How to enable Ransomware Protection in Windows Defender and add custom folders to it
Windows Defender has been gaining a foothold steadily for the past few years. But there is one flaw in the antivirus that ships with Windows 10.
The option for Ransomware Protection is disabled by default even though it is available as a native option since the release of Windows 10 version 1709.
Initially I was bemused by this, but then I thought it is possible that Windows Defender could identify a legitimate application as a threat and block it, which is not something the user would want.
Quite a few third-party anti-ransomware programs exist and they do suffer from false positive issues as well. Check out our reviews of AppCheck AntiRansomware, Acronis Ransomware Protection, TrendMicro Ransombuster, or our overview of Anti-Ransomware software for Windows to get started.
For those unaware, ransomware is one the deadliest form of malware. It silently encrypts your data (pictures, videos, documents are commonly targeted), thus preventing you from accessing them.
It may even lock the bootloader when you reboot/turn off the computer. The malware displays a screen demanding a ransom from the user which usually involves a crypto-currency payment address that you have to send money to.
There is no guarantee that a payment will provide the unlock key required to regain access to files that the ransomware encrypted while it ran on the system. Ransomware attacks are often accompanied by a timer to add another pressure layer to the ransomware demand. Affected users are asked to pay the amount in time as they won't be able to decrypt their files anymore once the timer runs out.
Decryption tools are available for some ransomware types but these are released after an outbreak usually and not available right from the get-go.
Many companies, hospitals, and users fell victim to ransomware already. You may have heard of the ruckus caused world-wide by the WannaCry ransomware back in 2017, and that is just one example of ransomware causing havoc worldwide.
Besides being very cautious when using the computer, there are only a few options to protect against ransomware attacks. Two of the most effective are backups and security software that protects against ransomware.
How to enable Ransomware Protection in Windows Defender
1. Open the Windows Security Dashboard by double-clicking on the Defender taskbar icon (or use the Settings app and select Update & Security > Windows Security).
2. Click on Virus & Threat Protection.
3. Scroll down to Ransomware Protection.
4. Click on Manage Ransomware Protection (click Okay on the UAC pop-up if it is displayed).
5. On the next page, you will find a toggle for Controlled Folder Access. Enable the option. That's it.
Most antivirus programs use behavioral scanning to prevent zero-day attacks (new or unidentified malware). In other words, they monitor your computer's services, applications, anything in the background, for suspicious activity. For example, when an otherwise harmless file tries to gain access to your documents folder to execute a script that encrypt the files in it, Windows Defender will stop the malware to protect your data. It's a sort of intrusion prevention or anti-exploit method.
By default, the Ransomware Protection only covers specific folders. To view the ones that are secured, click on the Protected Folders option. It's just the User folders like Documents, Pictures, Videos, Music, Desktop, Favorites by default.
Tip: Add blocked programs to Controlled Folder Access' whitelist
So, what happens if a ransomware targets files in other folders? The files are affected unless the ransomware is quarantined before it starts to encrypt files on the device. Fortunately, there is a way to secure them.
There is an option on the top of the Protected Folders screen, which says "Add a protected folder". Click on it and choose any folder you want and it will be protected by Windows Defender. The folders can be on any partition or hard drive: they will be secured by the feature.
This method is not completely fool-proof but it's better than nothing. You might want to backup your data to an external drive regularly as well. Don't forget to checkout ConfigureDefender for more control.
Usually we ask you to share what programs you use. This time, I want to ask you something else. Have you ever seen a computer affected by ransomware? How was it dealt with?
Possibly the first useful article from Shaun?
Many previous articles have described how to install an earlier version of Windows, right back to Windows 7, using a download from the MS website.
What is perhaps significant here is that there is seemingly no barrier to installing Windows 10 on a brand new computer shipped with Windows 11: no block set by MS if one could be set.
The first screenshot does, though, show an image that include a reference to the need for a Windows 10 licence: maybe not reflecting the current situation, or maybe the licence is deemed the same?
I have tried win10/11 .. I like the new win11 UI, BUT everything’s in the wrong spot. It should be like windows 7, with the UI of 11. You know how a man can have the most beautiful woman ever, and mess it all up, and wake up and she’s GONE!? Well this very thing MicroSoft has done to windows.
