JustGeorge Posted May 14, 2017 Share Posted May 14, 2017 (edited) This method produced a result for me: https://superuser.com/questions/58878/how-to-list-encrypted-files-in-windows-7 On my machine, the encryption.txt file was generated in the root of my user Dir. Quote open a cmd prompt Enter the command: cipher /s:c:\ > encryption.txt Open the file "encryption.txt" To find encrypted folders, search for "will be encrypted" To find encrypted files, search for "E" at the beginning of a line Without parameters, Cipher lists state of the current directory and all files in it. The /s parameter tells it to recurse, and c:\ gives it the starting point. From there, "> ..." just redirects the output. Cipher's output for encrypted files and folders look like this: Listing c:\Dev\Encrypted\ New files added to this directory will be encrypted. E Default.aspx E Default.aspx.cs E Default.aspx.designer.cs Cipher's output for normal files and folders look like this: Listing c:\Dev\Plaintext\ New files added to this directory will not be encrypted. U Default.aspx U Default.aspx.cs U Default.aspx.designer.cs Hope that helps. Also from same page... Quote cipher /u /n /h will find and list all encrypted files on your hard drives (as mivk commented on the other answer) without need for any additional filtering (that could go wrong). Credits for this also go to this tutorial where I found this answer. Note: If there are no encrypted files on the system (any disk), the command returns immediately with the response: The system cannot find the file specified. This is not an error. It means there are no encrypted files. It seems in this case this info is cached somehow. Important note: This does not list all encrypted files! Apparently it only lists files belonging to the current user who is running the command. Edited May 14, 2017 by slamfire92 Link to comment Share on other sites More sharing options...
Joe User Posted May 14, 2017 Share Posted May 14, 2017 11 hours ago, slamfire92 said: Note: If there are no encrypted files on the system (any disk), the command returns immediately with the response: The system cannot find the file specified. This is not an error. It means there are no encrypted files. It seems in this case this info is cached somehow. Typical cryptic error message. Why wouldn't they reply 'No EFS encrypted files found'? Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 Well Ended up using Western Digital Secure Erase SSD boot drive, and did a clean install, so far the problem hasn't returned, exact cause still an unknown, being very careful what I click on/reinstall at this point. Scanning other house hold PC's for any infections as well, external drives as well, so far nothing found with Avast Free on other system boot scan, eset online scan, Malwarebytes Free. I think soon I can declare those other drives clean lol and systems one more drive to check still though, and then might check all the other flash drives. Should I reinstall Avast on this system? Or will I be fine on my main AMD FX system with Windows Defender Link to comment Share on other sites More sharing options...
JustGeorge Posted May 14, 2017 Share Posted May 14, 2017 (edited) 20 minutes ago, Joe User said: Typical cryptic error message. Why wouldn't they reply 'No EFS encrypted files found'? "Keyboard Error Press any key to continue" "Something went wrong" Sometimes you just have to conclude that they're intentionally messing with us Edited May 14, 2017 by slamfire92 Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 Lmao, they could be intentionally messing with users, heck this morning during the Secure erase of SSD procedure, after I got the drive out of frozen state, Monitor stayed dark, so I went and took shower lmao, and came back and finally showed on screen done, i'm like really great programming where monitor won't even wake up during a task lol. As for system operating fine so far, no weird popups yet, but a lot more to reinstall, just formatted the secondary drive, I didn't zero wipe it as not sure which program works with Toshiba drives lol I just hope all the problems are done with, Printer full software did reinstall though, so that's progress lol Not sure on staying with Defender though, as every other PC uses Avast in the household, but if it's best to stay with Defender, then will Link to comment Share on other sites More sharing options...
JustGeorge Posted May 14, 2017 Share Posted May 14, 2017 (edited) 5 minutes ago, bikeman25 said: Lmao, they could be intentionally messing with users, heck this morning during the Secure erase of SSD procedure, after I got the drive out of frozen state, Monitor stayed dark, so I went and took shower lmao, and came back and finally showed on screen done, i'm like really great programming where monitor won't even wake up during a task lol. As for system operating fine so far, no weird popups yet, but a lot more to reinstall, just formatted the secondary drive, I didn't zero wipe it as not sure which program works with Toshiba drives lol I just hope all the problems are done with, Printer full software did reinstall though, so that's progress lol Not sure on staying with Defender though, as every other PC uses Avast in the household, but if it's best to stay with Defender, then will Create a system image after setting everything up, so you don't have to go through this again: Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 Will do most definitely create one once all back in order. Hopes I never have to go thru this again, and all is well now. been up since 6a.m. running scans, and checking things, and such, Eventually replacing secondary drive with a Western Digital as well so can use same diagnostic tools as all the other Western Digital drives use, but that's months away when I have money lol. Might stay with Defender for Antivirus protection Link to comment Share on other sites More sharing options...
