Recovering encrypted files after video hardware failure

B

Bill Fuller

I have a rather unique problem... I have a Toshiba laptop that had a video
card failure... and this card is no longer manufactured or available.
Meaning, the laptop is useless. Unfortunately, I had some files/folders on
that system that had been encrypted using Windows encryption. Now it seems
that, even though the drive itself is undamaged, I have no way of
decrypting/moving them to another system.

Does anyone have any knowledge on rather or not these files can be
recovered? If so, how (copy the encryption key, etc.?)?
 
O

Og

Bill Fuller said:
I have a rather unique problem... I have a Toshiba laptop that had a video
card failure... and this card is no longer manufactured or available.
Meaning, the laptop is useless. Unfortunately, I had some files/folders on
that system that had been encrypted using Windows encryption. Now it seems
that, even though the drive itself is undamaged, I have no way of
decrypting/moving them to another system.

Does anyone have any knowledge on rather or not these files can be
recovered? If so, how (copy the encryption key, etc.?)?
Click to expand...

1. Slave the drive to another computer.
2. Start | Help and Support
3. In the "Search" bar type the word
encryption
4. Click on the link that fits your situation and follow the step-by-step
instructions:

Recover an encrypted file or folder if you are a designated
recovery agent
Recover an encrypted file or folder without the file encryption
certificate

Steve
 
G

GreenieLeBrun

Bill said:
I have a rather unique problem... I have a Toshiba laptop that had a
video card failure... and this card is no longer manufactured or
available. Meaning, the laptop is useless. Unfortunately, I had some
files/folders on that system that had been encrypted using Windows
encryption. Now it seems that, even though the drive itself is
undamaged, I have no way of decrypting/moving them to another system.

Does anyone have any knowledge on rather or not these files can be
recovered? If so, how (copy the encryption key, etc.?)?
Click to expand...

Some light reading for you

The Encrypting File System
http://www.microsoft.com/technet/security/topics/cryptographyetc/efs.mspx

Best practices for the Encrypting File System
http://support.microsoft.com/kb/223316/en-us

How to back up the recovery agent Encrypting File System (EFS) private key
in Windows Server 2003, in Windows 2000, and in Windows XP
http://support.microsoft.com/kb/241201

How To Encrypt a Folder in Windows XP
http://support.microsoft.com/?id=308989

How To Remove File Encryption in Windows XP
http://support.microsoft.com/?id=308993

How To Encrypt a File in Windows XP
http://support.microsoft.com/?id=307877

HOW TO: Share Access to an Encrypted File in Windows XP
http://support.microsoft.com/?id=308991

Good luck
 
L

Lem

Og said:
1. Slave the drive to another computer.
2. Start | Help and Support
3. In the "Search" bar type the word
encryption
4. Click on the link that fits your situation and follow the step-by-step
instructions:

Recover an encrypted file or folder if you are a designated
recovery agent
Recover an encrypted file or folder without the file encryption
certificate

Steve
Click to expand...
I'm not an expert enough wrt Windows Encrypting File System. However,
the solution Og proposes -- which is probably the OP's best hope --
probably will only work if the OP was astute enough to export his
private key to some portable media that he now has available.

As I understand it, there are two -- and only two -- ways to recover
files secured by EFS: using the user's key or using a Designated
Recovery Agent. Although Designated Recovery Agents primarily are used
in Domains, you can have a DRA on a stand-alone computer as well. See
http://technet2.microsoft.com/windo...f709-49e7-97f8-5ad1c3c74f8c1033.mspx?mfr=true
(or type "recovery agent" in Help & Support). The catch is (and this is
the part I'm not certain of), you have to create the DRA for the given
user using the user's Certificate. So, even if the OP created a DRA on
his laptop, he can't use it (no video), and he can't create a DRA for
the old files on a new computer without the Certificate that was used to
encrypt the old files.

I could be wrong, and Og's solution may work. If so, great. If not,
the OP should Google for methods to copy his old profile -- including
the SID, the ACLs, and and passwords -- from his old disk. It is
important that the new profile have the identical password to the old one.

There is also the brute force approach: On a working computer, go
through the process of booting up, accessing, and decrypting the folders
in which the data is stored (you did encrypt folders rather than files,
right?). Keep meticulous track of all key presses, and use arrow keys
and the tab key instead of the mouse. Then follow this procedure exactly
on the laptop. Then pull the disk out of the laptop, slave it to
another computer and copy the files, which hopefully will now be
unencrypted.

Good luck. You'll need it. Microsoft should never have made EFS as
easy to (mis)use as it is.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

All new files are green (encrypted?) 1
Recovered Encrypted Files 6
Decrypting files if certs and keys were not backed up? 8
can't copy encrypted files 8
Recovering encrypted files 5
regain access to encrypted files 2
EFS (encryption) Question 1
unable to decrypt a file after win vista has been formatted. 1

Top