locked
Prompt popping up to back up file encryption certificate and key? RRS feed

  • Question

  • Today on my home computer running Windows 10 Pro 64-bit (1511), I have a dialog box popping up telling me to:

    "Back up your file encryption certificate and key"

    The dialog has 3 options.  "Back up now (recommend)", "Back up later", and "Never back up".  The title of the dialog box is labeled "Encrypting File System".

    I'm a little confused why this is popping up?  I verified that I do not have BitLocker enabled.  I installed Windows 10 from scratch to a brand new and blank hard drive 5 days ago.  I have not enabled or intentionally encrypted any individual files or folders.

    I have 3 hard drives in my computer and all are setup as NTFS drives.

    What is causing the message to pop up?  Is there some unknown encryption going on that I am not aware of?  How might I determine that and then turn that off?

    Thanks for any help you can provide.  (Below is the dialog box that popped up.)

    Thursday, January 7, 2016 6:59 PM

Answers

  • Hi,

    If you could confirm that you haven't encrypted any file, please navigate to:

    1. Type certmgr.msc into search box, press Enter.

    2. In the certification management window, expand Personal ->Certificates-> There should have entry with EFS intended Purpose, delete that certificate.

    3. Same steps for Trusted People ->Certificates -> entry with EFS intended purpose.

    After that, reboot the computer to check the result.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    • Marked as answer by KHHemmelman Wednesday, January 13, 2016 5:06 AM
    Monday, January 11, 2016 9:36 AM

All replies

  • Hi,

    We could use this command to list all encrypted files in all local drives in Windows:

    1. Open the Command Prompt(Admin).

    2. Copy and paste this command, press Enter:

    cipher /u /h > %UserProfile%\Desktop\Encrypted-Files.txt

    3. When finished, close the command prompt.

    4. You will now have a Encrypted-Files.txt file on your desktop with a list of all encrypted files on your system.

    If you do, you could either decrypt them, or back up the certificate.

    To decrypt a folder or file, refer to this guide:

    http://windows.microsoft.com/en-in/windows/encrypt-decrypt-folder-file#1TC=windows-7

    Note: This is also applied to Windows 10.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, January 8, 2016 2:24 AM
  • Hi Karen.  Thank you for the info.  Unfortunately it didn't accomplish anything or resolve the pop message asking me to backup the encryption key.

    I ran the command you specified in an administrative command prompt.  It ran for several minutes and completed.  The resulting text file was completely empty.

    Also, upon rebooting my computer I got the prompt again to backup my encryption key.

    Can you answer why this message is popping up?  I have no need, or desire, to encrypt files on this computer and find it disturbing that Windows 10 is doing this.  Since I verified BitLocker is disabled, it must be coming from the Encrypted File System (EFS)?  Except I have not encrypted any files, nor do I particularly even want EFS.  Why is Windows 10 telling me to backup an encryption certificate and key when no such encrypted files exist?

    Friday, January 8, 2016 11:58 PM
  • Hi,

    If you could confirm that you haven't encrypted any file, please navigate to:

    1. Type certmgr.msc into search box, press Enter.

    2. In the certification management window, expand Personal ->Certificates-> There should have entry with EFS intended Purpose, delete that certificate.

    3. Same steps for Trusted People ->Certificates -> entry with EFS intended purpose.

    After that, reboot the computer to check the result.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    • Marked as answer by KHHemmelman Wednesday, January 13, 2016 5:06 AM
    Monday, January 11, 2016 9:36 AM
  • Hi Karen.  Thank you for the info.  I did as you referenced and there was a single Personal Certificate and two Trusted People Certificates.  It's a mystery to me how these got created since I've never used EFS before and have no encrypted files, but I deleted them and now I no longer get prompted to backup the certificate.  Thank you.
    Wednesday, January 13, 2016 5:06 AM
  • Hi,

    I've just had exactly the same problem. Yesterday I tried to access files I use regularly but found they were encrypted. Then this morning I got the "Back up your file encryption certificate and key" pop up.

    The encrypted files are the contents of two folders on an external harddrive. Somehow they became encrypted (not by me!). There was absolutely no way for me access the files even though I had full permissions. I tried everything (including 'cipher' attempts to decrypt them) but had to give up.

    Luckily, I had backups so I deleted the encrypted files and replaced them. I also deleted the 3 certificates which had been mysteriously issued only yesterday.

    However, I'm still very concerned that Windows 10 seemingly encrypted these files randomly, especially because Bitlocker is disabled on all drives. Additionally, I have no viruses or malware.

