Jump to content

can't copy encrypted files

Guest arkein

By Guest arkein
in Windows XP

 Share

Recommended Posts

Guest arkein

Guest arkein

Posted
Posted

Hello,

 

Is there any way to copy or decrypt encrypted files if I've got the

encryption key and can access the HD contents but I'm not the designated

decryption agent and can't log on to the account that owns the encrypted

files?

 

I can't log on to windows in normal or safe mode because of a corrupt boot

volume. running chkdsk, fixboot and fixmbr in the recovery console did not

fix the problem, so no way to log in to my account.

 

I can access my hard disk contents by running ubuntu live cd. I have even

set up a network between the faulty machine running ubuntu, as server, and

another machine running XP. But I can't access or copy the encrypted files

either in ubuntu or through the network from the client machine running XP. I

get an access denied message.

 

I've tried taking ownership of the files from the client, but access is

still denied. I've tried backing the files up to the client using the windows

backup application from the client, but access is still denied.

 

I can't run the cipher command to decrypt the files since I can't log on to

my account even in safe mode with command prompt. The blue screen of death

gets me first. I can only log on with my password using recovery console, but

for some stupid reason, recovery console does not allow cipher commands...

 

the irony is that I have the encryption certificate backed up in the client

machine!

 

All I want to do is copy my encrypted files over to the client machine and

decrypt themthere using my key.

 

Any suggestions?

 

Thanks in advance.

arkein

  • Replies 8
  • Created
  • Last Reply

Popular Days

Popular Days

Guest David H. Lipman

Guest David H. Lipman

Posted
Posted

Re: can't copy encrypted files

 

From: "arkein" <arkein@discussions.microsoft.com>

 

| Hello,

 

| Is there any way to copy or decrypt encrypted files if I've got the

| encryption key and can access the HD contents but I'm not the designated

| decryption agent and can't log on to the account that owns the encrypted

| files?

 

| I can't log on to windows in normal or safe mode because of a corrupt boot

| volume. running chkdsk, fixboot and fixmbr in the recovery console did not

| fix the problem, so no way to log in to my account.

 

| I can access my hard disk contents by running ubuntu live cd. I have even

| set up a network between the faulty machine running ubuntu, as server, and

| another machine running XP. But I can't access or copy the encrypted files

| either in ubuntu or through the network from the client machine running XP. I

| get an access denied message.

 

| I've tried taking ownership of the files from the client, but access is

| still denied. I've tried backing the files up to the client using the windows

| backup application from the client, but access is still denied.

 

| I can't run the cipher command to decrypt the files since I can't log on to

| my account even in safe mode with command prompt. The blue screen of death

| gets me first. I can only log on with my password using recovery console, but

| for some stupid reason, recovery console does not allow cipher commands...

 

| the irony is that I have the encryption certificate backed up in the client

| machine!

 

| All I want to do is copy my encrypted files over to the client machine and

| decrypt themthere using my key.

 

| Any suggestions?

 

| Thanks in advance.

| arkein

 

Here is my suggestion...

 

Put the drive in a USB enclosure that is either USB to SATA or USB to IDE [depending on

the hard disk type].

 

Have the user who owns the Encryption Certificate logon to the replacement PC making sure

that that user is using the same Encryption Certificate that was used to encrypt the

files.

 

Connect the drive enclosure, with the affected hard disk, to the USB port of the

repacement PC and through the user's account transfer the files over to that user's

profile.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Guest arkein

Guest arkein

Posted
Posted

Re: can't copy encrypted files

 

Thanks Dave (if I may),

 

I've been thinking that slaving the HD to the other machine as you suggest

might be the only solution left, unless a miracle happens and I somehow

manage to log on.

 

I did manage a miraculous logon yesterday after manually replacing my

registry files with recovery backups and an interrupted 10 hour chkdsk scan,

during which I was able to decrypt a good number of files, but that ugly BSOD

came back to haunt me again and won't let me back in. I think my HD might be

dying.

 

Oh well, maybe I'll just sacrifice those last files to the evil blue XP

demon and format the HD hoping its not a hardware failure...

