Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
I have large .enc files in My Documents on Windows Server 2008. What are they?

Unanswered I have large .enc files in My Documents on Windows Server 2008. What are they?

  • Tuesday, June 26, 2012 7:59 PM
     
     
    Sign In to Vote
    0

    Hi all,

    When i go to C:\users\administrator\My Documents, i see a file call CompanyName_4496_12011_085427.enc, this file is over 4gb in size.

    I have the same file (different size) in each of the users folders under C:\users\

    What are they and can they be removed?

    Brad Nelson MCSE/DCSE/A+/Network+/WCSP

     

All Replies

  • Tuesday, June 26, 2012 8:05 PM
     
     
    Sign In to Vote
    0

    Hello Brad,

    ENC file is widely considered as a kind of encoded file extension saved as UUE format. This file format could be opened by IBM Lotus 1-2-3. It is secure to protect users' privacy as an ENC file.

    This depends on software you are using.

    But on the default it is not coming.

    You can try to backup the file somewhere else and try to delete.

    And see if something is effected.

    Sincerely,

    Murat Demirkiran

    If the post helps you and remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. www.scvmm2012.com (TR Language) Please note that I'm not a Microsoft Representative or SpokesPerson.

     
  • Wednesday, June 27, 2012 3:29 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi,

    After search we don’t find official definition about .enc file in MS website.

    From internet, the .enc file type is primarily associated with “BlackIce Evidence Log File”. Often encoded by a specific program, such as IBM Lotus or Adobe Flash, protects the file from being opened by unauthorized users.

    To find what this file is and which application creates it, I think you may enable audit policy for it.

    Enable Audit object access policy, you can find it at: Computer Configuration-->Windows Settings-->Security Settings-->Local Policies-->Audit policy-->Audit object access

    You can configure it through Local policy or Domain group policy, and there are two audit option in the policy: Success and Failure.

    You can configure Success Audit object access policy then configure Audit for that single file. Find that file (CompanyName_4496_12011_085427.enc), right click to launch properties-->Security tab-->Advanced-->Auditing-->Edit-->Add-->add Everyone group with Full Control permission-->save the setting.

    Now you can launch eventviewer, and check event log at Windows Logs\Security category, monitor the event logs, you can find event log that record which process accessed this file.

    For more information please refer to following MS articles:

    Add users or groups to the Audit list
    http://technet.microsoft.com/en-us/library/cc782492(v=WS.10).aspx
    Configuring Audit Policies
    http://technet.microsoft.com/en-us/library/dd277403.aspx
    AD DS Auditing Step-by-Step Guide
    http://technet.microsoft.com/en-us/library/cc731607(v=WS.10).aspx

    Hope this helps!

    TechNet Subscriber Support

    If you areTechNet Subscription user and have any feedback on our support quality, please send your feedback here.

    Lawrence

    TechNet Community Support

     
  • Monday, July 02, 2012 2:08 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi,

    I would like to confirm what is the current situation? Have you resolved the problem?
    If there is anything that we can do for you, please do not hesitate to let us know, and we will be happy to help.

    Lawrence

    TechNet Community Support