How to protect your PC from ransomware with Windows built-in protection

Ransomware — malware that prevents you from accessing your files unless you pay the hacker who infected your computer — has been a problem plaguing computer users and businesses for years. Given its prevalence and the fact that a ransomware infection can lead to the loss of valuable files such as documents or family photos, it is a good idea to make sure you are protected. Starting with Windows 10, Microsoft has added features to built-in Windows security software that can help protect your computer from ransomware.

When it comes to ransomware, there are two levels of Windows security. The first consists of malware scans, which are enabled by default and you can read more about this here. While this will work to prevent ransomware from being installed on your computer, as a piece of malware is doing manage to slip past, the scans cannot protect your files.

The second level is Windows ransomware protection, which you must manually enable. Before you do this though, it’s worth noting that this feature isn’t enabled by default for some reason. It works by allowing only approved apps to make changes to your files – which in theory prevents ransomware from encrypting and locking them. However, this can cause problems with apps that don’t expect it, so you may need to troubleshoot every now and then if you have ransomware protection enabled.

As a result, it’s worth bearing in mind that there will likely be some tinkering with this process as we discuss how to enable ransomware protection.

Enable Ransomware Protection

Windows built-in ransomware protection is included in the security app. To get there, search for “Windows Security” in the start menu or go to “Settings” > “Privacy and Security” > “Windows Security”.

Once you’re in Windows Security, go to “Virus & Threat Protection” by clicking the tile or button in the sidebar on the left.

To enable ransomware protection, go to “Virus & Threat Protection” and click “Manage Ransomware Protection”.

Click the “Manage Ransomware Protection” link to go to the Ransomware Protection page.

From there, you can enable a feature called “Controlled Folder Access”, which prevents unapproved apps from making changes to your documents, pictures, videos, or music folders.

Enabling the “Controlled Folder Access” feature prevents unauthorized apps from making changes to files in certain protected folders.

Customize controlled folder access

Once you enable Controlled Folder Access, you will see three more control panes: ‘Block History’, ‘Secure Folders’ and ‘Allow an app through Controlled Folder Access’. By default, Controlled Folder Access only allows a list of approved apps to make changes to files in the Documents, Pictures, Videos, and Music folders on your computer. These apps allow you to customize how the system works.

For example, you can add other folders that you want to protect from the ‘Secure Folders’ screen and manage which apps are allowed to make changes to protected folders from the ‘Allow an app through controlled folder access’ screen.

Here’s what you can do.

The “Ransomware Protection” panel.

Block history

According to a statement on a Windows security page, apps “marked as friendly by Microsoft” are always allowed to make changes to your protected folders, but that doesn’t mean that every app you want to use will be allowed by default. If you see a weird error after enabling Controlled Folder Access (a common error I found during testing was the “This file could not be found” message when trying to save a file), you may want to ” Block history” to see if Windows security prevented that app from making changes.

The block history screen shows which apps have attempted to write to protected folders.

With “Block History” you can see which app has been blocked and which folder it tried to write to. If it’s the app you’ve been having issues with, you’ll want to add it to the list of programs that can make changes. (We’ll cover how to do that in a moment.)

An example of the types of errors you may encounter: The FireFox download screen said the file I was trying to save could not be found.

Secure Folders

If you want to protect additional folders from ransomware, such as your desktop folder (which is not protected by default), you can select “Secure Folders” and click the “Add a protected folder” button.

Adding a folder to the Protected Folders list prevents apps from writing to it without permission.

From there, you can navigate to the folder you want to protect and click the “Select Folder” button.

Choose the folder you want to protect and then click the “Select Folder” button.

You can remove protection from custom folders (but not the default folders) by returning to the “Secure Folders” screen, clicking the folder you added, and clicking the Remove button.

Allow an app through controlled folder access

If you’re having trouble using an app and want to add it to the list of allowed apps, go back to the Ransomware Protection page and select “Allow an app through controlled folder access.”

After clicking the “Add an allowed app” button, you can click “Recently Blocked Apps” to see a list of the apps that have recently tried to write to your protected folders.

Clicking “Recently Blocked Apps” will list the apps that have attempted to make changes to your files.

You then click on the plus button next to the name to unblock it.

Clicking the plus button next to an app’s name can make changes to files in your protected folders.

While you only have to do this process once per app, it can be frustrating. You can disable ransomware protection at any time, but if you think you are at high risk of infection and have no backups, think twice before doing so.

Additional ways to protect yourself

While Windows’ ransomware protection is a powerful built-in tool, relying on it as your only defense is probably not a good idea – as with all anti-malware systems, it should be treated as a safety net rather than your first line of defense. Here are some things you can do to avoid getting a ransomware infection and make sure your data is safe even if the worst were to happen.

Be careful online

As with any malware, ransomware can spread in various ways, such as attaching to phishing emails, exploiting vulnerabilities in outdated software, or pretending to be a really useful program. When you’re online, it’s important to stay vigilant – if someone tries to get you to download a program from an untrusted source that seems too good to be true, use extreme caution.

It is also important to check the extensions of files you receive. If someone claims that an attachment is a document, but has an .exe or .msi extension, that file is probably dangerous. If you can’t see the extension of the file yet, you can right click on it and then click on ‘Properties’. Windows will tell you what kind of file it is next to the “File type” heading.

Microsoft’s guide to protecting yourself from ransomware lists a few things that could lead to your computer being infected:

Visiting unsafe, suspicious or fake websites.

Open file attachments you didn’t expect or from people you don’t know.

Opening malicious or bad links in emails, Facebook, Twitter and other social media posts, or in instant messenger or text chats.

Keep your software up to date

It’s also important to make sure your operating system and any software you use regularly have the latest security patches. Most browsers update themselves automatically, and Windows usually also installs updates as they become available. To manually check for updates, go to “Settings” > “Windows Update” and click the “Check for Updates” button.

You can update any apps installed through Windows’ built-in store by going to the Microsoft Store app, clicking the “Library” button in the lower-left corner, and then clicking the “Get Updates” button to check available updates. find. You can also click the “Update” button on individual apps or the “Update All” button at the top of the page.

Provide backups

While using ransomware protection and safe browsing habits can help protect you, no system is perfect. It is important to have the files backed up on your computer so that you do not lose your most valuable photos, videos or documents if you do get infected by ransomware. Backups can also ensure that you don’t lose data if your computer is physically damaged, lost, or stolen.

You can read our guide on how to back up your computer here. If possible, it is best to have two different forms of backup: one local and one in the cloud. However, having some form of backup is much better than having none at all.

What to do if your computer is infected with ransomware

If all your protections have failed and you discover that your computer is infected with ransomware, there are three important steps to take:

  1. Disconnect your computer from Wi-Fi or Ethernet — some ransomware can spread to other computers connected to your network, and it’s important to limit the damage.
  2. Don’t pay the ransom – this may be illegal depending on where the hackers are trying to extort you, and paying will not guarantee that you actually get access to your files.
  3. Do not connect your backups if you have them – the ransomware will most likely try to destroy those files as well.

Microsoft recommends trying to run a full scan of your computer with Windows Security. (Another good app to try is Malwarebytes, which is known for its ability to remove malware from a computer and is free for personal use.) If neither of those work, you may need to completely reset your PC.

Finally, if you are not sure that you can remove the ransomware yourself, take your computer to a professional. It is best to make sure it is completely clean before attempting to restore your backups.

Frank Broholm had acquired considerable experience in writing and editing publications before recruited by The Media Today Chronicle News portal as Editorial Manager. His key task is to conduct effective business reviews based on the most recent business…