 

 

 

"David H. Lipman" wrote:

> From: "arkein" <arkein@discussions.microsoft.com>

>

> | Hello,

>

> | Is there any way to copy or decrypt encrypted files if I've got the

> | encryption key and can access the HD contents but I'm not the designated

> | decryption agent and can't log on to the account that owns the encrypted

> | files?

>

> | I can't log on to windows in normal or safe mode because of a corrupt boot

> | volume. running chkdsk, fixboot and fixmbr in the recovery console did not

> | fix the problem, so no way to log in to my account.

>

> | I can access my hard disk contents by running ubuntu live cd. I have even

> | set up a network between the faulty machine running ubuntu, as server, and

> | another machine running XP. But I can't access or copy the encrypted files

> | either in ubuntu or through the network from the client machine running XP. I

> | get an access denied message.

>

> | I've tried taking ownership of the files from the client, but access is

> | still denied. I've tried backing the files up to the client using the windows

> | backup application from the client, but access is still denied.

>

> | I can't run the cipher command to decrypt the files since I can't log on to

> | my account even in safe mode with command prompt. The blue screen of death

> | gets me first. I can only log on with my password using recovery console, but

> | for some stupid reason, recovery console does not allow cipher commands...

>

> | the irony is that I have the encryption certificate backed up in the client

> | machine!

>

> | All I want to do is copy my encrypted files over to the client machine and

> | decrypt themthere using my key.

>

> | Any suggestions?

>

> | Thanks in advance.

> | arkein

>

> Here is my suggestion...

>

> Put the drive in a USB enclosure that is either USB to SATA or USB to IDE [depending on

> the hard disk type].

>

> Have the user who owns the Encryption Certificate logon to the replacement PC making sure

> that that user is using the same Encryption Certificate that was used to encrypt the

> files.

>

> Connect the drive enclosure, with the affected hard disk, to the USB port of the

> repacement PC and through the user's account transfer the files over to that user's

> profile.

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

>

Guest Twayne

Guest Twayne

Posted
Posted

Re: can't copy encrypted files

 

> Hello,

>

> Is there any way to copy or decrypt encrypted files if I've got the

> encryption key and can access the HD contents but I'm not the

> designated decryption agent and can't log on to the account that owns

> the encrypted files?

>

> I can't log on to windows in normal or safe mode because of a corrupt

> boot volume. running chkdsk, fixboot and fixmbr in the recovery

> console did not fix the problem, so no way to log in to my account.

>

> I can access my hard disk contents by running ubuntu live cd. I have

> even set up a network between the faulty machine running ubuntu, as

> server, and another machine running XP. But I can't access or copy

> the encrypted files either in ubuntu or through the network from the

> client machine running XP. I get an access denied message.

>

> I've tried taking ownership of the files from the client, but access

> is still denied. I've tried backing the files up to the client using

> the windows backup application from the client, but access is still

> denied.

>

> I can't run the cipher command to decrypt the files since I can't log

> on to my account even in safe mode with command prompt. The blue

> screen of death gets me first. I can only log on with my password

> using recovery console, but for some stupid reason, recovery console

> does not allow cipher commands...

>

> the irony is that I have the encryption certificate backed up in the

> client machine!

>

> All I want to do is copy my encrypted files over to the client

> machine and decrypt themthere using my key.

>

> Any suggestions?

>

> Thanks in advance.

> arkein

 

Can't be done unless you find an agent with the recovery keys or have

your own set of recovery keys. Otherwise it wouldn't be very useful

encryption now, would it? Only the person who did the encryption and/or

a designated, verified agent with the right credentials can access those

files. Read Help and Support for full info about it.

Guest Twayne

Guest Twayne

Posted
Posted

Re: can't copy encrypted files

 

> Thanks Dave (if I may),

>

> I've been thinking that slaving the HD to the other machine as you

> suggest might be the only solution left, unless a miracle happens and

> I somehow manage to log on.

>

> I did manage a miraculous logon yesterday after manually replacing my

> registry files with recovery backups and an interrupted 10 hour

> chkdsk scan, during which I was able to decrypt a good number of

> files, but that ugly BSOD came back to haunt me again and won't let

> me back in. I think my HD might be dying.

>

> Oh well, maybe I'll just sacrifice those last files to the evil blue

> XP demon and format the HD hoping its not a hardware failure...

