Windows XP is denying access to EFS encrypted files for seemingly no reason. Please help.
Today after booting up my computer and logging in to my user account as always, Windows XP SP3 began to forbid access to files previously encrypted with EFS by my user account. I did not change any password, install any new program, or update Windows yesterday. I try to decrypt them with administrator privileges but it doesn't work (which is how it is supposed to work, I reckon).
The only odd things I noticed were:
1. Late yesterday I got a prompt from Windows firewall saying explorer.exe was requesting access to the network (I did not allow it), and again today as soon as Windows started the first time (but not after subsequent restarts).
2. According to Spybot, I had a new registry startup entry for "wewyy.exe
" on Docs.../[Username]/Appdata/Agtab
. I deleted both file and startup entry and on restart they're not there anymore. I did a flash scan with Malwarebytes and it detected nothing.
3. I did a scan with RootkitRevealer from Sysinternals and it noticed a mismatch between API and raw hive data form the Cryptography\RNG\Seed but Google tells me that's supposed to be normal.
I should probably also note that, along with Windows firewall, I use a hardware firewall in my modem, and SuRun
for always working as a limited account.
Any ideas what to do? Please ask for more details if needed.