Users may be unable to access (decrypt) encrypted data if certain files are encrypted using the EFS (Encrypting File System) feature of Windows in conjunction with the TPM (Trusted Platform Module) encryption service. In some circumstances this may also prevent users from being able to log on to Windows.

When setting up the TPM encryption service, an "Infineon" folder will be created in the following places:

C:\Documents and Settings\Administrator\Application Data\Infineon

C:\Documents and Settings\All Users\Application Data\Infineon

C:\Documents and Settings\<User_name>\Application Data\Infineon

Note: The "Application Data" folders are designated as System Folders by default and thus are not normally visible.

To avoid the problem of being unable to decrypt the encrypted data, care should be taken not to encrypt the Infineon folders (as listed above) where the key data to access the TPM is stored.

An updated module has been released which prevents encryption of the Infineon folder. It is available for download from

Toshiba's Online Support site: http://pcsupport.toshiba.com.

Direct file download link: http://df.toshiba.com/itpm_v17.exe

Caution regarding Emergency Recovery Files:

Emergency recovery files as listed below will be used for emergency recovery process. Care should be taken not to encrypt the files listed below. It is strongly recommended that backups are separately created on external media.

SpEmRecToken.xml (Emergency Recovery Token File)

SpEmRecArchive.xml (Emergency Recovery Archive File)

SpBackupArchive.xml (User Backup File)

Background Information:

When a user installs the TPM software, a file containing key information unique to a user is stored in the C: drive in one or more of the locations listed above. The key information is needed in order to decrypt the user's encrypted data. However, if the key information itself in the C: drive is encrypted (together with other data), the TPM system will be unable to use it to decrypt the encrypted data.

When using the EFS (Encrypting File System) feature of Windows XP to encrypt a folder, the default action is to also encrypt the subfolders and files below the current folder. If the "Documents and Settings" folder is encrypted, and the subfolders and files are processed (as they would be by default), then the "Infineon" folders will also be encrypted, causing the key information to be changed and all encrypted data on the system to become unreadable.