• Status: Solved
  • Priority: High
  • Security: Public
  • Views: 41
  • Last Modified:

EFS encrypted files won't open anymore

Hi,

A customer has encrypted files on a network share via efs. Nobody, including the person that encrypted the files is able to open them anymore.
The files need to be decrypted and moved to another location but nothing seems to work.
I have found the certificate but still no luck. Any help would be appreciated.
0
IT Meetjesland
Asked:
IT Meetjesland
  • 4
  • 3
  • 2
2 Solutions
 
McKnifeCommented:
This could happen if the user's password was reset - was it?
If not, please do a simple checkdisk on the drive just to make sure.
If the certificate that you surely backed up does not work after this, you will have to restore the data from backups.
0
 
IT MeetjeslandAuthor Commented:
Hi McKnife,

I tried restoring the files from backup but the pdf files come empty (0kb)
0
 
McKnifeCommented:
Comment on the rest of the suggestions, too, please.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
IT MeetjeslandAuthor Commented:
Hi McKnife,

Password has not been changed and checkdisk came out empty so don't know what to do here.
Tried to add the administrator account to the certificate to give me rights on the file but i get following error:

The revocation function was unable to check revocation because the revocation server was offline!
0
 
McKnifeCommented:
EFS is not known for being unstable - something must have ahppened that you are not aware of. Sorry, I could only once more advise you to use backups. If those are incomplete, you are out of luck and you could only try to break the encryption which will be time-consuming and most probably not successful.
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Domain environment with a CA? Is DRA agent configured?
0
 
IT MeetjeslandAuthor Commented:
Hi Shaun,

Yes all of those things. The DRA agent is the domain administrator account (who is me obviously). But when i try to decrypt it still says i have no rights to do so.
0
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
Are you sure that these files weren't changed/encrypted by something like Ransomware?
0
 
IT MeetjeslandAuthor Commented:
NO, the user remembers encrypting those files last year. But now we want to move the files to another network location, they seem unaccesable, even for the person that encryped them.
I was able to recover a lot of the decrypted files from various back-ups and we are only down to 3 files now. I am able to delete them, rename them, but not to open or move them!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now