This project has moved. For the latest updates, please go here.

Can't boot Win10 after Decrypt OS, auto recovery looping.

Topics: Technical Issues
Mar 5 at 7:42 AM
Edited Mar 5 at 8:03 PM
Have I lost my Win10 installation? Here's a rundown of what I did:

I have an Acer Switch Alpha 12 running Win10 Home.
  • I followed this tutorial. "Encrypt the whole drive" was greyed out so I went with "Encrypt the Windows system partition".
  • Proceeded through tutorial, created rescue disk, but then the "System Encryption Pretest" failed. Disabled "Secure Boot" in the BIOS and was able to pass the Pretest.
  • Encrypted with no problems.
  • Reboot failed: Windows 10 ran its auto recovery (with the Acer logo).
  • Used auto recovery options to select the UEFI USB rescue disk and booted the Veracrypt bootloader from it. Booted into Win10 with no problem.
  • Further googling showed that Acer has some non-standard behavior (link misbehaving) sourceforge.net/p/veracrypt/discussion/technical/thread/5b859040/#2757 preventing persistent bootloader changes. Decide it's not worth the headache.
  • Boot to rescue disk and run "Decrypt OS". (Now realize that could have been done from Windows)
  • Decrypt successful (I think? Here's a screenshot)
  • Reboot and... oh no! Win 10 auto recovery again? (This time with Windows logo, not Acer logo?) Recovery fails, none of the options seem to help.
  • Boot to Rescue Disk and try to boot from Veracrypt Bootloader. Fails to Win10 auto recovery.
  • Got to windows command prompt from Win10 auto recovery. Try to change to C: drive but it's "The volume does not contain a recognized file system". Think my drive is still encrypted maybe? Confused at this point.
  • Boot to Rescue Disk and try "Restore OS header keys" and "Restore Veracrypt loader binaries to system disk". No change, still looping on auto recovery.
  • Boot to Rescue Disk and run "Decrypt OS" again. Runs same as before. Still unable to boot into Win10 after.
Am I screwed? Can I recover my ability to boot Win10? Is my data gone?
Developer
Mar 5 at 11:29 AM
Mar 5 at 8:01 PM
Edited Mar 6 at 5:48 AM
Does the following:
"After typing the password and PIM, it will automatically detect the issue and propose to fix it."
mean that I should expect to see different dialog from the rescue disk telling me it's detected the problem? I downloaded the rescue disk patch, extracted it over my existing rescue disk and when I selected "Decrypt OS" it ran just as I'd seen it run before.

Now after rebooting Win10 tries to run the automatic repair and fails while "Diagnosing your PC". Right before it loops it displays a message about "Repairing disk errors. This may take over an hour to complete". Then it immediately reboots and starts automatic repair again.
Developer
Mar 6 at 5:57 AM
verahelpme wrote:
  • Boot to Rescue Disk and try "Restore OS header keys" and "Restore Veracrypt loader binaries to system disk". No change, still looping on auto recovery.
  • Boot to Rescue Disk and run "Decrypt OS" again. Runs same as before. Still unable to boot into Win10 after.
It looks like you decrypt data decrypted already several times. It is bad news. How many times? To recover it is necessary to encrypt. No automatic procedure for this.
Mar 6 at 8:28 PM
3 times. First with 1.19 rescue disk, second with 1.19 rescue disk, third with patched 1.19 rescue disk. If I were to try to recover I'd have to encrypt twice and then decrypt with the patch 1.19 rescue disk I'm guessing? I can get unbuntu running with linux veracrypt installed. Possible to encrypt with that? How do I ensure it's using the proper keys?
Developer
Mar 7 at 6:29 AM
Edited Mar 7 at 6:30 AM
I recommend to copy all OS data via dd tool. (sectors)

Ubuntu - it does not help to decrypt. (probably via LUKS but I do not know)

Situation: There are two sectors ranges. Most of OS sectors data (A) and some sectors range in first 50 MB of the partition (B)
disk states
  1. System partition is encrypted all (normal)
  2. First decryption - (A) is decrypted, (B) damaged
  3. second decryption - (A) is decrypted second time, (B) damaged second time
  4. third. Not clear - Did you restore OS header keys again? if yes - (A) is decrypted third time, (B) not restored (probably damaged again).
In your scenario - the main problem is (B).
To restore:
  1. It is necessary to determine sector ranges (B) and (A) (numbers)
  2. Encrypt two times (A) - (A) will be restored. You can use any software like R-STUDIO to recover your files.
  3. (B) is more difficult. need to investigate partitions table.
Via DcsCfg.dcs from EFI shell it is possible to try. But I think It is necessary to create special tool. Do not use original data. Use backup (via dd).
Mar 8 at 5:11 AM
Edited Mar 8 at 10:50 AM
I appreciate your time, here's a clarification of the disk states:
  1. System partition is encrypted all (normal)
  2. First decryption - (A) is decrypted, (B) damaged (via 1.19 rescue disk)
  3. Restored OS header keys (via 1.19 rescue disk)
  4. second decryption - (A) is decrypted second time, (B) damaged second time (via 1.19 rescue disk)
  5. Third decryption (A) is decrypted third time, (B) not restored (probably damaged again). (via patched 1.19 rescue disk, no indication it recognized damaged portion of partition (B))
I've created an ISO of my system OS partition via dd on a separate drive (microSD card). How do I accomplish the re-encryption (two times) properly (with the proper keys)? I'm willing to accept that the 50 MB (B) piece of data is unrecoverable at this point.

Now that i have a copy of my system OS partition I presume it is safe to reformat my system OS partition and attempt a fresh Windows 10 install?
Developer
Mar 9 at 3:58 AM
verahelpme wrote:
I've created an ISO of my system OS partition via dd on a separate drive (microSD card). How do I accomplish the re-encryption (two times) properly (with the proper keys)? I'm willing to accept that the 50 MB (B) piece of data is unrecoverable at this point.
Probably I'll have to create separate recovery tool.
Now that i have a copy of my system OS partition I presume it is safe to reformat my system OS partition and attempt a fresh Windows 10 install?
It is necessary to save range [0,64] sectors of the disk (not partition). It contains GPT and key.
Mar 9 at 8:10 PM
I used dd to create ISOs of everything on the drive and I also used dd to clone the entire drive to an SD card.