What to do with stray c9r file in Google Drive root

I found some c9r files in the root of my Google Drive.

So what happened? How could they have been saved there?
And how can I check what the files might contain?


Are you using the Android app and the auto photo upload?

If so, you can find more information here:

No - never used the Android version. I had found this thread, but my situation is different.

I’m using Windows desktop version with Dokany. Also I have a v7 vault from the beginning so I cannot use sanitizer to decrypt

Hmm then I have no idea why the files should end up in the root of the cloud other than the sync client has made a mistake…maybe @infeo has an idea?

Dang, that the issue with the photo upload was also my guess.

I don’t have any idea why there are some stray .c9r files in your google root. Are they reported in the file synchronization history somewhere?

Are you using Google Drive File Stream or Google Backup and Sync?

I’m using Google Backup and Sync.

There are about 12 files since june. With one exception in august (7 files at nearly the same time) there’s only one file per day.

Hard to say what I did then (reboot, wake) after such long time. Is there some moment where the encrypted folders are locked somehow?

I’d say I’ll just keep an eye on it - but it would be helpful to be able to decrypt the files. Any idea?

Edit: I just realized there are also two folders with files that I did’n see on my harddrive, cause new folders will not be synchronized. To my surprise there are files that are owned by another user with whome I share a folder.
So there’s either a bug in Backup and Sync, or they use the root as a last resort if they cannot write to the actual folders and this is caused by Cryptomantor.
if only I could have a look at the decrypted files - what’s the state of the new sanitizer?

Argh - it happened again.

There are files and folders appearing new in Google Drive root, but with older date.

I assume it’s related to Google Backup and Sync, but I cannot imagine what could cause this behaviour. I would need a way to see what the files contain - any news about that?

Sorry to hear that.

We’re currently working on integrating sanitizer into the main app which will be shipped in v1.6.0. Among other things, this will help to know what files you have in the root folder.

Thanks - hopefully it will be released soon.

Hi - will 1.6.0 contain such feature?


Feel free to test it with the available beta version.

1 Like

Thanks! Haven’t seen that in release notes, though. That’s why I’ve asked.

Just installed 1.6.1 - found integrity check, but not how to decode those stray c9r files.

How is it supposed to work?

Ok, i think I need to clear up things here:
You cannot decode a single c9r file with the vault health check.

I’m really sorry that i did not noticed this thread sooner. At the point of time where @SailReal gave you an answer, the vault health check was in a very early state. And a solution for your problem did not find it’s way into the 1.6.0 release.

That said, there is a slim chance that you can still retrieve your data, but it will be a tedious way:
First you have to understand the directory structure of a vault, see Security Architecture — Cryptomator 1.6.0 documentation ff.

A Cryptomator vault ignores all files which do not fit into the vault scheme, that includes files which filename is not linked to the containing directory. Hence, if you known from which vault the files are from, you can copy them into every directory with real content (e.g. all dirs of the form /d/BZ/R4VZSS5PEF7TU3PMFIMON5GJRNBDWA/). When the directory, which formerly contained the stray c9r file, still exists, it will be visible there. If not, well, then there is for now no way to decrypt it without learning to program in Java and use our cryptographic libraries.

If your vault is quite big, scripting will be very helpful.

Hello, maybe someone will find this old thread in the future. I had the same “problem” with c9r files appearing in the root of “My Drive”, tried to recover them without success etc.

It seems to be a “feature” of Google Drive with shared files being deleted by another user. If you own a file and another user deletes it, the file will be deleted for the other user, but not for you as the owner. It will be moved to the root of your “My Drive”. Maybe for the owner to have a backup I don’t know.

If you open the Google Drive website and check the file history for the c9r files in the root you should see different timestamps. An older one for the creation and a newer one for the moving to your root titled “Automatic creation” or something like this.

So there should be no data loss as long as the other user deleted the files with your permission…

1 Like

WTF :flushed:

You’re totally right, I can reproduce exactly what you’re describing.

Peek 2022-04-11 10-27

I will file a bug report on Google’s issue tracker as this behavior makes no sense at all from my point of view. Thank you very much for your research and sharing.