HomeGroup Encryption of Files


  1. Goldfish101
    Posts : 1
    Windows 7
       New #1

    HomeGroup Encryption of Files


    I read somewhere that once a file is encrypted using EFS, it can only be accessed by the Windows login that encrypted the file. Although other users on the same computer might be able to see your files, they will be unable to open them – including Administrators.
    The question I would have is it possible that a virus such as a Crypto type could hacks a pc and use the PCs encryption system via Homegroup, sort of tricking the pc that there is a group when in fact there is only one PC.
    The reason I ask is that my pc has been hacked by a virus and a Homegroup account has been set up along with an Everyone user plus two others which was hidden with files encrypted and file user permissions set up which prove difficult to change. if I undo all the virus set up rubbish and get back to Owner only what will happen the encrypted files.
      My Computer
    Quote Quote

  3. Alejandro85
    Posts : 2,468
    Windows 7 Ultimate x64
       New #2

    EFS doesn't protects at all against those kind of viruses, at all. It's not even designed to do so. The reason of that is included in your own post:

    once a file is encrypted using EFS, it can only be accessed by the Windows login that encrypted the file
    If you encrypt files with your user account, only that account will have the decryption key, so you logically can use the files. Problem is that the vast majority of viruses will also run with your own user account too, as they usually are run though a web site or though a downloaded file. Hence, the virus will also have the very same access as yourself, including the encrypted files (this is also the reason why running with an admin account is so bad, the virus get access to everything).

    The homegroup thing seems to be unrelated to anything like ransomware, it's not needed at all to capture all your data. It could be used however to further spread infection or to create a backdoor for more things to enter or re-infect the affected system.
    That's why the usual recommendation after a system has been found infected is to simply reformat it. It's impossible to know for sure what the malware has been done exactly, and most important how to revert those changes.
      My Computer
    Quote Quote

 

  Related Discussions
Hi everyone I am new to this forum. I have a question: 1. I had some confidential data stored on a partition that is not encrypted. 2. I decided to give away my computer to charity so I deleted this confidential data using a simple delete in Windows 7. 3. After that I formatted the whole...
I have a specific folder that I put certain notepad and wordpad files in. I encrypted only this specific folder (and its subfolders) a few days ago and everything was well. But today after I went and double checked a txt file in the encrypted folder, I found all the files were gibberish and...
biggest encryption std to date+ most power encryption soft ? nowadays I am so much excited about encryption after watching BlackHat 2013 videos and Def Con 19 ,20 can u help me to find out words most powerful encryption software and methods and where to learn it I think doing PHD in...
Got a PC, a netbook and a notebook. The Notebook has XP, the netbook has W7 Start and the PC has W7 Ultimate. Made sure every computer has the same p/w to sign on with. Also the netbook has joined the homegroup on the PC (Start cannot make a homegroup). I think I can share movies, docs and...
How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength This will show you how to change the encryption algorithm and key cipher strength used by BitLocker to encrypt drives in Windows 7.BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 05:45.
Find Us