>

>

>

> "David H. Lipman" wrote:

>

>> From: "arkein" <arkein@discussions.microsoft.com>

>>

>>> Hello,

>>

>>> Is there any way to copy or decrypt encrypted files if I've got the

>>> encryption key and can access the HD contents but I'm not the

>>> designated decryption agent and can't log on to the account that

>>> owns the encrypted files?

>>

>>> I can't log on to windows in normal or safe mode because of a

>>> corrupt boot volume. running chkdsk, fixboot and fixmbr in the

>>> recovery console did not fix the problem, so no way to log in to my

>>> account.

>>

>>> I can access my hard disk contents by running ubuntu live cd. I

>>> have even set up a network between the faulty machine running

>>> ubuntu, as server, and another machine running XP. But I can't

>>> access or copy the encrypted files either in ubuntu or through the

>>> network from the client machine running XP. I get an access denied

>>> message.

>>

>>> I've tried taking ownership of the files from the client, but

>>> access is still denied. I've tried backing the files up to the

>>> client using the windows backup application from the client, but

>>> access is still denied.

>>

>>> I can't run the cipher command to decrypt the files since I can't

>>> log on to my account even in safe mode with command prompt. The

>>> blue screen of death gets me first. I can only log on with my

>>> password using recovery console, but for some stupid reason,

>>> recovery console does not allow cipher commands...

>>

>>> the irony is that I have the encryption certificate backed up in

>>> the client machine!

>>

>>> All I want to do is copy my encrypted files over to the client

>>> machine and decrypt themthere using my key.

>>

>>> Any suggestions?

>>

>>> Thanks in advance.

>>> arkein

>>

>> Here is my suggestion...

>>

>> Put the drive in a USB enclosure that is either USB to SATA or USB

>> to IDE [depending on the hard disk type].

>>

>> Have the user who owns the Encryption Certificate logon to the

>> replacement PC making sure that that user is using the same

>> Encryption Certificate that was used to encrypt the files.

>>

>> Connect the drive enclosure, with the affected hard disk, to the USB

>> port of the repacement PC and through the user's account transfer

>> the files over to that user's profile.

>>

>> --

>> Dave

>> http://www.claymania.com/removal-trojan-adware.html

>> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

Any chance you can "extend" the drive's cables enough to get it into a

bath of ice? BE SURE TO ENCLOSE IT IN A WATERTIGHT CONTAINER!

Or, try freezing it for 24 hours and then quickly install it and try

to get at the files you want. AGAIN, BE SURE IT'S IN A SEALED CONTAINER

OR CONDENSATION WILL CREATE PROBLEMS!

Best if you can mount the disk outside the case away from the heat

sources inside, so it will warm up more slowly. You may gain anything

from a minute or so to an hour of useful drive time to do the work you

need to do. There is probably about a 90% chance the freezing bit will

work; depend on the specific problem with the drive.

 

I know it sounds silly, but that method will often revive a hard

drive long enough to pull data off it. If you have the exported key

those files were encrypted WITH, from the original machine they were

encrypted ON, the freezing method has a good chance of working. But any

other combination of events, e.g. not the same key as when they were

encrypted, not the same machine, etc., the game is over. You will not

be able to recover them. Period. From your comments though it sounds

like you might ahve the key you need; you just have to get the drive to

live long enough to get the files off it.

 

HTH

Guest arkein

Guest arkein

Posted
Posted

Re: can't copy encrypted files

 

Thanks for your input Twayne,

 

Ok. When I encrypted the files I didn't designate the user account on the

other networked pc as an authorised recovery agent. So that means by default

the only account authorised to recover the files is the very user account

that made the encryption, since it is also the administrator account. At the

time I wasn't aware about the need to set a certified decryption agent,

thinking that backing up my encryption certificate was enough. lesson learned.

 

I've heard about the ice bath method before, and thanks for reminding me. I

just might try that as a last resort. The machine is a lapto though. So I'll

have to take it out, put it in a ziplock bag and chuck it in the freezer for

24 hours and then reinstall it into the laptop.

 

I can still access almost all of my unencrypted files. I only had a handfull

of files giving me a read-write error and was denied access only to the few

remaining encrypted files.

