long time) as not finding a recognizable partition or something like that.

i've noticed when i copy over the veracrypt bootloader, the mbr for the drive reflects an 80gigabyte parition (where windows would be). When it should be 932 gigabytes (i have a terabyte drive). my theory is i need to hack the bootloader to reflect a partition of the appropriate size. but i have no idea how to find that offset.

If I had to narrow down my problem to one thing it's this: how do you clean the grub crap out or replace it with the appropriate bytes using the other veracrypt bootloader as a source?

*and i'd like to retain the 930gigabyte sized parition information and avoid copying over the source's 80gigabyte size value.

below are two screen shots. one of the grub infected mbr. and one of the fresh/non-grub infected mbr of a separate win10 veracrypt FDE.

Infected with GRUB MBR:
byte highlighted is @offset 0x34f
http://imgur.com/tTIBQOo

Fresh Veracrypt MBR:
byte highlighted is @offset 0x184
http://i.imgur.com/5NaJEgx.png


note:
i've tried having veracrypt mounting the volume directly (i used a functioning OS to do this). it doesn't work no matter what i do with pre-boot authentication option, backup header recover. tried the veracrypt programs vailable on both linux and windows. i never kept the repair/rescue disk that veracrypt tells us to make. else i'd solve this by now .