How to retrieve EFS-encrypted files under XP system

Source: Internet
Author: User

Requirements: EFS Encrypted file certificate to recover encrypted file without backup, only for this folder encryption, but its subfolders and subfolders are not encrypted, and no new files are added to the folder. If the file inside is also encrypted, this method is powerless.

A small series of operating systems as an example, the small series of the system for Windows ME/XP dual operating system, in order to enable Windows Me to access the Windows XP file system, Windows Me needs to install NTFS for 98, this step is critical.

Reminder: The software uses 7 system files in Window XP: Autochk.exe, C_437.nls, C_1252.nls, L_intl. NLS, Ntdll. DLL, NTFS. SYS, Ntoskrnl.exe.

First go to Windows Me, and then find the encrypted folder to copy the files inside to any folder. Then, open the file to see if the contents of the file are not what you want.

However, this approach is not very useful because most people have added a secret to all the files. Therefore, we need to back up the good EFS encrypted file certificate, lest "regret lifetime." If you have backed up an encrypted file certificate, you can retrieve the encrypted file by using the following methods:

Backup key: When there is a backup key we reload the system will not be afraid to open the previous file has been encrypted. Click "Start → run", in the "Run" dialog box, enter "certmgr.msc" Open Certificate Manager, click "certificate → current user" under the "Personal → certificate" (see not? You don't have any encrypted files. How can you have a certificate?) Select the certificate right click, select all Tasks → export, select export Private key in the Certificate Export Wizard that pops up, then select the directory where the certificate is saved, and then press ENTER to export the private key successfully.

When you want to reload the system, you can import the original saved private key.

Set up the Windows Recovery agent (for example, the following magic users):

STEP1: First to Magic this user login system.

STEP2: In the "Run" dialog box, enter "Cipher/r:c:magic" (magic can be any other name) after entering a password, enter a return to a car in the C disk in the Magic.cer and magic.pfx two files.

STEP3: Install the MAGIC.PFX certificate, enter the password for the protection certificate you just set, and press next to complete the installation of the certificate.

STEP4: In "start → run" enter "Gpedit.msc", open Group Policy Editor, in "Computer Configuration →windows settings → security → public key policy → Encrypting file System", right click the pop-up right-click menu, select "Add Data Recovery Agent", open " Add the Recovery Agent Wizard to open Magic.cer, and then press the next few steps to complete the recovery agent settings. Finally, you can use magic this username to decrypt the encrypted file.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.