Unable To Boot Recovery Media To Install Decoy OS

Discussion in 'encryption problems' started by seti, Oct 10, 2016.

  1. seti

    seti Registered Member

    Joined:
    Oct 10, 2016
    Posts:
    8
    Location:
    california
    Hi there,

    My system background info:
    Toshiba L645-S4104
    Toshiba Recovery Discs (3 discs)

    I basically followed the following guide because it looked pretty simple until I got to the end about installing the decoy os:
    p1
    http://www.devhardware.com/c/a/Hardware-Guides/Creating-a-Hidden-OS-with-TrueCrypt/
    p2
    http://www.devhardware.com/c/a/Hardware-Guides/TrueCrypt-Hiding-Your-Operating-System/
    p3
    http://www.devhardware.com/c/a/Hardware-Guides/TrueCrypt-Hidden-OS-Completing-the-Decoy/

    First time doing this. I am having some troubles booting into my recovery media discs after installing the hidden os and wiping the original system partition as truecrypt instructed. Afterwards, I was able to boot into the hidden os, but the computer won't boot into my recovery discs even though cd/dvd is set to first boot priority. So basically I'm stuck and I can't install the decoy os.

    To be specific, the following is from disk management:

    Before installation of hidden os:
    Healthy (Active, Recovery Partition)
    Healthy (Primary Partition)
    C: Healthy (Boot, Page File, Crash Dump, Primary Partition)
    NOTE: Notice the (Active, Recovery Partition). I had to set C: Active in windows disk management because during the process of setting up the hidden os, TC wouldn't let me continue unless my current os was set to active. That's why I set C: Active and then I was able to continue.

    After installing hidden os:
    Healthy (Recovery Partition) <---no longer active
    Healthy (Primary Partition)
    D: (UDF) Healthy (Primary Partition) <---this is probably my current recovery disc in the drive
    E: RAW Healthy (Logical Drive) <---this is probably the hidden os ?
    C: NTFS Healthy (System, Boot, Page File, Active, Crash Dump, Primary Partition)

    How come I can't boot into my recovery discs? Does it have anything to do with me setting C: Active? Another thing is, I can't "reactivate" the Recovery Partition in windows disk management. I hope I didn't mess up because I really hate to reinstall the system.
     
  2. seti

    seti Registered Member

    Joined:
    Oct 10, 2016
    Posts:
    8
    Location:
    california
    I very much apologize for double posting as I couldn't find the edit button. Anyway I just wanted to add that I was able to boot into my recovery discs. I feel so stupid, the problem was I used the backup discs I made from the original manufacturer discs. I still wonder why it won't boot the backup discs, but that's another story. So now I am able to boot into my recovery discs to install the decoy os. I am presented with the following 2 options:

    1. Toshiba Recovery Wizard
    MENU:
    Recover to out-of-box-state (system recovery options are included, all partitions deleted)
    Recover without changing the hard drive partitions (first partition will be deleted and all data will be lost)
    Recover to a custom size partition on C: (all partitions deleted)

    2. System Recovery Options
    MENU:
    startup repair
    system restore
    system image recovery
    windows memory diagnostic
    command prompt
    toshiba recovery wizard

    ------EDIT

    In addition, Gparted shows my partition table as:

    /dev/sda1, ntfs, system, diag flag
    /dev/sda2, unknown, boot
    /dev/sda3, 239.70GiB, extended, lba flag
    /dev/sda5, 239.70GiB, unknown,
    /dev/sda4, HDDRecovery, hidden flag

    If I'm correct, sda2 is the second partition, meaning C drive?

    And sda3 is the clone and sda5 is hidden OS?, but where do I install the decoy OS? I'm confused with my Toshiba Recovery Wizard.
     
    Last edited: Oct 11, 2016
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Somewhere on about the third page of threads here you will find some guidance, where several others have fought through using restore disks.

    You mention that you have recovery disks, which apparently you created. What software are you using to restore your system disk (use those disks)? Does your machine support USB booting? In the best world you will mount your recovery environment in RAM and using that ram-mounted OS you will write your recovery back to the C drive, or system disk of Windows. Are you using Win 7, or what?

