I decided to use Bitlocker to encrypt my 2nd internal SATA data HDD (NTFS) on my PC (Win 7 Pro) containg sensitive financial and personal data. I assumed that when the encrypted SATA HDD was unlocked with my Bitlocker password that any file(s) copied to an external (USB) backup HDD (NTFS) drive would be non-encrypted files. I tested my assumption and it seemed to be confirmed because I was able to open any of the copied files on the USB HDD drive even if the Bitlocker protected internal SATA HDD was locked.
We had a T-storm event and my PC motherboard got zapped along with other things like some TVs, cable box, router, etc. After, the PC powered up but no BIOS messages, etc appeared. I removed the C:/ drive and that seems readable from a USB HDD SATA caddy on another PC but the encrypted data HDD was literally fried with a dark scorch line across the PCB and would not power up. The PC motherboard also had scorch marks. Fortunately I have the external backup drive which was not connected at the time. I thought I was in luck.
I plugged the backup USB hdd into my new Win 7 Pro box and found some strange things. I could not copy many of the data files from the USB HDD onto the new PC HDD (another new 2nd internal SATA). I got an error message saying "You need permission from S-1-5-21-405074475-1107139141-5430-etc etc to make changes to this file. The file date showed as 2/22/2016.
These files that cannot be copied appear in green color type in Windows Explorer and when checked they have the "e" encryption attribute set which I could not uncheck. What I found strange was that many subfolder have files and executables that seems perfectly fine without encryption. I thought the good ones were old files created before I ever used Bitlocker but looking at dates it appears somewhat random.
I do have my dead encrypted SATA drive's Bitlocker Recovery key ID and the Full recovery key ID plus the Bitlocker Recovery key. How do I un-encrypt the individual files on the USB backup drive?
I opened bitlocker on the new PC and it says no certificates found. So I created a new certificate and then try to update one subfolder on the backup HDD containing non-critical data with the new certificaTE. I thought it would ask me for the old recovery key but all I got was the same
error for each file:
[ERROR] 0x80071771: file location and file name
I assume, the S-1-5-21, etc is the id of my old PC. Any advice would be greatly appreciated
Thanks in advance.