Retrieving EFS-encrypted files in Windows XP operating system

Friends who use Windows XP know that the most annoying thing for them is to forget to export the certificate of the backup EFS encrypted file when reinstalling the system. What should I do if I encounter this situation? Can't you watch these files can't be used? Want to reuse these encrypted files? Then come with me, but this method of decrypting files is required for encrypted files.

Requirements: EFS encrypted file certificate is not backed up to recover encrypted files, only for the folder encryption, but its sub-files and sub-folders are not encrypted, and no new files are added to the folder. . If the files inside are also encrypted, this method can't do anything about it.

Taking the author's operating system as an example, the author's system is Windows Me/XP dual operating system. In order to enable Windows Me to access the Windows XP file system, Windows Me needs to be equipped with NTFS For 98. It is very important. For the specific installation steps, please refer to "Accessing NTFS Partition in Win98" in the 9th issue of Computer Report 2003.

Reminder: The software uses 7 system files in Window XP, they are: autochk.exe, C_437.NLS, C_1252.NLS, L_INTL.NLS, NTDLL.DLL, NTFS.SYS, ntoskrnl .exe.

First enter Windows Me, then find the encrypted folder and copy the files inside to any folder. Then, open the file and see if the content of the file is what you want.

However, this method is not very applicable, because most people have encrypted all the files. Therefore, it is necessary for us to properly back up the EFS encrypted file certificate, so as not to "repent for a lifetime." In the case that the encrypted file certificate has been backed up, the following method can be used to retrieve the encrypted file:

Backup Key: When there is a backup key, we will not be afraid to open the system. Secret file. Click "Start → Run", enter "certmgr.msc" in the "Run" dialog box to open the certificate manager, click "Personal → Certificate" under "Certificate → Current User" (can't see? You have no encrypted files) How can I have a certificate?) Select "Certificate" right-click, select "All Tasks → Export", select "Export Private Key" in the "Certificate Export Wizard" that pops up, then select the directory where the certificate is saved, press Enter, private The key is successfully exported.

When you want to reinstall the system, you can import the original private key.

Set up the Windows Recovery Agent (hereafter the magic user is an example):

STEP1: First log in to the system as magic user.

STEP2: Enter "cipher /r:c:\\magic" in the "Run" dialog box (magic can be any other name). Enter a password after you press Enter. Just enter a carriage return and you will be there. There are two files magic.cer and magic.pfx in the c drive.

STEP3: Install the magic.pfx certificate, enter the password of the protection certificate you just set, and press NEXT to complete the certificate installation.

STEP4: Enter "gpedit.msc" in "Start → Run", open the Group Policy Editor, under "Computer Configuration → Windows Settings → Security Settings → Public Key Policies → Encrypting File System", right Click the pop-up menu, select "Add Data Recovery Agent", open the "Add Recovery Agent Wizard" to open magic.cer, and then press the next step to complete the recovery agent settings. Finally, you can use the magic username to decrypt the encrypted file.