Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: encrypting system files to prevent malware?

15 Feb 2014   #1

Windows 7 Ultimate x64
encrypting system files to prevent malware?

I just had a thought.
Could the entire file system be encrypted with private keys?
That would mean updates and installs would need to become encrypted.

Then when files are executed, a decryption is needed for them to run.
Malware could not run as it would not have been encrypted by your private key..
So run thru the decrypter, the file is trashed.
Would this be too slow to work?

My System SpecsSystem Spec
15 Feb 2014   #2


Not sure what you envision. If a decryption is required to run, how would you provide the decryption keys for all the thousands of program executions the OS would normally perform?

This doesn't sound like it would necessarily prevent a change to a key'd file, just that it was now a non-key malware file. Sorry if I don't follow.
My System SpecsSystem Spec
15 Feb 2014   #3

Windows 7 Ultimate x64

Everyone would have a private key unknown to anyone else, including the malware.
Means you could not share a program file like an exe or dll to another system unless it was decrypted by you first.
A non keyed malware file could not run as all files that will run must run a decryption event on them.

Malware that rides along installing other programs would have to know your private key to encrypt the addition malware it installs by itself, otherwise the malware installed could not execute as a file.

Not saying any of this would work at all.
My System SpecsSystem Spec

15 Feb 2014   #4

Windows 7 Pro 64 bit

I am sure you are not the first to have this idea. To me it sounds like a good idea on the surface but falls apart when you get into the details. I can see a number of issues but they are not easily described and I will not try.
My System SpecsSystem Spec
17 Feb 2014   #5

Windows 10 Pro (x64)

You know Microsoft was already looking at ways to secure the boot process and the system files from such things. Use of Digital Signatures haven't really taken off like they hopped. Then when trying to secure the boot they used UEFI's SecureBoot method. We saw how that went down. Everyone was in a tizy over nothing. But encrypting the files isn't going to do anything really.

Summary of a Digital Signature:
Create a hash of the source material, use your private key to encrypt the hash.
Send the file and the newly created signature to the recipient.
The recipient creates a hash of the material, then decrypts the signature with your public key.
You use that method to determine if the material was forged or tampered with.
My System SpecsSystem Spec

 encrypting system files to prevent malware?

Thread Tools

Similar help and support threads
Thread Forum
All files encrypted without me encrypting them.
OK, yesterday, a random .exe was found on my desktop (that i never downloaded) and it opened automatically saying that all of my files were encrypted and i needed to click something to remove encryption... Sensing an obvious trojan I decided to shred the file with iobit and everything was fine....
System Security
Encrypting File System (EFS) and temp files
According to Miscrosoft (How to use Encrypting File System (EFS) with Internet Information Services) the following is/was a best practice: "Encrypt the Temp folder (%TEMP%) to ensure that the temporary files that are created by various applications are encrypted" Two questions: (1) Is...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:16.
Twitter Facebook Google+