Decrypt encrypted files from a crashed HDD (Windows XP)


After a crash, I installed a new version of Windows XP on my computer (on a new hard disk), and I cannot read encrypted data stored on my previous master HDD, which I now use as an external USB drive.
I tried to use ElcomSoft Advanced EFS Data Recovery software but it didn't work.
I also tried to take complete control of the files, but it didn't change anything.

My computer was registered in a domain managed on a server with Windows Small Business Server 2003 installed on it.
I remember that some part of encryption process have been configured using the server management interface. Do you think that it can be possible to decrypt my files from the server (I can get administrator access on it if needed)?

Thank you,
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When you say "tried to take complete control of the files "did that include taking ownership" under Security - Advanced - Owner?
Have you got an EFS recovery agent setup on the domain?  If so you can use that more than likely to decrypt your files.

See the following for more info.,289483,sid192_gci1256137,00.html

General efs info

JulienVanAuthor Commented:
Hi nicsaint,
Yes, I'm defined as the owner of the files, but I cannot decrypt them.
INTRODUCING: WatchGuard's New MFA Solution

WatchGuard is proud to announce the launch of AuthPoint, a powerful, yet simple, Cloud-based MFA service designed to eliminate the vulnerabilities that put your data, systems, and users at risk.

JulienVanAuthor Commented:
Hi Kruger_monkey,

Thanks for you message.The recovery agent of the files is the administrator account of the server.

Your last link to add new users as recovery agents seems complicated for me, would you have other suggestions or a more simple way to do that?

Would it be possible to decrypt the files if I know the password of the recovery agent account?

Thank you
The last link was more for reference and wouldn't help you with existing encrypted files.  But if they were encrypted on the same domain/system as the recover agent, after the recovery agent had been setup then you should be able to recover them.

The first link covers that.
This article is a little more detailed than the first one, this will be mroe useful I think.
JulienVanAuthor Commented:

if I want to decrypt the files using the recover agent, how can I do that?

Because the recovery agent is the administrator of the domain, on a remote server, so how can he access my encrypted files?

Do I have to configure my folder sharing so that my disk can be visible on the network by the other users of the domain?
Yes, the recovery agent will need to be able to see the files, been a while since I've used it, but pretty sure that as long as it is a valid DRA, you should just be able to browse to and then access the files.  After which you can then decrypt them..

See the following article, which goes into a lot of detail.

Also check here

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Here is what I know. If you encrypt files using Windows encryption and you do not backup the key, you have a 2% chance of a professional firm cracking the encryption. It does not matter that you are the owner of the file, because you cannot decrypt without the key.

If Windows encryption was easily decrypted by a third party program, it would be useless.

You should look to the encryption process defined from your server and check for the keys. Good luck
JulienVanAuthor Commented:
Thanks for your comments guys, I can not share my files on the domain, but once I did, I'll update this post!
JulienVanAuthor Commented:
Sorry guys, I didn't find out how to share my folders to view it from the server. I'm going to give you the points and close the question, thanks for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.