how to recover encrypted files due to a system crash

[OM]

Hi,

My XP machine crashed and it was not bootable. I installed a new hard
drive and reloaded the OS and all the applications. I managed to recover
the files using a file recovery utility. However, I am unable to look at
the files that were stored in a encrypted folder using EFS. The new OS
can see the files and recognize the file formats. But when I opened them
with their own applications, it showed all scramble.

Can anyone advice what I can do to fix this problem?

Thanks

 

[John McGaw]

Hi,

My XP machine crashed and it was not bootable. I installed a new hard
drive and reloaded the OS and all the applications. I managed to recover
the files using a file recovery utility. However, I am unable to look at
the files that were stored in a encrypted folder using EFS. The new OS
can see the files and recognize the file formats. But when I opened them
with their own applications, it showed all scramble.

Can anyone advice what I can do to fix this problem?

Thanks

AFAIK the idea is that you export the key and safeguard it _before_ you
have the crash and then use it to recover afterward. I've never heard of
any other way that regular folks can use. Maybe you can interest the NSA in
the contents of your files -- I'm sure they can get to them in short order.

http://support.microsoft.com/kb/241201

John McGaw
http://johnmcgaw.com

 

[VanguardLH]

Hi,

My XP machine crashed and it was not bootable. I installed a new hard
drive and reloaded the OS and all the applications. I managed to recover
the files using a file recovery utility. However, I am unable to look at
the files that were stored in a encrypted folder using EFS. The new OS
can see the files and recognize the file formats. But when I opened them
with their own applications, it showed all scramble.

Can anyone advice what I can do to fix this problem?

If you had read the help on EFS, one of the articles tells you to export
your EFS certificate. Without it to import, you cannot read the
contents of those files. There is no backdoor to EFS. There is no fix.
Without the EFS cert somewhere to import it, you no longer have the key
to decrypt those files.

 

[Patrick Keenan]

Hi,

My XP machine crashed and it was not bootable. I installed a new hard
drive and reloaded the OS and all the applications. I managed to recover
the files using a file recovery utility. However, I am unable to look at
the files that were stored in a encrypted folder using EFS. The new OS can
see the files and recognize the file formats. But when I opened them with
their own applications, it showed all scramble.

Can anyone advice what I can do to fix this problem?

Thanks

The solution is simple and straightforward, but unfortunately it isn't
normally available to those who ask your question.

The main solution is to import the account certificates that XP didn't
require you to export when you first invoked encryption. XP probably
didn't even mention that not doing so could have severe consequences.

The alternative solution is to use the Recovery Agent system that didn't
have to be specified either.

Otherwise, there is no solution. The data is gone forever. Wave goodbye
and move on.

Microsoft did a really good job of making strong encryption easily available
to average users.

They didn't do anywhere near as good a job at making sure average users were
protected from or even aware of its implications and the shortcomings of
their model.

Sorry there isn't better news.

-pk

 

[OM]

The solution is simple and straightforward, but unfortunately it isn't
normally available to those who ask your question.

The main solution is to import the account certificates that XP didn't
require you to export when you first invoked encryption. XP probably
didn't even mention that not doing so could have severe consequences.

The alternative solution is to use the Recovery Agent system that didn't
have to be specified either.

Otherwise, there is no solution. The data is gone forever. Wave goodbye
and move on.

Microsoft did a really good job of making strong encryption easily available
to average users.

They didn't do anywhere near as good a job at making sure average users were
protected from or even aware of its implications and the shortcomings of
their model.

Sorry there isn't better news.

-pk

I still can the file system. Can you retrieve the user
certificate/public key without using the export wizard.

Thanks

 

[Patrick Keenan]

I still can the file system. Can you retrieve the user certificate/public
key without using the export wizard.

Thanks

If you can boot the original filesystem and account, you can export it. I
know of no way to retrieve the credentials without booting to the original
account, or using the designated Recovery Agent.

This problem arises most frequently from reinstalls.

-pk