after using VeraCrypt for encrypting containers and being more than happy with its services, I decided to encrypt my system partition (not full disk encryption, since I have GPT with no intention to 'downgrade' to MBR). Using the wizard, I followed all the instructions and everything went fine (well, after disabling Secure Boot in BIOS, it did). I then decided to defer the encryption, so that I could firts test whether the Rescue Disk (RD) worked properly.
The RD wouldn't boot. I tried switching the boot mode to CSM, which brought about no results. Having switched back to UEFI boot, however, suddenly got the RD to boot. I restarted the PC again, just to see whether it would now work normally, or whether I'd have to do the UEFI=>CSM=>UEFI dance every time. Luckily, it worked just fine that time. Deciding to then test whether it does what it should be doing, I let the VC bootloader load from the RD. Everything worked just fine. I booted into Win, deferred the encryption once more to complete my final data backup and check everything's alright. Unfortunately, I did not make a system restore point... I don't know why it didn't occurr to me, but I simply didn't.
Now, I don't remember why exactly was it that I didn't resume the encryption process right after I was done. I simply shut the computer down, leaving the flat - it was a busy day, I was in a hurry... you get it. When I came home and started the PC, VC didn't ask me to enter the password. I booted into Win and it told me the pre-test failed. I restarted again, and again, no pre-test.
I started over. No luck. I played around in BIOS, then thought maybe I'm actually messing up and restored original settings. Didn't help. I reinstalled VeraCrypt. Didn't help. I ran CCleaner through registry and Windows caches. No luck. I ran scf /scannow - no problems found. I ran chkdsk on my HDD, no problems found.
The VC pre-test worked up unitl the point when I let the VC bootloader load from the Rescue Disc. Then it just stopped working. Now, I can't seem to get the pre-test running, and I can't even boot from the new RD.
Any ideas, please? I'd prefer not having to use BitLocker...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Are you sure about that? I believe I've read that for MBR drives that go through a full-disk encryption, that is true and the RD is an ISO file. But for encrypting GPT system partition only (my case), the RD is GPT, too, and it's definitely not an ISO, but a ZIP file (extracted to the root of a USB flash drive) - that much is clear from the instructions provided directly in the VC encryption wizard.
Last edit: Tom K 2017-11-05
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
UPDATE: I ran chkdsk (no attribute) again and in stage 3 it found some errors, suggesting to run chkdsk /scan, which I found out performs an online scan of the drive, as in no need to dismount and thus do a boot-time scan. After running /scan, it showed no errors. Should I still run /r overnight, or is there really no need for that?
Last edit: Tom K 2017-11-05
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello everyone,
after using VeraCrypt for encrypting containers and being more than happy with its services, I decided to encrypt my system partition (not full disk encryption, since I have GPT with no intention to 'downgrade' to MBR). Using the wizard, I followed all the instructions and everything went fine (well, after disabling Secure Boot in BIOS, it did). I then decided to defer the encryption, so that I could firts test whether the Rescue Disk (RD) worked properly.
The RD wouldn't boot. I tried switching the boot mode to CSM, which brought about no results. Having switched back to UEFI boot, however, suddenly got the RD to boot. I restarted the PC again, just to see whether it would now work normally, or whether I'd have to do the UEFI=>CSM=>UEFI dance every time. Luckily, it worked just fine that time. Deciding to then test whether it does what it should be doing, I let the VC bootloader load from the RD. Everything worked just fine. I booted into Win, deferred the encryption once more to complete my final data backup and check everything's alright. Unfortunately, I did not make a system restore point... I don't know why it didn't occurr to me, but I simply didn't.
Now, I don't remember why exactly was it that I didn't resume the encryption process right after I was done. I simply shut the computer down, leaving the flat - it was a busy day, I was in a hurry... you get it. When I came home and started the PC, VC didn't ask me to enter the password. I booted into Win and it told me the pre-test failed. I restarted again, and again, no pre-test.
I started over. No luck. I played around in BIOS, then thought maybe I'm actually messing up and restored original settings. Didn't help. I reinstalled VeraCrypt. Didn't help. I ran CCleaner through registry and Windows caches. No luck. I ran scf /scannow - no problems found. I ran chkdsk on my HDD, no problems found.
The VC pre-test worked up unitl the point when I let the VC bootloader load from the Rescue Disc. Then it just stopped working. Now, I can't seem to get the pre-test running, and I can't even boot from the new RD.
Any ideas, please? I'd prefer not having to use BitLocker...
Strange. RD has to be MBR disk FAT formated.
disk structure:
EFI\Boot
EFI\VeraCrypt
RD is started from EFI\Boot\bootx64.efi
Are you sure about that? I believe I've read that for MBR drives that go through a full-disk encryption, that is true and the RD is an ISO file. But for encrypting GPT system partition only (my case), the RD is GPT, too, and it's definitely not an ISO, but a ZIP file (extracted to the root of a USB flash drive) - that much is clear from the instructions provided directly in the VC encryption wizard.
Last edit: Tom K 2017-11-05
UPDATE: I ran chkdsk (no attribute) again and in stage 3 it found some errors, suggesting to run chkdsk /scan, which I found out performs an online scan of the drive, as in no need to dismount and thus do a boot-time scan. After running /scan, it showed no errors. Should I still run /r overnight, or is there really no need for that?
Last edit: Tom K 2017-11-05
to boot from GPT partition it has to be ESP type.
MBR usb is more simple way to boot RD.