How to retrieve the file encrypted by EFS under XP system

When WinXP reinstalls the system, if you forgot to export the certificate of the backup EFS encrypted file. Then you know how much trouble, many users can only look at these unusable files and blink, but there is no way to unlock the password. In fact, there is a way to decrypt the EFS file. Although it has strict requirements, it is not impossible to encounter this situation. Try the following methods to help you.

Requirements: EFS encrypted file certificate is not backed up to recover encrypted files, only for this folder encryption, but its sub-files and sub-folders are not encrypted, and there are no new files Join the folder. If the files inside are also encrypted, this method can't do anything about it.

Taking the operating system of Xiaobian as an example, the system of Xiaobian is Windows Me/XP dual operating system. In order to enable Windows Me to access the file system of Windows XP, Windows Me needs to install NTFS For 98. This step is critical.

Reminder: The software uses 7 system files in Window XP, they are: autochk.exe, C_437.NLS, C_1252.NLS, L_INTL.NLS, NTDLL.DLL , NTFS.SYS, ntoskrnl.exe.

First enter Windows Me, then find the encrypted folder and copy the files to any folder. Then, open the file and see if the content of the file is what you want.

However, this method is not very applicable, because most people have encrypted all the files. Therefore, it is necessary for us to back up the certificate of the EFS encrypted file in peacetime, so as not to "repent for a lifetime". In the case that the encrypted file certificate has been backed up, you can use the following method to retrieve the encrypted file:

Backup Key: When there is a backup key, we will not be afraid to open the system. Secret file. Click “Start →Run”, enter “certmgr.msc” in the “Run” dialog box to open the Certificate Manager, click “Certificate → Current User”Personal & Rarr;Certificate” ; (Can't see? How can you have a certificate without encrypted files?) Select “Certificate" right click, select “All Tasks & Rarr; Export”, select in the pop-up "Certificate Export Wizard" “ Export private key & rdquo;, then select the directory to save the certificate, press Enter, the private key will be successfully exported.

When you want to reinstall the system, you can import the original private key.

Set up the Windows Recovery Agent (hereafter the magic user is an example):

STEP1: First log in to the system as magic user.

STEP2: In the "Run" dialog box, enter “cipher /r:c:magic” (magic can be any other name) Enter a password after you press Enter. Just enter a carriage return and then there will be two files magic.cer and magic.pfx in the c drive.

STEP3: Install the magic.pfx certificate, enter the password of the protection certificate you just set, and press NEXT to complete the certificate installation.

STEP4: In “Start →Run"Enter>gpedit.msc”, open the Group Policy Editor, in “Computer Configuration →Windows Settings →Security Settings → public key strategy → is encrypting the file system”, right click on the pop-up menu, select "Add data recovery agent", open "Add Recovery Agent Wizard", open magic.cer, then press The next step is to complete the recovery agent settings. Finally, you can use the magic username to decrypt the encrypted file.

Basically, as long as you meet the requirements of the above tutorial, you will be able to retrieve files that have been encrypted by EFS under WinXP. Of course, there is no way to find out the tutorial. If you have a friend who has encountered the same problem, try it out quickly. Only practice can know the result.