Windows will not boot with message "winload.efi is missing or corrupt 0x00000025"
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Win10. VeraCrypt is version unknown (installed roughly 5 years ago). I have cloned the drive. I have connected the cloned drive externally and installed the latest VeraCrypt on another computer. Trying to mount the ext.hd with VeraCrypt I get a lengthy error msg about "Incorrect pwd or incorrect PIM or...". A Startup Repair from Windows PE failed. No rescue disk was made. I have tried all the other winload.efi fixes. The user is sure the pwd is correct. The only thing extra clue she said is that after she enters the VeraCrypt pwd she hits enter twice. Does that suggest anything to you? Any other suggestions? The original hd was removed and connected externally and was tried with the VeraCrypt mounting feature from another computer, but I got the same error msg. That was the only step I did with the original hd before cloning.
I just noticed the tools you have. The tool VcFixBoot produced the screenshot of the attachment. It seems to be saying that there is a permissions issue. The non-booting hd with VeraCrypt on it is connected externally to that computer. How do you run it from the computer with the booting issue and the VeraCrypt'ed hd in it if Windows can't boot?
I, also, tried VeraCryptUsbRescueDisk, but the instructions say copy VeraCrypt Rescue Disk.iso to the flash-drive, but that file was not in the zip package, nor is it anywhere else that I can see. Is that iso file supposed to be created on the computer that has VeraCrypt on it. If so, is there another way that this can be done since the computer with the hd is no longer booting? Those instructions that are part of the zip file veracryptrescuedisk.zip should state that the iso file needs to be created on that computer. Is it necessary to know exactly which version of VeraCrypt was used to encrypt the hd? And that version needs to be used to create the iso rescue disk iso? Can it done on another computer if it is known the correct version? Is there some way to find out the correct version from the encrypted hd if it cannot boot, perhpas using the hex tool to show the contents of the hd? Does the creation of the rescue disk iso include some connection to the encrypted hd when the rescue disk iso is created? The original encrypted hd is working, it just won't boot into Windows.
Last edit: rof dar 2025-06-25
Followed the instructions from browlry in this:
https://sourceforge.net/p/veracrypt/discussion/technical/thread/5b859040/?limit=25&page=1#997c
I did not have the rescue disk, but used the WinPE command prompt since the recovery function of Windows was working.
Excerpt from that discussion below:
Here's Alex's instructions, written step-by-step for a layman:
mountvol o: /s
notepad o:\EFI\VeraCrypt\DcsProp
ren o:\EFI\Microsoft\Boot\bootmgfw.efi bootmgfw_ms.efi
copy o:\EFI\VeraCrypt\DcsBoot.efi o:\EFI\Microsoft\Boot\Bootmgfw.efi
<config key="ActionSuccess">postexec file(EFI\Microsoft\Boot\bootmgfw_ms.efi)</config>
for exmaple, it may look like this when you're done:
<veracrypt>
<configuration>
<config key="PasswordType">0</config>
<config key="PasswordMsg">Enter Password: </config>
<config key="PasswordPicture">login.bmp</config>
<config key="HashMsg">(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160 (5) STREEBOG
Hash: </config>
<config key="Hash">1</config>
<config key="HashRqt">0</config>
<config key="PimMsg">PIM (Leave empty for default): </config>
<config key="Pim">0</config>
<config key="PimRqt">1</config>
<config key="AuthorizeVisible">0</config>
<config key="AuthorizeRetry">10</config>
<config key="ActionSuccess">postexec file(EFI\Microsoft\Boot\bootmgfw_ms.efi)</config>
</configuration>
</veracrypt>