Prevent Windows 10 from changing the boot loader automatically Win10 will boot up straight after undoing some of the changes from the update attempt. Once you are there, go to the command line ( cmd.exe ) and type from there:īcdedit /set path \EFI\VERACRYPT\DCSBOOT.EFIĪfter doing so you can just re-boot the PC and it will present you with VeraCrypt’s standard password dialogue. Create a Windows PE rescue disc ( 1, 2, there are many options out there, just Google for it it will cost some time, but it is rewarding in case a Win10 install goes bust),.( Note: it MUST be WinPE based in order to use bcdedit.exe, which is a windows-exclusive tool). Windows PE), then you can use that USB stick to boot into that rescue system and use the command line to manually edit the boot entries. If you have access to a bootable USB stick with a rescue environment on it (e.g. Fix 2: Boot into WindowsPE / a rescue environment and edit the bootloader from the command line After that, you can continue with updating your Windows 10 installation as intended, and after doing that, you can encrypt your system partition / drive once again. then pressing F8 or F12 during BIOS POST to change the boot device to that USB stick.Īfter that, VeraCrypt will offer you an option to permanently decrypt the system drive, and after doing that, your Windows will just come back as it used to, after re-rolling some of the update changes which caused all this mess.then connect the bootable USB stick to one of the backside USB ports of your computer (if desktop),.You can easily create a bootable USB stick from that rescue-disc-file with e.g.When you encrypted your system partition / drive, VeraCrypt repeatedly advised you to create a rescue disc file, which contains the bootloader and the partition header with the public key for decryption. Fix 1: Permanently decrypt the system drive using the VeraCrypt rescue disc In order to change the bootloader you would have to boot into Windows 10, which you can’t do – welcome to the boot-loop. The situation is, that you can’t boot into Windows 10 anymore, as it overwrote the UEFI boot entry, while the bootloader file itself is still in place physically. The good news is: there are good chances that you can put your rig back up to work without too much effort! As there are several approaches, I will briefly explain them. I found a good wrap-up and description from Uli König in German, which is the source for what I am explaining here. Entering the BIOS reveals, that there is no bootloader entry for VeraCrypt, because it has been removed by Windows 10 update or the UEFI BIOS update. Once that happens, windows will be set as the primary boot option and try to boot itself up instead of VeraCrypt – from an encrypted drive/partition which it can’t read, resulting in a repair attempt from Windows 10. Windows however is able to modify UEFI bootloader entries, which can happen during major Windows updates, or when updating your mainboard’s BIOS. To enable VeraCrypt to pre-boot-authenticate your encrypted drive, it has to install an additional UEFI bootloader entry named “ VeraCrypt BootLoader (DcsBoot)“. Press “Advanced options” to try other options to repair your PC or “Shut down” to turn off your PC Root cause: UEFI Windows 10 After an update of your mainboard BIOS, or after major Windows 10 updates, you may experience a boot-loop or bluescreen, where Windows 10 will try to “repair” your Windows 10 installation over and over, without succeeding. The following applies if you encrypted your whole system drive / partition using VeraCrypt. ![]() What you experience is, that the UEFI boot entry for VeraCrypt is gone. ![]() Problems with VeraCrypt and Windows 10 bootloader However, there are some problems connected to VeraCrypt and UEFI / Windows 10’s update mechanism / bootloader handling. Being an OpenSource tool based on the original TrueCrypt, it has been significantly improved over its predesessor and is widespread in the community. ![]() If you want to work with Full Disk Encryption (FDE), plus pre-boot authentication and you don’t want to use Windows BitLocker for some reason, it is likely you will end up with VeraCrypt.
0 Comments
Leave a Reply. |