I had to auto-recover my system after the computer crash. Since then my login and password are the same but I can no longer access the encrypted files in 'Administrator\My documents' folder receiving the message 'access denied'. A new 'my documents' folder has been created and I understand that my certificate is now only valid for the files that I encrypt from now on. Is there any way that I could access my previously encrypted files as there is some stuff there that is really important for me. Can it be that my previous sertificate (or whatever) is stored somewhere in the system and can be activated (placed in the trusted root store or smth?) Many thanks!

Hi, I am no expert in this area but this information may be of some use. Was the administrator the only account that was specified as a Data Recovery Agent when you encrypted the files? (Admin Tools / Local Security Settings / Encrypted data recovery agents. If there was another user specified here or if you are part of a windows 2000 domain you may find that Domain Admin (Often added by default) / Other specified user may be able to open the files. (AS these users certificates are also added to the encrypted file) As you have a new "My Documents" folder it sounds like a new administrator user has been created. Where is your old "My Documents" folder stored? It may be worth checking who is marked as the Owner (Right click the folder / Properties / Security / Advanced / Owner) of the original "My Documents” folder to make sure you are login on as the exact same user as before (The Folder Owner). Anyone Else have any ideas? Super Play

Thanks so much for the advice. I have to say, it is a bit stupid from Microsoft side. They are providing the auto repair option which effectively changes the administrator profile... Unfortunately I was the only user on the machine who had rights for that 'administrator\my documents' folder. It is still under 'documents and settings' but I now have another 'administrator(computerID)\my documents' folder. It looks like my original certificate was replaced by the auto-recovery setup and I was just wondering whether it can still be activated? All such mishaps completely destroy any trust in the new security technologies... By the way, is there any other way of decrypting the file if I have the admin password?

Hi Even though you know the Admin password you will not be able to get into the files without the correct key. So if the certificate is lost then its stuck time! If I have time over the weekend I will have a play with this on my system. There may be some way of exporting the certificate of the original Administrator and importing this certificate into the current Administrators account. As the old admin account seems to have retained its administrator (computer Id) the original certificate should hopefully be somewhere! Lets hope this is in tact and not overwriten I will post to let you know how I get on. Super Play.

Thanks!!!

Unfortunately I have had no joy in finding a way to recover your files. I tried various angles to attack this. Here are some of the things that I tried. Attempted to export a personal certificate and import this to another user. Backup and restore the file to a non-NTFS volume. Move / Copy / rename using various users & Permissions configurations. From what I have read up on EFS over the weekend it seems to be a very secure method of encrypting files. Having lost the original user profile that encrypted the files the only way to recover is to use the recovery user. Even though we have not found a way to recover your files I would recommend that you do a full backup of your system as something may be posted on TechNet or here in the future that will gide you to recovery! I expect there to be lots of people with your problem in the near future when they start to do recovery. If you are interested I can give a more detailed decryption of what I tried and why it failed. Along with some links to very good docs on EFS. Sorry I did not have something more positive! Super Play

Anyway thanks for your tremendous efforts! The most sad thing about all this is that the file I was trying to open contained all my correspondence with my girlfried since we met... She keeps asking me on and on about this. Silly a bit! I guess apart from blaming myself there is also Microsoft to throw a stone at - they could've thought about situations like this before suggesting 'auto recovery' options. I would have never tried it had I known that 'recovery' means overwriting my profile... Thanks for your help - it would be helpful if you could let me know in more detail about what you tried - just in case.