Question Cannot decrypt files Win10 - access denied / specified file cannot be decrypted

[erasedhammer]

I have some files on another hard drive that are encrypted. I am the owner and have full permissions on the drive, the folders, and each file.
If I try and open them, it says access denied. If I try and decrypt them I get "The specified file could not be decrypted"

I cannot copy any file over to my local drive. It gives me an error saying I need permission from myself to copy it.

These files are not sensitive, I was just trying out encryption and now I need to use this hard drive for something else, but I cant get these files off.

 

[TJ Hooker]

Can you not delete them? If not, format the drive.

 

[erasedhammer]

I can delete them. But it would not be easy to find them again. I'd prefer to try and decrypt them somehow, or at the very least get them off the drive so I can figure the problem out later.

 

[TJ Hooker]

Do you know the password to decrypt them?

Try launching a command prompt as an administrator and moving them that way.

mv [currentpath] [newpath]

If the paths have any spaces in them put the entire path in quote.

 

[erasedhammer]

It never asks for a password for decryption, just errors out before it gets there i guess.

Cmd, opened as administrator, Access is Denied.

 

[TJ Hooker]

What did you use to encrypt them?

 

[erasedhammer]

I used winaero tweaker to enable the encrypt/decrypt option in the context menu.
Then I just right click the files and encrypted them.
I did this last year.

 

[TJ Hooker]

And you haven't made any changes to Windows or Users since then? And you're logged into the same account you used to encrypt them?

Could try decrypting via command line. https://winaero.com/blog/encrypt-files-folders-efs-windows-10/
It looks like "/e" is to encrypt, so I would guess changing that to "/d" would decrypt. Could try it launching command prompt as your normal user, and then as admin if that doesn't work.

 

[erasedhammer]

I checked the certificate it used and its the same account.

Cipher was what I was originally trying to decryp them with. Same error as when I do it in the properties window or right click.

 

[erasedhammer]

I think the certificate I used to encrypt is somehow gone....

It looks like I have to just loose these files..... frustrating...

 

[TJ Hooker]

Could try using the "runas" command to explicitly run the command as the user that originally encrypted the files.
https://www.windows-commandline.com/windows-runas-command-prompt/

In the example shown, replace "program" with the command you are trying to run, e.g. "cipher /d [blah blah]"
You should be able to omit "domainname\" from the command, but if not use your computer's name as the domain name (can find computer name in control panel->system).

 

[erasedhammer]

No go on the runas. Can't tell what its doing, but it doesnt decrypt anything even though it seems like it ran fine

 

[erasedhammer]

Just decrypted other files that I recently encrypted and they decrypt just fine.
So looks like its an old version of my account that encrypted the files and even though they are the same name, I guess the different SID makes it impossible for me to get them

 

[erasedhammer]

C:\>cipher /C Z:\wireharnessa2.JPG

Listing Z:\
New files added to this directory will not be encrypted.

E wireharnessa2.JPG
Compatibility Level:
Windows XP/Server 2003

Users who can decrypt:
HOSTNAME\username [username(UserName@USERNAME)]
Certificate thumbprint: ****
No recovery certificate found.

Key information cannot be retrieved.

The specified file could not be decrypted.


That looks like its looking for an account by the same name as mine but different.....

 

[erasedhammer]

just compared the cert thumbprint to a file I recently encrypted and they do not match.

I do not have the cert needed to decrypt my files...

Unless you have a magical work around, I'll be formatting this drive and wiping the files.

 

[TJ Hooker]

Sorry bud, I'm out of ideas.