VeraCryptSystemFavorites service failed to start
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hi,
I have been using VeraCrypt (and TrueCrypt before that) for years on
various (MBR) machines using full system disk encryption and all has
been very good (thank you). My new machine is Windows 10 Pro and as such
is UEFI/GPT. I chose to use 1.24-Beta5 because the notes imply it is
likely more resistant to windows update issues.
The single SSD in the system has four partitions (100MB EFI, 16MB
Reserved, 175GB System, 778GB Data). In case relevant, all four show in
diskpart and in VC but only three in Windows Disk Management (the 16MB
Reserved one is missing there). I have performed a system partition
encryption and that seems to work fine. I have in-place-encrypted the
Data partition (using US keyboard and same password as system). The
drive letter for the data partition is removed in Disk Management to
free it for mounting. Hibernation (hence fast boot) is disabled. I have
an annoying issue and a worrying issue...
1) I cannot get the data partition to mount via system favorites. I've
checked everything I can find in various online forums and notes with
the same result - the partition is never mounted after windows boot and
login. In the EventViewer under Windows Logs / System there are two
errors from each system boot: "A timeout was reached (30000ms) while
waiting for the VeraCryptSystemFavorites service to connect" and "The
VeraCryptSystemFavorites service failed to start due to the following
error: The service did not respond to the start or control request in a
timely fashion".
2) After booting and logging in, if I open VC and Select Device, then
choose the appropriate partition and drive letter, the partition is
mounted yet I am never asked for a password. I have disabled every
password caching option I can find and wiped cached passwords but this
seems to have no effect. This seems concerning?
Any pointers on either of the above would be much appreciated :-)
As a final aside, from reading it appears that an admin-priviliged user
could dismount the above data partition (system favorite) drive as part
of a "Dismount All". With full-disk-encrypted systems in the past I have
found it very convenient to be able to dismount multiple external
encrypted drives (plus mounts of additionally-encrypted internal files)
via "Dismount All" without affecting any of the main internal mounts. It
would be helpful if system favorites could be omitted from a "Dismount
All" even by an admin user (requiring specific dismounts only, or even
for a no-dismount option to be cleared for them first).
Many thanks for all your efforts and any help with the above.
Mark
https://sourceforge.net/p/veracrypt/discussion/technical/thread/c054ea3535/#88eb
Thank you; I had actually already read that thread and the others referenced by it.
It's not clear to me why those would cause the service to fail to start. Note that the machine cold-boots to the desktop (including me typing in system and windows passwords) in less than 30 seconds (30000ms) so the timeout reported by windows seems fishy...
In the Settings > Preferences, try enabling Start VeraCrypt Background Task in the Action to perform upon logon to Windows.
https://www.veracrypt.fr/en/VeraCrypt%20Background%20Task.html
I am assuming that the other section VeraCrypt Backgorund Task > Enable is also checked/enabled.
These were both actually ticked already. I also tried clearing all the 'dismount all when...' options such as when user logs off which made no difference. It does take a while for the VC tray icon to appear after window starts but I had assumed that was just a UI initialisation thing.
It's also weird/worrying as I say that the data partition can be manually mounted without entering a password. I can even then dismount and re-mount it without entering a password, even though I don't believe I have any password caching options set. If I dismount and select wipe cache and re-mount it asks for the password. If I dismount and wipe cache and reboot then mount, it does not ask for the password, so is it caching the system password entered before windows starts, and holding indefinitely for system, favorites?
I have to leave the office now but I will try again / check any other points first thing tomorrow. Thank you for your ideas.
Guys, I do really appreciate the great work you do creating, maintaining and supporting this tool, and that no-one may have time to work through the system favorites issue here, which I could likve with. But does anyone know what's going on with the password issue I mentioned? It really concerns me that a volume can be mounted with no password prompt when it seems that VeraCrypt shouldn't have the password available. Thanks for any pointers.
Can you post a screenshot of the VeraCrypt:
Maybe someone will see a configuration setting that is causing the auto mounting without password.
Last edit: Enigma2Illusion 2019-06-20