    Why did this happen?

    What caused it?

    How do I stop it happening again?

    Sunday, August 28, 2016 10:53 AM
  • This happened to me today. First time ever.

    I traced it to a download from a website of a ZIP file that contained a folder for MACOSX, and once extracted, this folder was encrypted.

    You can tell encrypted files by their name being in green in Explorer.


    G H


    • Edited by greenhart Thursday, January 18, 2018 2:34 AM
    Thursday, January 18, 2018 2:33 AM
  • I had this morning this exact same experience. Sudden prompt to back up my encryption key without ever encypting a single thing on this PC.

    I also traced it back to a downloaded ZIP file containing two folders named _MACOSX.

    The extracted folders were then encrypted by Win7 without any input or approval from user.

    Friday, March 2, 2018 6:45 AM
  • I got the exact same prompt from a game that I purchased and digitally downloaded which also contained folders with the  _MACOSX name as well as other files in the main folder. 

    When I went to de-crypt using the method provided above I found that the option to "Encrypt contents to secure data check box" was not even checked.

    Is there another way to turn this off. I don't want to delete the certificates because obviously that will prevent me accessing in the future.

    Monday, March 5, 2018 10:46 PM
  • Game "State of Decay 2". File AppxSignature.p7x install certifictes in certmgr.msc for own files: Personal/Certificates 1. Trusted Personal/Certificates: 2. AppxSignature.p7x file is in the game folder and it's related to the certificates and on the C disk many encrypted game files appear with: cipher / u / n> files.txt . The date of installation of the game also coincides with the date of creation of the certificates.






    • Edited by wyxchari Sunday, October 14, 2018 10:13 AM
    Sunday, October 14, 2018 9:36 AM
  • Blows my mind how much information is in this dialog.  It doesn't say who it's from or what software is the source for the questions, nothing.  It just makes us look like idiots when we encounter it and have to ask Microsoft about it.  And their reply is not one but two stock answers.  They should just put the support manuals online and let us just find the answers ourselves.  Thanks KH for your persistence. 
    Friday, November 9, 2018 3:56 AM
  • I know it's been years since this thread started, but I just installed Microsoft To-Do on my machine.
    Immediately after first startup I get the message shown, asked to backup the certificate and key.

    Ran the command to check for encrypted files on all drives, which is below. Has given me an empty file (zero bytes) in return. So there are no encrypted files on my machine.

    After that I removed the certificates, how is also shown here. Logged off and back on.
    Got no new popup message. Thought was all good.

    Now I just started up Microsoft To-Do again, and in the very same moment I get the EFS message.

    Just to confirm I checked and indeed, the certificates, which I just removed, are back. Just seconds old, being created by Microsoft To-Do, at least in my case.

    So I can only assume, Microsoft To-Do is using encryption on my shopping list etc. and therefore is installing that key. The list itself was created on a smartphone, so maybe that's another reason, why the certificate is needed.

    Ran the cipher command for a third time now, in CMD I see a lot 'Wrong Parameter' messages and some 'Access denied' as files are in use my some app. And the files/app in those cases are Microsoft To-Do, from what I can see from a quick glance.

    Hope this helps, might not be the case for everybody, but at least in my case the reason is Microsoft To-Do.

    Wednesday, January 23, 2019 11:55 AM
  • I can confirm this for Windows 10 Pro. Right after installing To-Do the prompt came up.

    Also running the cipher command does list a lot of files with "Wrong Parameter"

    OS Version:                10.0.17763 N/A Build 17763

    Sunday, February 24, 2019 7:20 PM
  • I also got the same popup after install MS To-Do. When running cipher command as the others did, a whole host of files relating the apps from the MS Store are showing as encrypted. Thou none of them every gave this popup I get with Ms To-do, really weird. 

    Wednesday, May 8, 2019 10:37 AM
  • Yep. Can confirm that State of Decay 2 was a reason for me to see this error and found my way here. 

    But it's always good to run cipher command as stated in this thread to be sure, because in cases of data loses it is not fun to lose actually something important.
    Thursday, April 9, 2020 10:34 AM
  • I had the same prompt while installing the latest Intel Wireless adapter drivers. I ran the scan for encrypted files and it turned out the intel installer uses file encryption for it's temporary files it writes when unpacking the install package. Got a win 10 notification to back up the cert.. uhh.. OK sure..


    • Edited by janodin Sunday, August 9, 2020 2:39 PM
    Friday, August 7, 2020 2:44 AM