I recently lost(shows as unformated-RAW) my BitLocker encrypted drive with all my photos backed up on it! TestDisk, DiskPatch and a number of other tools said it was due to boot sector corruption. So I made an empty 1GB partition on ANOTHER HDD and encrypted it with BL.. just to check what the BS for a encrypted drive should look like and to my surprise they are identical... except for the Hidden Sector count..
The LOST drive shows 63 hidden sectors. While the TEST drive shows 381896704. I wondered what was happening and opened the drives in a HEX editor.. HxD
Upon checking the HEX data for the drives.. I noticed there are certain bits at the start of the boot sector for the LOST drive that are not identical to those on the TEST drive.
So... I also checked the BS for 2 of my NTFS drives and seems certain bits that are somehow edited on the LOST drive do not match the bits in corresponding position on the TEST drive OR the NTFS drives' BS... However! Those same bits on the TEST drive and NTFS drives are IDENTICAL (TEST drive is encrypted)! Which leads me to believe I have found the cause of the disk showing up as RAW instead of NTFS.. But I'm just a novice at HEX decryption and need help being sure these are the problem bits and I should edit them to match the bits on TEST drive..
To put it simply:
Certain boot sector bits on:
LOST drive != TEST drive
LOST drive != NTFS drive
BUT same bits on:
TEST drive(encrypted) = NTFS drive(normal)
So I checked the NTFS boot sector HEX data for another NTFS drive and that data was the same as that of the NTFS drive I checked before. Interesting thing is this.. one of the NTFS drives is logical and other primary but the boot sector's first sector is identical..
What I want here is that you just tell me this: Should the first sector of my LOST(Primary NTFS BL) drive boot sector and the same sector for my TEST (Logical NTFS BL) drive be identical like the NTFS header sectors of the HDD installed in my computer (Extended-Logical NTFS) and on my external HDD (Primary NTFS) are identical?
So I'm thinking same should apply for the TEST drive(Extended-Logical NTFS BitLocked) and the LOST drive(Primary NTFS BitLocked)..
Am I correct? Should I edit the bits on LOST drive header that are not the same as the ones on the TEST drive header to match? Can it be reverted?