    For most users the ease and success of restoring the decoy system comes from having a fully and properly created recovery environment. I literally have restored hundreds of system disks over my Windows years. As a coder I experimented with things that gave me multiple lifetimes of restoration experience. I broke things all the time, but that comes with beta use of private code.

    I know you have tons of questions, but so do I because at your 2 post count experience I don't know how to guide you. You may just be new here, or you can be new to all of this.

    I also want to direct you to our Backup and Imaging forum lower on the site. We have some good folks there and quite frankly that is the step where you are in the process. I don't post much down there but Brian and others will be glad to help.
     
  4. seti

    seti Registered Member

    Joined:
    Oct 10, 2016
    Posts:
    8
    Location:
    california
    Thanks for the response, yes I am on win7, and I am new to this board. But nevermind the recovery discs. I was able to install the decoy via original manufacturer discs. Regarding to my second post, I was able to boot into the recovery discs and I chose the following option in the Toshiba Recovery Wizard
    :
    Recover to a custom size partition on C: (all partitions deleted)
    NOTE: According to TC, the decoy system partition must remain the same size as the size of the hidden volume. So I had to adjust the max size of C: to match my hidden volume.

    I hope I didn't mess up. I was able to create a TC recovery disc after installing the decoy. And now TC is currently encrypting the system partition. Hopefully I will get to access all 3 systems (hidden, decoy, and outer) if all goes well. Wish me luck.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Of course I wish you the best of luck. Windows install disks are notorious for breaking things encrypted. The reason is the Windows installer cannot recognize the filesystem on the second partition (hidden/outer volume). There is no filesystem due to 100% sector by sector encryption of that partition. Therefore in its infinite wisdom (NOT) Windows will try and repair it during installation. Not always, but way too many times, so be prepared.

    Assuming you get this going, you are going to want to make an actual system disk backup once you get the decoy configured as you want it. There is no sense in repeating the configuration process from scratch every time, which is what you will be doing with factory restores. PLUS - by having an actual "hot" backup image you can then mount recovery in RAM and write it back to the system disk partition while leaving the other partitions unharmed. In other words Windows is not controlling the restore, your backup software is.

    In summary, if your decoy restores without "hitting" the hidden partition consider yourself very lucky. Windows factory installers are the worst. If it goes the other way you are back to scratch unless you have a sector image of the original hidden partition. Just make sure to acquire a SOLID backup of your system disk, which can be recovered using a RAM environment. Doesn't matter if you use optical drives, but if you have access to USB booting you will be much happier with the speeds and results.

    Post back and let us know!
     
  6. seti

    seti Registered Member

    Joined:
    Oct 10, 2016
    Posts:
    8
    Location:
    california
    Ok looks like TC won the first round. I failed miserably. I'm pretty sure the problem was the original manufacturer's recovery discs that I used to install the decoy OS. The manufacturer Recovery Wizard offered the following options:

    1. Recover to out-of-box-state (system recovery options are included, all partitions deleted)
    2. Recover without changing the hard drive partitions (first partition will be deleted and all data will be lost)
    3. Recover to a custom size partition on C: (all partitions deleted)

    According to the recovery wizard, options 1 and 3 wipes all partitions on the drive. I made a mistake by choosing option 3 to install the decoy OS and it overwrote the hidden OS and all other partitions. But option 2 wipes partition 1 which I don't want either because I have learned that it is the System Reserve partition for TC Boot Loader and Windows Recovery Environment. That means that my OEM Recovery Discs will not work with TC, which also means I need another alternative win7 installation disc that will allow me to choose which partitions to install the decoy OS. I do have another win7 installation disc and yes it's legal.

    So basically now I have to start from scratch, no problem. I'm currently in the process of reinstalling everything especially windows updates and all the necessary drivers (manually). This time I will get to choose which partition to install the decoy OS. I just hope it won't overwrite the hidden OS again. I'll be back.

    --------EDIT

    Good news, all is working fine. Now I just need to create an image of the decoy just in case.
     
    Last edited: Oct 15, 2016
  7. seti

    seti Registered Member

    Joined:
    Oct 10, 2016
    Posts:
    8
    Location:
    california
    Mods can mark this thread as solved.