Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: TrueCrypt - Recover Corrupt Container

TrueCrypt - Recover Corrupt Container

How to Recover a TrueCrypt Container with Corrupt Header Information
Published by Golden
03 Oct 2012
Published by

How to Recover a TrueCrypt Container with Corrupt Header Information

information   Information
TRUECRYPT is a free open source application that allows you to encrypt files, folders, partitions or even entire physical drives. It is a very useful alternative to Windows Bitlocker Drive Encryption, which is only available in Windows 7 Ultimate.

In some cases, the header information of an encrypted container/volume can become corrupted resulting in the inability to mount the container/volume and retrieve the encrypted data.

TrueCrypt allows you to attempt to recover the corrupted volume header information, thereby allowing you to access the encrypted data by mounting the container/volume as you normally would.



warning   Warning
Encrypted containers/volumes can only be recovered using this method if the volume header information is corrupted. It will NOT recover the information within the container/volume if the actual data within the container has also been corrupted, or if the encryption password has been forgotten

In order to completely protect your encrypted data, you must ensure that you have also used the other disaster recovery options mentioned in Step 3 - Disaster Recovery described here. Recovery using volume header backups should always be considered a last resort.



Symptoms of a Corrupt Volume Header
If you attempt to mount an encrypted container in which the volume header information has been corrupted, you will see this panel:
Name:  y1.png
Views: 2703
Size:  15.1 KB
If you are sure that you have entered the password correctly, then the only reason this panel is displayed is because the header information contained in the encrypted volume has become corrupted to the degree that Truecrypt no longer recognises the container/volume.

You can attempt to 'fix' the corrupted header by mounting the encrypted volume using the backup header information.



Recovering the Volume Header
TRUECRYPT allows you to attempt to recover corrupted volume header information using two techniques:

  1. Using an internal or embedded backup of the volume header
  2. Using an external backup of the volume header
warning   Warning
If you have changed your original encryption container/volume password, and then recovered a corrupted volume using the internal/embedded backup technique, then you can only mount the encrypted volume using this original password. This is because the internal/embedded header backup is only created once, storing the original password within the backup - subsequent changes in password are never written to the internal/embedded header backup.

If you cannot remember the original password, then you must use the external backup technique as outlined in Method 2 below. This technique assumes that you created the external backup prior to the container header becoming corrupted - refer to Step 3 - Disaster Recovery described here.

Method 1: Recovery using the Internal (Embedded) Backup
When you create an encrypted container/volume, Truecrypt automatically creates an internal backup of the volume header that is embedded within the encrypted container.

From the main Truecrypt panel, use the Select File option to select the encrypted container, and then select the Volume Tools option, as shown below.
Name:  y2.png
Views: 2701
Size:  66.2 KB
From the pull-down list that appears, choose the Restore Volume Header option.
Name:  y3.png
Views: 4483
Size:  7.3 KB
From the pop-up panel, select the first option (the internal backup of the volume header)
Name:  y4.png
Views: 2686
Size:  33.2 KB
Now enter the password that you used when you first created the encrypted container/volume.
Name:  y5.png
Views: 2677
Size:  30.2 KB
In the Random Pool Mixing panel, move your mouse over the hexdecimal characters in a random fashion to create the HASH, and then click Continue.
Name:  y6.png
Views: 2714
Size:  64.5 KB
After a short period, the corrupted header information of the encrypted container is replaced with the internal backup of the header. A confirmation message will be displayed. Click OK to close the message, and then proceed to mount and use the volume as normal.
Name:  y7.png
Views: 2683
Size:  40.0 KB



Method 2: Recovery using the External Backup
If you created an external backup of the volume header as described in Step 3 - Disaster Recovery described here, you can attempt to recover the corrupt volume header from that backup.

The steps required are exactly the same as described earlier, with the exception that you choose the Restore the volume from an external backup file option as shown below.
Name:  zz11.png
Views: 2677
Size:  11.8 KB
Once you have selected that option, you will be prompted to browse to the location of the header backup you created. You will then be prompted to input your volume password, and after a few seconds you will receive a confirmation message that the header was successfully recovered, as shown below.
Name:  zz22.png
Views: 2676
Size:  17.7 KB
You can now mount and work with the encrypted volume as normal.

warning   Warning
A final word of caution : its extremely difficult to test this recovery functionality since the volume is encrypted. As such, I only recommend this method as a very last resort when you have exhausted all other means of recovery.


Regards,
Golden

28 Nov 2012   #1
LittleJay

Windows 7 Home Premium 64bit SP 1
 
 

Nice job Golden. I stumbled across this tutorial and decided that it might not be a bad idea to backup the header for my TrueCrypt volume. I do have it saved on other HDDs as well, but a little extra precaution never hurt anybody.

My System SpecsSystem Spec
28 Nov 2012   #2
Golden

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Thanks. Glad you found it useful
My System SpecsSystem Spec
27 Dec 2012   #3
adelejukerberg

Windows 8
 
 

Nice job Golden.
My System SpecsSystem Spec
.


Comment

 TrueCrypt - Recover Corrupt Container




Tutorial Tools



Similar help and support threads for2: TrueCrypt - Recover Corrupt Container
Windows 7 Tutorial Category
How to recover data from Corrupt Flash Drive General Discussion
Truecrypt incorrect password or not a truecrypt volume Software
Truecrypt incorrect password or not a truecrypt volume General Discussion
Cannot recover damaged MFT on a TrueCrypt partition General Discussion
Need to recover files from a corrupt unreadable NTFS harddrive Backup and Restore
container folder deletes General Discussion
Firefox 3.6.4/plugin-container.exe Browsers & Mail

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:15 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33