NT profile corrupt, now EFS files lost?

Archived from groups: microsoft.public.win2000.security (More info?)

My NT profile blew up on me yesterday and without me knowing it, My Documents
were all encrypted. I rebuilt that original account, but it will not decrypt
or access those files. I did a "cipher /k" command just to see and it came
back saying something like "I/O in use" and would not generate a new key. So
that account apparently can not generate a key and therefore can not decrypt
those files no matter what. Is there something that I can do here?
1 answer Last reply
More about profile corrupt files lost
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    In Windows 2000 non domain computer the built in administrator account is the
    EFS Recovery Agent. Try logging on as the built in administrator to see if you
    can access the files. The EFS private keys used to decrypt EFS files are kept in
    the user's profile. I don't know what you mean by rebuilding the account but if
    the original profile still exists or you have a backup that includes the EFS
    private key you still may be able to decrypt the files though you would probably
    need the help of Microsoft support or a not for free third party tool such as
    the one from Elcomsoft. Their trial version could find if the key exists but the
    trial version will only recover very small files. --- Steve

    http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316 --- info on and
    best practices for EFS

    "Tim166" <Tim166@discussions.microsoft.com> wrote in message
    news:12909823-B8FF-4223-89CB-3C01DF7442EF@microsoft.com...
    > My NT profile blew up on me yesterday and without me knowing it, My Documents
    > were all encrypted. I rebuilt that original account, but it will not decrypt
    > or access those files. I did a "cipher /k" command just to see and it came
    > back saying something like "I/O in use" and would not generate a new key. So
    > that account apparently can not generate a key and therefore can not decrypt
    > those files no matter what. Is there something that I can do here?
Ask a new question

Read More

Windows