How to decrypt Windows XP encrypted files

Posted on 2007-08-03
Last Modified: 2013-11-05
I need assistance to decrypt backed up data files (mostly word & pdf) that have been encrypted using windows XP utility to keep them private.
All files have been copied to an external disk, then the computer was reformatted and restored to factory condition using the restore software provided by Toshiba.  I found out that I no longer have access to these files (they appear green in windows explorer).
I tried a couple of software packages demos to try to gain access, they were
1. elcomsoft advanced efs data recovery (aefsdr) that works in 2k/xp.
2.  passware efskey that works similarly to aefsdr,
I was not able to decrypt my data files.
Question by:abugaighis
    LVL 3

    Expert Comment

    Did you backup your encryption certificate before reinstalling?
    If not, you won't be able to access it anymore (as this is the point of

    If the issue is only NTFS permissions (and not encryption), you'll need to
    take ownership of the files and give yourself permission to access the

    See Help and Support for details on how to restore encryption certificates
    and to take ownership of your files.

    Author Comment

    It maybe an NTFS permissions issue.  How can I find out?  Where can I get info on taking ownership of files in this case?
    LVL 3

    Expert Comment

    if that is the case follow this link to know how:;EN-US;Q308421&

    wish you luck,,

    Accepted Solution

    If you have not backed up your or system encryption keys, you won't be able to decrypt it.

    There is a tool "Advanced EFS data Recovery", but for using it also you need your system keys.

    What happens is, when you encrypt the first file from your user account, a key pair is created for you. you need to backup these keys.

    You can follow these steps for future...

    Follow these steps to backup:
    1) Open mmc.exe
    2) From the file menu, choose "Add/Remove snap in"
    3) click on the Add button
    4) Select Certificates and click add
    5) Select "My User account"
    6) click close and then ok
    7) In the tree view select
        Console root\Certificates - Curren t User\Personal\Certificates\
    8) on the right hand side you should see on certificate listed with "intended purpose" value of "Encrypting File System".
    9) Selcet it, right click and select All task\Export
    10) Select, "Yes, export the private key"
    11) click next twice,
    12) Enter a password
    13) choose a file name for export and click next
    14) you will get a warning, just allow the access.

    For import, follow steps 1-7, then
    8) click on the right hand side, right click  all taks\Import
    9) selcet the certificate, and follow the wizard.

    LVL 1

    Assisted Solution

    From the looks of it, you did not back up the certificate and the encryption keys of your files.  Thus, unfortunately, you cannot decrypt the files anymore.
    LVL 26

    Expert Comment

    If you're in a networked Windows environment, you might try these steps from Microsoft:

    Otherwise, have you tried restoring them to a FAT32 partition?
    LVL 6

    Expert Comment

    The method mentioned by souseran won't work...(for standalone system) it works only when the machine/system certificate is intact...

    in this case the system was nothing can be done...
    LVL 1

    Expert Comment

    any updates from your end?  I believe that the files cannot be decrypted anymore as the keys were both lost...
    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    If you are on a Windows computer and decide to protect a file with sensitive data, you can encrypt the file, password protect it or rely on steganography (hiding a file in an image). This technique is especially useful because unless someone knows t…
    In this era, as you know, cybercrime and other sorts of frauds using the internet has increased day by day. We should protect our information assets and confidential information from getting exploiting by the attacker or intruders. Most of the fraud…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now