The Evil Overlord Posted May 14, 2017 Share Posted May 14, 2017 12 hours ago, bikeman25 said: Does secure erasing the SSD shorten it's life though? First ever SSD, so nervous on killing it too soon, Can't say for sure, but my Kingston ssd is 4 or 5 years old now (possibly older), and I've reformatted it a few times, ssd life still recons it's good for another 6 years (I doubt it personally, but time will tell) Spoiler +Raze 1 Share Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 (edited) Yeah mine don't really support SSD life lol, states unable to determine life span lol, but rating in Western Digitals Lifeguard program shows 99 percent life rating, so guess its ok still, But does show Healthy though, so guess that's just fine then lol Link to comment Share on other sites More sharing options...
goretsky Supervisor Posted May 14, 2017 Supervisor Share Posted May 14, 2017 Hello, One thing to check in the future (if it happens again) is whether your security software has some kind of anti-ransomware feature, whether or not it is enabled, and if it is compatible with your build of Windows 10 If so, that could have been what was blocking Cipher (filename: CIPHER.EXE) and/or causing the EFS dialog to appear. Regards, Aryeh Goretsky The Evil Overlord 1 Share Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 Avast did have Behavior shield, though I don't see it happening on upstairs Desktop that is also Running same version of Windows 10 Pro Creators 1703 Build 15063.296, but i'll go up and check that one again Link to comment Share on other sites More sharing options...
adrynalyne Posted May 14, 2017 Share Posted May 14, 2017 2 hours ago, Joe User said: Typical cryptic error message. Why wouldn't they reply 'No EFS encrypted files found'? I don't get an error, nor does it show any encrypted files on my drive. I do have them, but I'm not using efs for it. Link to comment Share on other sites More sharing options...
adrynalyne Posted May 14, 2017 Share Posted May 14, 2017 2 hours ago, The Evil Overlord said: Can't say for sure, but my Kingston ssd is 4 or 5 years old now (possibly older), and I've reformatted it a few times, ssd life still recons it's good for another 6 years (I doubt it personally, but time will tell) Hide contents Secure erasing I believe also writes zeroes to the drive which could potentially lower life span, but I don't know by how much. A regular format doesn't do such things. Link to comment Share on other sites More sharing options...
bikeman25 Posted May 14, 2017 Author Share Posted May 14, 2017 Secure Erasing of SSD was done thru Western Digital SSD Dashboard bootable usb, unknown if it wrote zeros or not, since Monitor went black during the process, the drive was in frozen locked state, PC went into suspend mode, 20 seconds later, woke it back up, and then had no monitor picture, so no idea what it actually did after I pressed enter (as a guess to continue), then plugged in Windows 10 Pro 64bit USB drive, and did the install. SSD dashboard shows 99 percent for life remaining, same as before as of right now Link to comment Share on other sites More sharing options...
JustGeorge Posted May 14, 2017 Share Posted May 14, 2017 (edited) 20 minutes ago, adrynalyne said: I don't get an error, nor does it show any encrypted files on my drive. I do have them, but I'm not using efs for it. Whats the hash of your cipher.exe? Just tested on my PC @ work. Same result as the other 3 I've tried. Link to comment Share on other sites More sharing options...
+DonC Subscriber² Posted May 14, 2017 Subscriber² Share Posted May 14, 2017 I'm getting: The first time I ran the cipher command, I got the error message but not the second time. (SHA256 hash included) Edit: This is on Windows 10 Home. Link to comment Share on other sites More sharing options...
JustGeorge Posted May 14, 2017 Share Posted May 14, 2017 (edited) Edited May 14, 2017 by slamfire92 Link to comment Share on other sites More sharing options...
+DonC Subscriber² Posted May 14, 2017 Subscriber² Share Posted May 14, 2017 1 minute ago, slamfire92 said: Here's mine: Here's mine: Oh wait, this machine isn't on the Creators Update since it's about to go in for repair and it's likely the drive will be reset to a factory image. (My version string starts with 10.0.14) Link to comment Share on other sites More sharing options...
adrynalyne Posted May 14, 2017 Share Posted May 14, 2017 40 minutes ago, slamfire92 said: Whats the hash of your cipher.exe? Just tested on my PC @ work. Same result as the other 3 I've tried. I'm not at home to see. I'll post it later. Link to comment Share on other sites More sharing options...
adrynalyne Posted May 14, 2017 Share Posted May 14, 2017 4 hours ago, slamfire92 said: Link to comment Share on other sites More sharing options...
JustGeorge Posted May 15, 2017 Share Posted May 15, 2017 Well they match, so its not that. Link to comment Share on other sites More sharing options...
bikeman25 Posted May 15, 2017 Author Share Posted May 15, 2017 Well System running perfectly fine now, Getting System Image done in a moment here, Perhaps i got something when i was testing myself using Defender for Antivirus protection or left over infection from previous one, plan on checking all flash drives with secondary system later on before connecting to this one. Thank you everyone for the replies and help in this matter so appreciate it Really thought i was a safe surfer, not sure if previous issue was indeed infection or something accidently encrypted, but anyhow everything is working fine now, so relieved in that matter Link to comment Share on other sites More sharing options...
Recommended Posts