Can't remove Veracrypt Bootloader from UEFI Bios
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
EDIT: Many thanks to Sergey Sobolev, BOOTICE solved my problem.
https://sourceforge.net/p/veracrypt/discussion/general/thread/cbfd151b64/#5855
Hello, I have the following problem:
I want to remove the Veracrypt bootloader option from my UEFI boot options.
I've formatted the hard drive and even removen it from the machine at this point.
However, the following boot option persisist in the UEFI, even when no drive is present in the machine:
"VeraCrypt BootLoader (DcsBoot)"
I've tried resetting the bios, manually disabling the item, I've used the jumpers to clear out the bios but nothing helps!
Please help, thanks!
Last edit: Arne Rohrmann 2020-07-24
I know you’ve tried resetting the BIOS. Try again but for longer. This may (or may not) work:
Unfortunately, your suggestion didn't work despite following your suggestions.
The boot entry remains.
It is a desktop computer.
Thank you for your help though!
Any additional help would be very welcome if someone could help.
Last edit: Arne Rohrmann 2020-01-11
I believe that due to how UEFI works, the BIOS is finding VeraCrypt in the EFI partition and that's why it keeps showing VeraCrypt.
I don't know how to remove it from the EFI partition, but I'm sure that will work.
The problem is that I have removed all storage drives before trying these to ensure they wouldn't still somehow show up, being loaded from the disk drive.
On the Windows EFI partition, the UEFI boot is invoked on here from the BIOS. Note that if you formatted the drive, you may have only formatted the NTFS partition.
If you can somehow remove the VeraCrypt entry on the EFI partition, this should solve the issue. Note: you may need to repair the Windows boot loader afterwards. Please research carefully. Hopefully someone with more knowledge on this subject will be able to help you.
The only other option is to erase the entire hard drive (the one that VeraCrypt was used on) with something like a DBAN boot disk (rather than just reformatting, which may have only erased the NTFS partition and not the EFI one).
Afterwards, clear the BIOS, as per my earlier post.
If the computer has a TPM, maybe that is showing VeraCrypt? Although VeraCrypt does not support the TPM itself. You would need to reset the TPM as well.
After erasing the entire hard drive, resetting the TPM (if present) and clearing the BIOS (as per my earlier post), re-install Windows in UEFI mode again - disable CSM in the BIOS before installing Windows (then save and exit the BIOS).
Hope that helps. Good luck!
Last edit: Dave 2020-01-11
Before trying all that, see if a BIOS update alone resolves the issue. Before you begin, if you are using BitLocker, make sure you have a recovery key ready!
Do the following in Windows...
Download the latest BIOS version (non-beta) from the computer manufacturer for the brand and model number of your computer; if the computer was self built, download from the motherboard maker's website for that brand and model of motherboard.
The files are usually zipped up; extract all the files into a folder.
Right-click on the executable file, then left-click Run as Administrator. Follow the on-screen instructions. DO NOT power off or interrupt the BIOS update, as you could brick the motherboard!
After successful updating, I advise clearing the CMOS (this helps remove the “old” settings and avoids future problems). Revert the BIOS settings back to UEFI etc. Save and exit the BIOS.
Hopefully this may remove VeraCrypt from the BIOS boot options.
same problem with this piece if crap software,,,,i was installing and when it wanted to pre-test the encyption...the password wouldnt be accepted in the bootup from bios....now i got the dam veracrap in my bios bootloader with the other OS's...sincevim beta testing its not such a big deal...but there really needs to be a script code thst is implemented after you unstill this crap software so it erases all the crap it put into my bios....now i have yo take the battery out,,,jump my cmos,,,erasure all my partition drives on a duel boot system..and hope that flushes it out....my god what a pain in the ass
I can assure you that Veracrypt is NOT a "piece of crap software". It is anything but. It is the ONLY freeware open source high end OTFE package with hidden OS and complete plausible deniability on the face of the earth. Microsoft and Intel are the culprits here, not the venerable line of software ending with Veracrypt (for the time being) and starting with E4M (encryption for the masses). It's been around a long, long time. Learn to use it and you will be amazed.
Don’t blame VeraCrypt directly. The likes of Microsoft have more resources and control over secure boot, UEFI etc. Other operating systems like Ubuntu would be “remembered” by the BIOS too, even after removing Ubuntu.
Maybe BitLocker will work better for you? But it’s not available on the “Home” editions of Windows 10. You could either upgrade to Windows 10 Professional (if you have the Home edition) or you can enable “device encryption” in Windows 10 Home. This requires a Trusted Platform Module (TPM) version 2 or later (which must be enabled), with support for Modern Standby, along with full UEFI enabled in the BIOS (no CSM). Read more: https://www.windowscentral.com/how-enable-device-encryption-windows-10-home
Remember that VeraCrypt is free vs upgrading to Windows 10 Professional or upgrading/buying a new computer with the right hardware support e.g. TPM in order to encrypt the entire disk.
Yeah just had to erasure the OS and it cleared it out....
Not a big deal,,,just bit of pain
Sent from my iPad
And bittlocker got it working just fine...
Sent from my iPad
UEFI is not BIOS! UEFI does not have CMOS, so, removing the battery will not change anything. Boots enties stored in small flash area in UEFI chip in motherboard. It can be easly edited with special software like EasyUEFI or BOOTICE.
Yes, this is a bug in uninstaller, but the efi module appeared in VeraCrypt just recently and the author simply does not have enough resources to solve all situations with new hardware. Paid and extremely expensive BestCrypt Volume Edition has the same bug.
Thank you so much, THIS was the solution!
Feature request: remove the bootlaoder entry when you un-install VeraCrypt?
EDIT to previous: Remove the bootloader entry when un-installing VeraCrypt - or decrypting the drive.
For me, on a Dell Inspiron 15 3000 I had to do the following to get rid of the Password: and PIM: prompt after changing OS.
I was then able to reinstall the OS. I am now going to run around in the garden shouting GOOOOOAAAAAALLLLLLLLL because I only wasted 4 hours on this :/
Last edit: skelly 2020-09-07
Maybe BitLocker will work better for you? But it’s not available on the “Home” editions of Windows 10. You could either upgrade to Windows 10 Professional (if you have the Home edition) or you can enable “device encryption” in Windows 10 Home. This requires a Trusted Platform Module (TPM) version 2 or later (which must be enabled), with support for Modern Standby, along with full UEFI enabled in the BIOS (no CSM). Read more: https://www.trickyworlds.com/how-to-lock-drive-in-windows-10/
Just found this thread in 2024 when googling "delete veracrypt bootloader" - I sold my old PC and just deleted the Veracrypt partition, yet the Bootloader was still showing even after a BIOS reset.
So I did not want to remove the bootloader from a running system, but from a formatted harddrive. I found my own mixture of options by using the information provided here. I did not have Windows installed anymore and also didn't want to re-install just to run something like BOOTICE.
What I did now was create a Windows 11 installation USB stick and booted that. As soon as you are in setup:
this will show you all the partitions on the drive, if you formatted it recently it maybe has two or three like system, reserved and recovery
now for every partition just do
Now all partitions are gone indefinitely and the bootloader is gone from BIOS. Create new partitions when installing Windows.