How to retrieve the file encrypted by EFS under WinXP

  

When WinXP reinstalls the system, if you forgot to export the certificate of the backup EFS encrypted file. Then you know how much trouble, many users can only look at these unusable files and blink, but there is no way to unlock the password. In fact, there is a way to decrypt the EFS file. Although it has strict requirements, it is not impossible to encounter this situation. Try the following methods to help you.

Requirement: The EFS encrypted file certificate is not backed up. The encrypted file is only used for the folder encryption, but the subfiles and subfolders are not encrypted, and no new files are added to the folder. . If the files inside are also encrypted, this method can't do anything about it.

Taking the operating system of Xiaobian as an example, the system of Xiaobian is Windows Me/XP dual operating system. In order to enable Windows Me to access the file system of Windows XP, Windows Me needs to install NTFS For 98. This step is critical.

Reminder: The software uses 7 system files in Window XP, they are: autochk.exe, C_437.NLS, C_1252.NLS, L_INTL.NLS, NTDLL.DLL, NTFS.SYS, ntoskrnl .exe.

First enter Windows Me, then find the encrypted folder and copy the files inside to any folder. Then, open the file and see if the content of the file is what you want.

However, this method is not very applicable, because most people have added all the files. Therefore, it is necessary for us to back up the certificate of the EFS encrypted file in peacetime, so as not to "repent for a lifetime". In the case that the encrypted file certificate has been backed up, you can use the following method to retrieve the encrypted file:

Backup Key: When there is a backup key, we will not be afraid to open the system. Secret file. Click “Start →Run”, enter “certmgr.msc” in the “Run” dialog box to open the Certificate Manager, click “Certificate → Current User”Personal & Rarr;Certificate” ; (Can't see? How can you have a certificate without encrypted files?) Select “Certificate" right click, select “All Tasks & Rarr; Export”, select in the pop-up "Certificate Export Wizard" “ Export private key & rdquo;, then select the directory to save the certificate, press Enter, the private key will be successfully exported.

When you want to reinstall the system, you can import the original private key.

Setting up Windows Recovery Agent (hereinafter to magic user as an example):

STEP1: First, the user logs on to the magic system.

STEP2: Enter “cipher /r:c:magic”(magic can be any other name) in the "Run" dialog box. Enter a password after entering the car. Just enter a carriage return. The magic.cer and magic.pfx files appear in the c drive.

STEP3: Install the magic.pfx certificate, enter the password of the protection certificate you just set, and press NEXT to complete the certificate installation.

STEP4: At “Start →Run"Enter>gpedit.msc”, open the Group Policy Editor, in “Computer Configuration →Windows Settings →Security Settings →Public Key Strategy &rarr Under Encrypting File System, right click on the pop-up menu, select “Add Data Recovery Agent”, open “Add Recovery Agent Wizard”, open magic.cer, then press the next step to complete the recovery. Proxy settings. Finally, you can use the magic username to decrypt the encrypted file.

Basically, as long as you meet the requirements of the above tutorial, you will be able to retrieve the files encrypted by EFS under WinXP. Of course, there is no way to find out the tutorial. If you have a friend who has encountered the same problem, try it out quickly. Only practice can know the result.

Copyright © Windows knowledge All Rights Reserved