 

I'm not sure whether the problem was caused by system files becoming

corrupted by a registry clean I did just before the problem occurred, or if

its because my hard disk is physically damaged. I'm also getting weird

display artefacts... little discolored dots appearing randomly as soon as the

bios starts up and increasing in number as the computer heats up. Also, in

recovery console mode, the random letters in the text is getting

discolored/switched to another letter. I'm hoping that is caused by corrupted

system files and not a damaged video card...

 

I ran a couple of diagnostics and they seem to be indicating something is

physically wrong with the drive...

 

I think most of the encrypted files I'm trying to access were backed up at

some point in the past. I'm looking for them in my old backup cds. If I find

them, I'll just format the drive and reinstall windows, and that'll tell me

if I need to get a new hard drive or not.

 

thanks for your input guys!

 

 

 

"Twayne" wrote:

> > Hello,

> >

> > Is there any way to copy or decrypt encrypted files if I've got the

> > encryption key and can access the HD contents but I'm not the

> > designated decryption agent and can't log on to the account that owns

> > the encrypted files?

> >

> > I can't log on to windows in normal or safe mode because of a corrupt

> > boot volume. running chkdsk, fixboot and fixmbr in the recovery

> > console did not fix the problem, so no way to log in to my account.

> >

> > I can access my hard disk contents by running ubuntu live cd. I have

> > even set up a network between the faulty machine running ubuntu, as

> > server, and another machine running XP. But I can't access or copy

> > the encrypted files either in ubuntu or through the network from the

> > client machine running XP. I get an access denied message.

> >

> > I've tried taking ownership of the files from the client, but access

> > is still denied. I've tried backing the files up to the client using

> > the windows backup application from the client, but access is still

> > denied.

> >

> > I can't run the cipher command to decrypt the files since I can't log

> > on to my account even in safe mode with command prompt. The blue

> > screen of death gets me first. I can only log on with my password

> > using recovery console, but for some stupid reason, recovery console

> > does not allow cipher commands...

> >

> > the irony is that I have the encryption certificate backed up in the

> > client machine!

> >

> > All I want to do is copy my encrypted files over to the client

> > machine and decrypt themthere using my key.

> >

> > Any suggestions?

> >

> > Thanks in advance.

> > arkein

>

> Can't be done unless you find an agent with the recovery keys or have

> your own set of recovery keys. Otherwise it wouldn't be very useful

> encryption now, would it? Only the person who did the encryption and/or

> a designated, verified agent with the right credentials can access those

> files. Read Help and Support for full info about it.

>

>

>

Guest Twayne

Guest Twayne

Posted
Posted

Re: can't copy encrypted files

 

> Thanks for your input Twayne,

>

> Ok. When I encrypted the files I didn't designate the user account on

> the other networked pc as an authorised recovery agent. So that means

> by default the only account authorised to recover the files is the

> very user account that made the encryption, since it is also the

> administrator account. At the time I wasn't aware about the need to

> set a certified decryption agent, thinking that backing up my

> encryption certificate was enough. lesson learned.

 

Ah! Yes, your encryption key (not sure what you mean by certification)

is exactly what you need, assuming the files were encrypted under that

key and not a different one (different user account). It sounds to me

like you have what you need! The "agent" business is a safety thing

where someone OTHER than you can also share the accesses; not necessary.

Companies set up agents in case an employee leaves, isn't available,

things like that. You ARE the encryptor, so your backed up key should

be what you need.

>

> I've heard about the ice bath method before, and thanks for reminding

> me. I just might try that as a last resort. The machine is a lapto

> though. So I'll have to take it out, put it in a ziplock bag and

> chuck it in the freezer for 24 hours and then reinstall it into the

> laptop.

 

Yes, it's best as a last resort. Sometimes the cold can be the final

straw and isntead of fixing it, will kill it the rest of the way. It

hasn't happened to me, but I don't freeze that many drives<G>.

>

> I can still access almost all of my unencrypted files. I only had a

> handfull of files giving me a read-write error and was denied access

> only to the few remaining encrypted files.

 

¿¿ I didn't get that before. That sounds a lot like data corruption

rather than a drive problem. "rw" problems on only certain files

doesn't sound like a drive problem to me, based on that information by

itself.

