1. Home
  2. Windows Tips
  3. Enable ransomware protection in windows 10

How To Enable Ransomware Protection In Windows 10

Ransomware is a nasty, evolved form of computer viruses. As the name implies, it’s going to cost you money to undo the damage it does. Ransomware basically locks your files and asks you to send money if you want them back. If you’re a victim of ransomware, you have two choices; pay up, or pay someone to get rid of the ransomware. There’s no option that doesn’t cost you money and neither one guarantees that you will get your files back which is why it’s a good idea to be more proactive about this particular type of threat. Windows Defender has a built-in feature that, if set-up, will enable ransomware protection. Here’s how it works.

You must have Windows Defender enabled for this to work. You cannot just opt to use some features of Windows Defender and not use others. Ransomware protection in Windows Defender doesn’t go by that name. It’s more what the feature does that makes it useful for staying safe from ransomware. Windows Defender lets you lock down folders so that unauthorized apps cannot make changes to it. You will need administrative rights to enable ransomware protection in Windows 10.

Ransomware Protection In Windows 10

Open the Settings app and go to the Update & Security group of settings. Go to the Windows Defender tab, and click the ‘Open Windows Defender Security Center’ button. Alternatively, you can type Windows Defender in Windows search.

Click Virus & Threat Protection on the home screen. Scroll down and click Virus & threat protection settings.

On the Virus and threat protection settings, enable Controlled Folder Access. Once it’s enabled, you need to add protected folders by clicking ‘Protected folders’.

You can add any folder you like. All nested folders inside a folder will be protected.

How It Works

When controlled folder access is enabled, Windows Defender prevents apps from saving files to locations they shouldn’t have access to. A simple example of this is Windows Defender prevented me from saving a file via IrfanView to my desktop. This is because IrfanView really only should have access to the Pictures folder.

This might make you wonder whether you system will be usable if your trusted apps don’t have free reign. Fortunately, controlled folder access has a whitelisting feature that lets you add safe apps to it. These safe apps will be able to access whichever folder it is they want/need to.

To whitelist an app, click the ‘Allow an app through controlled folder access’ option under the ‘Protected folders’ link. Click Add App and select the EXE of the app you want to give full access to.

It’s worth taking the time to add your trusted apps and keep Controlled Access turned on.

2 Comments

  1. Hello, since the 20H2 update to windows (2020) the process for activating the anti-ransomware has changed. IOW, this page needs some updating. Thanks.

  2. While this is a good idea, it’s not a simple set and forget. The number of notifications that I received after changing this setting was interesting to say the least, Kindle, my webcam (which was interesting because I don’t use it) etc.
    Seeing as some software – such as Kindle – is run from the AppData directory structure, so you get notifications when you run them.

    This may also disrupt software/web developers so will require a lot of setup to get your packages to update. This will take a lot of time to sort out and is probably not worth the effort for most people.

    The other option is to just turn it on/off when needed, this will require a little more effort, but is probably the easiest option for those in this situation.