Hello, I have just a basic question. My wife had encrypted some files on my external hdd and not knowing that she had done that I reinstalled my os. Now i cant view or do anything with the files. Is there any possible way that i can view these files. They are pictures of my new born child and my wifes pregnancy. If there is any possible way. Even sending it to a data recovery site. I would do just about anything to get these files back. If not i understand, but what I'm kinda upset about is that there was not warning message stating to back up the .cert or create ESF. My wife stated that if there was some sort of warning she would have never done it. Anyways if anyone can help that would be awesome thank you.1 person needs an answerI do too

It depends on how you reinstalled Windows. The key to recovery lies in recovering the old EFS certificate, if you did an in-place upgrade (repair install) of the operating system then chances are good that the old certificate might still be recoverable. If you did a clean install (format and reinstall) then chances are not so good that the certificate is still recoverable. When you format a drive the files are not erased, the index to the files is cleared and rebuilt so it appears to the operating system that there are no files on the disk, the disk appears empty and the operating system can write files wherever it wants and as it writes new files it enters the locations of the new files in the file index so as to not write again in the same area. If you did a clean install what are the chances that new files were not written in the area where your old EFS certificate was? Possible but slim! If the old certificate was overwritten then kiss the files goodbye, they are lost!If you want to attempt a recovery the first thing to do is to prevent the overwriting of the certificate, immediately stop using the drive where the EFS certificate was located, the drive will have to be mounted in another computer to attempt recovery. Then read here: http://www.beginningtoseethelight.org/efsrecovery/ Elcomsoft claims to be able to recover certificates after formats and reinstall by doing a sector by sector search of the disk for old certificates but as I mentioned earlier if the certificate was overwritten it is gone forever!John

If you have encrypted folders/file and transfer them to a fresh installation of XP you can only decrypt them using the encryption key from your original XP installation. If this is the case, the key to decrypt these files was managed by Windows as a Certificate in your Certificate store of your original installation. These certificates are, in turn, encrypted to your Secure ID, your password, and many other things. This information would be lost on a new XP install. The easy way to restore access to your files is to restore your certificate from the backup that you dutifully performed according to the paragraph "Why you must back up your certificates" in the article:"Best practices for the Encrypting File System"http://support.microsoft.com/kb/223316/en-usIf you don't have a copy of your certificate, then you must restore your old system from an image-style backup, login, and then extract your certificate.Otherwise, your data is history. EFS is quite secure and there are no back doors. Because the instructions for encryption are often never read, understood or followed or the importance of backing up the certificates is not followed or fully understood, EFS has affectionately been referred to as the "Delayed Trash Can".Allegedly, you may be able to hire someone that specializes in recovery of encrypted files to try to help you.Don't guess what the problem might be - figure it out and fix it. I need YOUR votes and points for helpful replies and Propose as Answers. I am saving up for a pony!

If you don't have a copy of your certificate, then you must restore your old system from an image-style backup, login, and then extract your certificate.Otherwise, your data is history. EFS is quite secure and there are no back doors. It is not a requisite that you be able to logon to the old system to recreate the certificates, you two need files from two different folders (a third required file is a public key which can be recreated) and you need to know your password. A backup of the user's profile folder would suffice to rebuild the certificate as the required files are all stored within the profile folder. That being said I rather doubt that the files would have survived a format and reinstall, chances are quite slim but they could have 'miraculously' survived.John