-- Have you run chkdsk /r? This should be a next to last resort, too

since in extreme circumstances it can again render a drive unusable,

although it doesn't sound like your problems are great enough to cause

that.

With /r if it finds data in a sector that's gone bad it'll make

multiple tries to read the data, compare the tries, look for enough

similarity to call it "good" data, and will write that data to another,

good sector and update the location tables accordingly, making the file

recoverable. Problem is, if it guesses wrong, the file is then forever

unencryptable.

-- Every drive manufactuer makes a test program for their disks to

judge the disk's health that's much better than anything XP has and is

non-destructive. I think I'd run that if you haven't already, and see

what it says about the drive. Now it doesn't sound like a drive

problem, actually.

>

> I'm not sure whether the problem was caused by system files becoming

> corrupted by a registry clean I did just before the problem occurred,

> or if its because my hard disk is physically damaged.

 

What "registry cleaner" did you run? Does it have an "undo" feature?

If so, what happens if you undo everything? That might get you back

those files? Some "cleaners" are OK, some, well, not very good.

 

I'm also

> getting weird display artefacts... little discolored dots appearing

> randomly as soon as the bios starts up and increasing in number as

> the computer heats up. Also, in recovery console mode, the random

> letters in the text is getting discolored/switched to another letter.

> I'm hoping that is caused by corrupted system files and not a damaged

> video card...

 

Woof: Back burner for now I think; not likely connected directly with

your major issue?

>

> I ran a couple of diagnostics and they seem to be indicating

> something is physically wrong with the drive...

 

That's where the mfg test app comes in: Much more reliable and made for

the drive it's testing. Always much better than any other diags which

have to be a one size fits all type.

>

> I think most of the encrypted files I'm trying to access were backed

> up at some point in the past. I'm looking for them in my old backup

> cds. If I find them, I'll just format the drive and reinstall

> windows, and that'll tell me if I need to get a new hard drive or not.

 

Mmm, probably, since you said you have the encryption key you might be

able to do it on a different machine, too. Like I said, as long as it's

the right encryption key for the encryption that happened (only you as a

user on one account, not a mix of accounts).

 

Best of luck;

 

Keep us up to date - you've goe me pretty curious now. Sounds like you

might be fighting multiple problems and that always makes the job

tougher. Pary for it to be SW<g>.

 

HTH

>

> thanks for your input guys!

>

>

>

> "Twayne" wrote:

>

>>> Hello,

>>>

>>> Is there any way to copy or decrypt encrypted files if I've got the

>>> encryption key and can access the HD contents but I'm not the

>>> designated decryption agent and can't log on to the account that

>>> owns the encrypted files?

>>>

>>> I can't log on to windows in normal or safe mode because of a

>>> corrupt boot volume. running chkdsk, fixboot and fixmbr in the

>>> recovery console did not fix the problem, so no way to log in to my

>>> account.

>>>

>>> I can access my hard disk contents by running ubuntu live cd. I have

>>> even set up a network between the faulty machine running ubuntu, as

>>> server, and another machine running XP. But I can't access or copy

>>> the encrypted files either in ubuntu or through the network from the

>>> client machine running XP. I get an access denied message.

>>>

>>> I've tried taking ownership of the files from the client, but access

>>> is still denied. I've tried backing the files up to the client using

>>> the windows backup application from the client, but access is still

>>> denied.

>>>

>>> I can't run the cipher command to decrypt the files since I can't

>>> log on to my account even in safe mode with command prompt. The blue

>>> screen of death gets me first. I can only log on with my password

>>> using recovery console, but for some stupid reason, recovery console

>>> does not allow cipher commands...

>>>

>>> the irony is that I have the encryption certificate backed up in the

>>> client machine!

>>>

>>> All I want to do is copy my encrypted files over to the client

>>> machine and decrypt themthere using my key.

>>>

>>> Any suggestions?

>>>

>>> Thanks in advance.

>>> arkein

>>

>> Can't be done unless you find an agent with the recovery keys or have

>> your own set of recovery keys. Otherwise it wouldn't be very useful

>> encryption now, would it? Only the person who did the encryption

>> and/or a designated, verified agent with the right credentials can

>> access those files. Read Help and Support for full info about it.

