Decrypting files protected by EFS - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
Thread Tools Display Modes
Old 09-14-2005, 01:00 PM   #1 (permalink)
Newb Techie
Join Date: Sep 2005
Posts: 2
Default Decrypting files protected by EFS

I seem to have many files on my comp. that are encrypted....i really dont know how....mayb by accident
but anyway i reinstalled windows a couple of days ago and in the process obviously created a different i am not able to access any of the files that are encrypted.
i am the administrator currently..... although not the same user that encrypted the files (because i reinstalled windows...user changed) there any way for me to decrypt the files?
i'v tried using cipher to do it.....but it just says access is denied. i did not backup any certificates because i had no idea the files were encrypted.
ANY help at all plz ?
is there anyway i can give myself priveleges to access all files or something like that? since i'm the admin

badman89 is offline  
Old 09-14-2005, 01:06 PM   #2 (permalink)
Techie Beyond Description
Osiris's Avatar
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris

Osiris is offline  
Old 09-16-2005, 05:50 AM   #3 (permalink)
Newb Techie
Join Date: Sep 2005
Posts: 2

thanks warezmonster...........but all of those require me to have the key somewhere on my comp.........which i dont
badman89 is offline  
Old 09-16-2005, 11:05 AM   #4 (permalink)
It's all just 1s and 0s
office politics's Avatar
Join Date: Jan 2004
Location: in the lab
Posts: 6,555
Send a message via MSN to office politics


Data Recovery System
Encrypting a file always raises a risk that it cannot be read again. The owner of the private key might leave the enterprise. If disgruntled, the owner might maliciously encrypt all of his or her files before leaving. Worse yet, he or she might encrypt critical shared files so that no one else can use them. For this reason, EFS is designed to be used only if the system is configured with one or more recovery agent administrators.

Designated user accounts, called recovery agent accounts, are issued recovery agent certificates with public keys and private keys that are used for EFS data recovery operations. Recovery agent accounts are designated by EFS recovery policy. By default, the recovery agent account is the highest-level Administrator account. On a stand-alone computer, this is the local Administrator. In a domain, the domain Administrator for the first domain controller installed in the domain is the default recovery agent account for all computers in the domain. Different recovery agent accounts can be assigned by changing EFS recovery policy, and different recovery policies can be configured for different parts of an enterprise. The private key for a recovery agent account must be located on the computer where recovery operations are to be conducted.

When a recovery agent certificate is issued, the certificate and private key are installed in the user profile for the user account that requested the certificate. You also have the option to export the recovery agent certificate and private keys to store them in archives or to transfer the certificate and private key to other user accounts and computers.

There can be more than one recovery agent account for an EFS file, each with a different private key. Data recovery discloses only the encrypted data, not the user's private key that was used to encrypt the bulk encryption key or any other private keys for recovery. This ensures that no other private information is revealed to the recovery agent administrator accidentally.

If you choose to configure an EFS recovery policy with no recovery agent certificates, EFS is disabled. Because of this feature, you cannot normally use EFS to encrypt data so it cannot be recovered — whether the encryption is done through accident or through malice. However, you could later destroy the private key for recovery to prevent data recovery.
office politics is offline  
Old 09-16-2005, 09:26 PM   #5 (permalink)
Chillin Techie
Join Date: Nov 2004
Location: USA
Posts: 11,861

take back ownership in safe mode or in file sharing
The Ultimate Hard Drive Utility PowerMax 4.23. (It now has the ability to clean a Boot Sector virus on the quick erase option.)
The best browser Netscape 8
Have you accidently delete something? Look here (trial. the better one) and here(free)
EricB is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 05:47 AM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.