The Misadventures of Quinxy truths, lies, and everything in between!


Jetico’s BestCrypt Volume Encryption Can Lead to Destroyed/Damaged/Lost Data

With the demise of TrueCrypt I moved to Jetico's BestCrypt Volume Encryption solution, having used them years ago for container encryption.  Yesterday I made the horrible discovery that there was a serious issue with their volume encryption software that caused me to lose (thus far) almost all my data on a drive.  I then discovered the problem existed on every Best Crypt volume I had created, across two computers.

Something about the recent BestCrypt's Volume Encryption version  (I was using 3.70.09) was causing problems with Windows built-in chkdsk.  I did a chkdsk on an almost new external drive I attached last month and got dozens of peculiar error messages, many like "File record segment X is unreadable."  I thought perhaps it might have been related to having to hard reset the computer after it froze the week before.

Knowing it was a BC volume I did a quick Google to see if the error came up in relation to Jetico/BestCrypt keywords and didn't see anything, so I thought it was just a disk issue.

Now, I'm clearly partly at fault for what happens next.  I knew that chkdsk /f would modify the disk, so to be entirely safe I should have backed it up.  But as it was primarily a backup drive, as it was 3 TB, as I had no other larger drives available, and as I had never seen chkdsk make an otherwise working drive worse in ~20 years of using it, I decided instead to use Beyond Compare to create a snapshot of the disk (file names/dates/folder structure only) so I could diff the post-chkdsk results with the pre-chkdsk state and see what if any files were modified/removed/etc.  I ran chkdsk /f and to my horror saw not only the huge list of "File record segment X is unreadable." but also adding 1200+ sectors to the bad clusters file and message that chkdsk died with an "unspecified error".  My drive contents were almost entirely gone.  I tried to run chkdsk /f again, same result.

In the moments after I realized I bent the rules a bit and had some things on the drive which weren't backups so I'm very sad and frustrated about that. (I'm waiting on a replacement drive so I can image the corrupted drive and see if anything is salvageable with recovery tools.)

I then checked my other BestCrypt volume (my main system drive) and sure enough it reported the exact same type of error with chkdsk (I had the wisdom not to try and fix the problem this time).

I also booted up a desktop computer on which I had initially installed Jetico's volume encryption a month or so ago as a test prior to installing it on my laptop and found that it, too, reported the same problem. That desktop is not in active use and had been idle since shortly after testing. And that computer is almost a vanilla install of Windows 8.1, completely different hardware (years older than my laptop), very little software installed (TrueCrypt was).

I contacted Jetico and they responded that they had seen this:

Thank you for using our software! We apologize for the inconveniences being in place.

With BestCrypt Volume Encryption v.3.70.09 installed, the chkdsk utility may indeed act abnormally and report
multiple errors on the encrypted drives. The effect is very rare (we have received a similar report only
twice) and could not be initially reproduced on our test systems. We've already implemented a fix and
released the updated version of the program. Please follow the link to
download the setup executable for BestCrypt Volume Encryption v.3.70.10 Run the downloaded file and proceed
through the installation wizard to refresh your installation, no advance decryption is needed. Reboot is
required for the update process to complete.

After installing the new version I can confirm chkdsk no longer reports the problems on the laptop's main system partition.  But my trashed mostly backup drive is still trashed.  My files remain gone.

I think the problem BestCrypt had must be much less rare than they realize or admit.  It happened on both of the computers I installed it on, and there were relatively few commonalities (beyond both running Windows 8.1 and having had TrueCrypt installed).

Since I could find no results when I searched for the chkdsk error I saw and Jetico's BestCrypt Volume Encryption I wanted to leave some record of it in case it saves someone else data loss.

^ Q