Guest David

Guest David

Posted
Posted

Re: can't copy encrypted files

 

Hi - I have much the same problem - but I think I have access to all the

people/logons/etc for the party who apparently inadvertently encrypted the

files rather than merely compressing them - BUT - how can I identify that

party and relevant certificates etc .... Cheers ... David

 

 

"arkein" wrote:

> Thanks for your input Twayne,

>

> Ok. When I encrypted the files I didn't designate the user account on the

> other networked pc as an authorised recovery agent. So that means by default

> the only account authorised to recover the files is the very user account

> that made the encryption, since it is also the administrator account. At the

> time I wasn't aware about the need to set a certified decryption agent,

> thinking that backing up my encryption certificate was enough. lesson learned.

>

> I've heard about the ice bath method before, and thanks for reminding me. I

> just might try that as a last resort. The machine is a lapto though. So I'll

> have to take it out, put it in a ziplock bag and chuck it in the freezer for

> 24 hours and then reinstall it into the laptop.

>

> I can still access almost all of my unencrypted files. I only had a handfull

> of files giving me a read-write error and was denied access only to the few

> remaining encrypted files.

>

> I'm not sure whether the problem was caused by system files becoming

> corrupted by a registry clean I did just before the problem occurred, or if

> its because my hard disk is physically damaged. I'm also getting weird

> display artefacts... little discolored dots appearing randomly as soon as the

> bios starts up and increasing in number as the computer heats up. Also, in

> recovery console mode, the random letters in the text is getting

> discolored/switched to another letter. I'm hoping that is caused by corrupted

> system files and not a damaged video card...

>

> I ran a couple of diagnostics and they seem to be indicating something is

> physically wrong with the drive...

>

> I think most of the encrypted files I'm trying to access were backed up at

> some point in the past. I'm looking for them in my old backup cds. If I find

> them, I'll just format the drive and reinstall windows, and that'll tell me

> if I need to get a new hard drive or not.

>

> thanks for your input guys!

>

>

>

> "Twayne" wrote:

>

> > > Hello,

> > >

> > > Is there any way to copy or decrypt encrypted files if I've got the

> > > encryption key and can access the HD contents but I'm not the

> > > designated decryption agent and can't log on to the account that owns

> > > the encrypted files?

> > >

> > > I can't log on to windows in normal or safe mode because of a corrupt

> > > boot volume. running chkdsk, fixboot and fixmbr in the recovery

> > > console did not fix the problem, so no way to log in to my account.

> > >

> > > I can access my hard disk contents by running ubuntu live cd. I have

> > > even set up a network between the faulty machine running ubuntu, as

> > > server, and another machine running XP. But I can't access or copy

> > > the encrypted files either in ubuntu or through the network from the

> > > client machine running XP. I get an access denied message.

> > >

> > > I've tried taking ownership of the files from the client, but access

> > > is still denied. I've tried backing the files up to the client using

> > > the windows backup application from the client, but access is still

> > > denied.

> > >

> > > I can't run the cipher command to decrypt the files since I can't log

> > > on to my account even in safe mode with command prompt. The blue

> > > screen of death gets me first. I can only log on with my password

> > > using recovery console, but for some stupid reason, recovery console

> > > does not allow cipher commands...

> > >

> > > the irony is that I have the encryption certificate backed up in the

> > > client machine!

> > >

> > > All I want to do is copy my encrypted files over to the client

> > > machine and decrypt themthere using my key.

> > >

> > > Any suggestions?

> > >

> > > Thanks in advance.

> > > arkein

> >

> > Can't be done unless you find an agent with the recovery keys or have

> > your own set of recovery keys. Otherwise it wouldn't be very useful

> > encryption now, would it? Only the person who did the encryption and/or

> > a designated, verified agent with the right credentials can access those

> > files. Read Help and Support for full info about it.

> >

> >

> >

Guest Twayne

Guest Twayne

Posted
Posted

Re: can't copy encrypted files

 

From the computer itself, I doubt you can unless someone set up an audit

trail of all the accesses etc, which would be pretty unusual. AFAIK

you'll just have to ask around until you find the person and hope they

remember it.

