De-encrypting files

R

Roger Bradley

I recently upgraded my motherboard. Everything went very
smoothly. I re-installed XP Pro. I'd backed up all my
data and had no problems getting things back to normal.
Apart from an excel spreadsheet that was encrypted when I
backed up.
Now when I try to open it I get a message telling me the
file is encrypted and cannot be opened.
I've tried to un-encrypt it but I get an error message
telling me access is denied.
When I right click on the file, select Properties /
Advanced then Details, under Users Who can Transparently
Access This file is my name and a Certificate Thumbprint.
This I assume is from my previous install and is the
reason I cannot access the file. I've tried adding my
current certificate but get an error window titled, EFSADU
saying "Error in adding new user(s). Error Code 5"
I've tried to add myself as a Data Recovery Agent but get
an error message when I select my certificate saying The
File contains no certificates suitable for Encrypted File
System Recovery. Please select another file or user.
I'm stuck. If anyone can help it would be appreciated.
 
J

Jupiter Jones [MVP]

Roger;
Are you sure it is not an Ownership issue:
http://support.microsoft.com/?kbid=308421

If the files are encrypted.
If you did not back-up the encryption key or the Recovery Agent and
are not on a domain, the files are as good as gone.
This must be accomplished while you have access to the files.
If you have not already done so, it is now to late.

If you can restore the original profile (not recreate) and know the
password, you may be able to recover the data.
Recreating profiles and passwords is irrelevant.
Contact Microsoft if you can restore the profile.
Or:
http://www.beginningtoseethelight.org/efsrecovery/index.php

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp
(58 pages)
http://support.microsoft.com/?id=223316
 
R

Roger Abell [MVP]

You are correct that the EFS information is referring to the
account that existed in the prior system.
Adding an allowed account can only be done by an account
that can decrypt the EFS protected file.
Adding a DRA at this time will not help. That needed to be
done before the file was last successfully accessed. The
certificate/key pair needed for a DRA is obtained by use of
the cipher commandline utility.

At this point, in order to access the file you will need the
previously exported EFS key from the prior account, or
there are ways if you have the full, undisturbed profile of
the prior account and know what its password was, or you
could restore the entire prior system from a full backup with
system state included. If you were in an uplevel domain then
you may have other alternatives using the domain-level DRA.
 
A

Adam Orden

Roger,
I have a similar problem. Maybe you can help.

I encrypted some data files a few weeks ago.

I saved my entire user profile to a backup partition.
I reinstalled ( complete ) WinXP Prof.
Now I cannot decrypt those files.
Idid not make or export my data recovery certificate.
However, as I stated I have the entire user profile saved.

Is it possible to get permissions restored to decrypt these files.
Is so how?
Please be as detailed as possible.
Thanks.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Decrypting--key present but "not accessible" 1
encryption--I have the 'key' but can't open the 'lock' 2
Cannot decrypt EFS-encrypted file even though I loaded the previously-used encryption certificate 2
Changing computers with EFS documents 1
Cannot access encrypted files from XP Pro that were created on Vis 1
efs file - access denied 1
EFS files suddenly inaccessible 1
Encrypting files on Windows XP: No Way 1

Top