Sign in with
Sign up | Sign in
Your question

NT profile corrupt, now EFS files lost?

Tags:
Last response: in Windows 2000/NT
Share
Anonymous
February 23, 2005 9:35:02 AM

Archived from groups: microsoft.public.win2000.security (More info?)

My NT profile blew up on me yesterday and without me knowing it, My Documents
were all encrypted. I rebuilt that original account, but it will not decrypt
or access those files. I did a "cipher /k" command just to see and it came
back saying something like "I/O in use" and would not generate a new key. So
that account apparently can not generate a key and therefore can not decrypt
those files no matter what. Is there something that I can do here?
Anonymous
February 24, 2005 1:58:01 AM

Archived from groups: microsoft.public.win2000.security (More info?)

In Windows 2000 non domain computer the built in administrator account is the
EFS Recovery Agent. Try logging on as the built in administrator to see if you
can access the files. The EFS private keys used to decrypt EFS files are kept in
the user's profile. I don't know what you mean by rebuilding the account but if
the original profile still exists or you have a backup that includes the EFS
private key you still may be able to decrypt the files though you would probably
need the help of Microsoft support or a not for free third party tool such as
the one from Elcomsoft. Their trial version could find if the key exists but the
trial version will only recover very small files. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316 --- info on and
best practices for EFS

"Tim166" <Tim166@discussions.microsoft.com> wrote in message
news:12909823-B8FF-4223-89CB-3C01DF7442EF@microsoft.com...
> My NT profile blew up on me yesterday and without me knowing it, My Documents
> were all encrypted. I rebuilt that original account, but it will not decrypt
> or access those files. I did a "cipher /k" command just to see and it came
> back saying something like "I/O in use" and would not generate a new key. So
> that account apparently can not generate a key and therefore can not decrypt
> those files no matter what. Is there something that I can do here?
!