 

MS encryption is good but they sure did a lousy job of documenting it.

 

 

> Hi - I have much the same problem - but I think I have access to all

> the people/logons/etc for the party who apparently inadvertently

> encrypted the files rather than merely compressing them - BUT - how

> can I identify that party and relevant certificates etc .... Cheers

> ... David

>

>

> "arkein" wrote:

>

>> Thanks for your input Twayne,

>>

>> Ok. When I encrypted the files I didn't designate the user account

>> on the other networked pc as an authorised recovery agent. So that

>> means by default the only account authorised to recover the files is

>> the very user account that made the encryption, since it is also the

>> administrator account. At the time I wasn't aware about the need to

>> set a certified decryption agent, thinking that backing up my

>> encryption certificate was enough. lesson learned.

>>

>> I've heard about the ice bath method before, and thanks for

>> reminding me. I just might try that as a last resort. The machine is

>> a lapto though. So I'll have to take it out, put it in a ziplock bag

>> and chuck it in the freezer for 24 hours and then reinstall it into

>> the laptop.

>>

>> I can still access almost all of my unencrypted files. I only had a

>> handfull of files giving me a read-write error and was denied access

>> only to the few remaining encrypted files.

>>

>> I'm not sure whether the problem was caused by system files becoming

>> corrupted by a registry clean I did just before the problem

>> occurred, or if its because my hard disk is physically damaged. I'm

>> also getting weird display artefacts... little discolored dots

>> appearing randomly as soon as the bios starts up and increasing in

>> number as the computer heats up. Also, in recovery console mode, the

>> random letters in the text is getting discolored/switched to another

>> letter. I'm hoping that is caused by corrupted system files and not

>> a damaged video card...

>>

>> I ran a couple of diagnostics and they seem to be indicating

>> something is physically wrong with the drive...

>>

>> I think most of the encrypted files I'm trying to access were backed

>> up at some point in the past. I'm looking for them in my old backup

>> cds. If I find them, I'll just format the drive and reinstall

>> windows, and that'll tell me if I need to get a new hard drive or

>> not.

>>

>> thanks for your input guys!

>>

>>

>>

>> "Twayne" wrote:

>>

>>>> Hello,

>>>>

>>>> Is there any way to copy or decrypt encrypted files if I've got the

>>>> encryption key and can access the HD contents but I'm not the

>>>> designated decryption agent and can't log on to the account that

>>>> owns the encrypted files?

>>>>

>>>> I can't log on to windows in normal or safe mode because of a

>>>> corrupt boot volume. running chkdsk, fixboot and fixmbr in the

>>>> recovery console did not fix the problem, so no way to log in to

>>>> my account.

>>>>

>>>> I can access my hard disk contents by running ubuntu live cd. I

>>>> have even set up a network between the faulty machine running

>>>> ubuntu, as server, and another machine running XP. But I can't

>>>> access or copy the encrypted files either in ubuntu or through the

>>>> network from the client machine running XP. I get an access denied

>>>> message.

>>>>

>>>> I've tried taking ownership of the files from the client, but

>>>> access is still denied. I've tried backing the files up to the

>>>> client using the windows backup application from the client, but

>>>> access is still denied.

>>>>

>>>> I can't run the cipher command to decrypt the files since I can't

>>>> log on to my account even in safe mode with command prompt. The

>>>> blue screen of death gets me first. I can only log on with my

>>>> password using recovery console, but for some stupid reason,

>>>> recovery console does not allow cipher commands...

>>>>

>>>> the irony is that I have the encryption certificate backed up in

>>>> the client machine!

>>>>

>>>> All I want to do is copy my encrypted files over to the client

>>>> machine and decrypt themthere using my key.

>>>>

>>>> Any suggestions?

>>>>

>>>> Thanks in advance.

>>>> arkein

>>>

>>> Can't be done unless you find an agent with the recovery keys or

>>> have your own set of recovery keys. Otherwise it wouldn't be very

>>> useful encryption now, would it? Only the person who did the

>>> encryption and/or a designated, verified agent with the right

>>> credentials can access those files. Read Help and Support for full

>>> info about it.

 Share
Go to topic listing
×
×
  • Create New...