This project has moved. For the latest updates, please go here.

Windows 7 64-bit UEFI encryptable?

Topics: Users Discussion
Aug 25, 2016 at 6:16 AM
Edited Aug 25, 2016 at 6:16 AM
Hi.

https://veracrypt.codeplex.com/wikipage?title=Supported%20Systems%20for%20System%20Encryption

Does this mean I can't encrypt my Windows 7 64-bit UEFI system partition using VC 1.18a?

Thanks,
Developer
Aug 25, 2016 at 8:10 AM
Yes. Windows 7 supports UEFI boot.

if your disk with OS is GPT and you boot in EFI mode VeraCrypt EFI loader should work.

Note: MS loader of 8 and 7 are different. Windows 7 has partial support of EFI. It may need compatibility module enabled (CSM)
Aug 26, 2016 at 9:50 PM
Edited Aug 28, 2016 at 1:23 PM
Disk w/ OS is GPT and compatibility mode (CSM) is enabled in UEFI.

Nevertheless, VeraCrypt shows this when tryting to encrypt system partition.

Warning: Windows does not appear to be installed on the drive from
which is boots. This is not supported.
You should continue only if you are sure that Windows is installed on
the drive from which it boots.
Do you want to continue?

Actually ... Windows is installed on the boot drive.

What's wrong?
Coordinator
Aug 26, 2016 at 10:29 PM
Some users have reported a similar issues and I'm still not able to find the real cause.

One small test that you can do: locate the file "C:\Program Files\VeraCrypt\VeraCrypt Format.exe" in Explorer and then right click on it and choose "Run as an administrator". Then, in the wizard, select the third option "Encrypt the system partition" and continue as usual.

Does the error disappear if you do like this?

If not, can you please open a command prompt as an administrator (right click menu) and then type the commands:
mountvol.exe Z: /s
dir Z:\EFI
What is displayed after this?
The above commands suppose that the drive letter Z: is available.
Aug 28, 2016 at 1:27 PM
Edited Aug 28, 2016 at 1:30 PM
The warning still appears using the command line!

BTW ... I can select "Yes" and continue, but when the "Area to encrypt " appears, only the first option is selectable. Same with "Number of Operating Systems" ... only first option despite that 2 OS (Windows 7 and Ubuntu) is installed.

Does that help?
What else can I try / test for you?
C:\Program Files\VeraCrypt>mountvol.exe Z: /s

C:\Program Files\VeraCrypt>dir Z:\EFI
 Volume in drive Z has no label.
 Volume Serial Number is B2AE-B362

 Directory of Z:\EFI

23.01.2013  04:47    <DIR>          .
23.01.2013  04:47    <DIR>          ..
23.01.2013  04:47    <DIR>          Microsoft
23.01.2013  05:01    <DIR>          Boot
23.01.2013  04:17    <DIR>          ubuntu
               0 File(s)              0 bytes
               5 Dir(s)      80.979.968 bytes free
Thanks,
Coordinator
Aug 28, 2016 at 3:06 PM
@geohei:
just to be sure, you run "VeraCrypt Format.exe" with the menu "Run as an administrator" and you still had the warning?
Concerning the the grayed option of multiple OSes in the wizard, it doesn't mean that VeraCrypt can not be installed when you have multiple operating systems. You can encrypt Windows and it will work but the other OS (here Ubuntu Linux) will not show up unless you have a boot manager or you boot it explicitely from BIOS menu.

VeraCrypt doesn't know how to automatically update the boot manager. In your case, you are certainly using Grub2 as your boot manager so that you can boot Windows and Ubuntu. By encrypting your Windows using VeraCrypt, you will have to manually edit Grub2 configuration file in order to replace Windows entry by VeraCrypt one.

Last question: do you have many hard drives on your machine?
Aug 28, 2016 at 5:07 PM
Edited Sep 13, 2016 at 7:44 PM
Yes, I started cmd as Administrator. After "VeraCrypt Format.exe", I get the the wizard, I select the third option "Encrypt System Partition/Drive". Then I get the warning.

I start Ubuntu anyway always from the UEFI menu. Hence, encrypting Windows using VeraCrypt should not interfere in any respect.

... later ...

After an image backup of Windows and Ubuntu, I encrypted Windows. All ran fine. Windows and Ubuntu can be started without any problem (from UEFI menu).

To answer you question ... Windows and Ubuntu are installed on an SSD. Then I have one 2 TB disk (2 x 2 TB in motherboard RAID1) and 8 TB in RAID5 (Areca ARC-1210).

The only particularity I have ... I use 2 EFI partitions on SSD. 1 for Windows and 1 for Ubuntu. I would like to keep all separated due regular image backups/restores to avoid system update issues in case of crossed EFI partiotion restores (longer story).
Oct 22, 2016 at 3:36 PM
I had the same identical setup: Windows 7 with a GPT UEFI drive. I wrote a page http://www.genopro.com/misc/Installing-VeraCrypt/ (How to Install VeraCrypt on a GUID Partition Table (GPT)) how to do it.

For a successful installation of VeraCrypt, you need to:
  1. Get rid of the system partition of 100 MB which is automatically created by the Windows installer.
  2. Convert your system disk from GPT to MBR (Master Boot Record).
  3. Go to the BIOS and change the boot mode from UEFI with CSM to Legacy.
It worked for me, maybe it will work for you.