Decrypt AIP protected .PFILE media files

Aikidoo 0 Reputation points
2023-11-23T15:04:15.76+00:00

Hi there,

recently I moved some of my media files(mostly images), of which some were EFS (with the Padlock icon) protected, to a new system. When trying to open them, I noticed that most of the files got an additional .PFILE extension and I was unable to open them. The old system was incapable of doing it as well.

After doing some research I tried the Azure Information Protection-Viewer which is associated with PFILES but it did not recognize the file extension for some reason: "This filetyp is not supported" on "my_image.jpg.PFILE"

The posts I found about this topic described a very similar behaviour to mine but were all left more or less unanswered:
https://learn.microsoft.com/en-us/answers/questions/682524/ll-my-files-have-been-encrypted-by-azure-informati
https://learn.microsoft.com/en-us/answers/questions/362644/pictures-are-encrypted-(-pfile)-and-i-cant-open-th

The AIP-Viewer would also only show the files, I want the encryption removed entirely and I cannot accept that windows decided to destroy my files forever just because I moved them.

I do not have a support plan and I never knew about the existence of Azure til now.
It is worth mentioning that the drive I stored the files on was also temporarily Bitlocker encrypted and the new system was Linux based, so I formatted the drives filesystem to LUKS-encrypted Ext4.

Is there a way to retrieve my files? They are very important to me so I would appreciate a final answer on this topic, also guiding others who experience this problem.

Thanks in advance!

Azure Information Protection
Azure Information Protection
An Azure service that is used to control and help secure email, documents, and sensitive data that are shared outside the company.
527 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 29,531 Reputation points Microsoft Employee
    2023-11-27T11:08:02.6366667+00:00

    Hi @Aikidoo ,

    Thanks for reaching out.

    It sounds like the files you moved were encrypted using the Encrypting File System (EFS) feature in Windows. The .PFILE extension is added to the file name when the file is encrypted using EFS.

    To decrypt the files, you will need to have access to the EFS certificate that was used to encrypt the files.

    If you do not have access to the EFS certificate, you will need to try to recover it from a backup. If you are unable to recover the certificate, you will not be able to decrypt the files and they will be permanently lost.

    Thanks,

    Shweta

    0 comments No comments