Windows 7, WOW she’s a sexy doll. And MicroSoft turns right around and mess’s everything up.
I know a lot of people online, and they are leaving win10/11 and going back to 7. They say
” I don’t care if Microsoft don’t support windows 7 any more, I’m going to use it”
Am I right that a clean W10 install would wipe the partition on which it is installed?
That would remove all ‘bloatware’ but also any possibly useful device manufacturer’s utilities, so anything wanted would have to be backed up in some way before going ahead?
Best useful article of 2023 just the first day. Thanks @Shaun, keep going on!
It would also probably wipe your OEM partitions as well FYI. In case you decided you wanted to actually go back to Windows 11. Although you could also make a Windows 11 install with the Microsoft creator tool for Win 11. I like both Win 10 & 11 I have no issues with either OS. On a new PC especially some CPU’s with the Intel P& E cores Windows 11 works better with those new CPU’s.
Happy new year. But why to go on windows 11 ? Wait for that, we have almost 3 years to the retirement of win 10 on 2025. Wait and see. If microsoft continues to destroy their os, we have to stay on older versions.
Note: “Only the Professional versions of Windows desktop operating systems include downgrade rights.”
It not quite so simple.
Before attempting a downgrade, I would recommend reading more about “downgrade” rights. Not all OEM licenses from manufacturers will allow the process.
In theory, though, the embedded license is interchangeable. Back to Windows 10 with an ISO, forward to Windows 11 with an ISO at some future date. Like downgrading is going to solve all of one’s problems . . . .
Is Windows 11 THAT bad? Not having issues here; it would be a pointless exercise unless one had an essential program that didn’t run on Windows 11, which would be next to impossible.
A number of factors could be involved that wouldn’t result in a Blue Screen Boot.
Don’t know–drivers, BIOS?. Rather spend time on learning the new system and dealing with difficulties as as they present themselves.
Wouldn’t go there; it’s like upgrading to Windows 11 on a computer that isn’t supported. Possible, but why would one do it?
More screenshots for the courageous with lots of time on their hands:
https://pureinfotech.com/downgrade-windows-11-10/
Move forward.
Thanks for this article.
As the method in this article would wipe/remove user data on the PC, could we also have an article to restore a Windows PC back to Windows 10 while RETAINING data after a user has accidentally updated to Window 11? Forgive me if that has already been posted or I am misunderstanding this.
Also, I suppose it may be useful to make it even clearer that the article is about totally starting over and losing any data on the PC. Yes, it does say it in the article, but… just to be safe in case someone is reading it fast.
>As the method in this article would wipe/remove user data on the PC, could we also have an article to restore a Windows PC back to Windows 10 while RETAINING data after a user has accidentally updated to Window 11?
If a user inadvertently accepts a MS offer to upgrade their Windows version from 10 to 11, or accepts an offer and then regrets having done so, I think that we can assume that *only* Windows itself will be been updated: the disk will not have been wiped, and any user, OEM or other data or partition will be completely unchanged.
However, if a user plans to use the above method to replace Windows 11 by Windows 10, they would be very well advised, in accordance with normal advice, to image their complete drive before before starting, to enable anything that might be required later to be reinstalled..
One does not desire Windows 11. It’s becoming obvious that Microsoft is making an incredibly vain effort to make Windows 11 seem successful. Even while Windows 10 is still fully supported, they stopped licensing OEMs with the ability to downgrade to Windows 10 in October of last year. Consequently, Windows 11 is installed on all recently purchased machines. Because we remove the Windows 11 image and replace it with our Windows 10 image, this is not a major issue. Microsoft place their horrible Windows 11 where the sun doesn’t shine.
This site has become a mass advertisement of windows 11! Daily promotional articles for this OS! Why don’t you post an article about AtlasOS?! Oh yeah, you’re going to delete my opinion again – you’re censoring people’s free expression!
Whether one likes Windows 10 or Windows 11, the point not-to-be-missed here is that Microsoft is working really hard to make Windows a platform for monetized SaaS. Microsoft accounts (preferably with upgraded OneDrive storage), Microsoft 365, etc. etc.
I would absolutely go back to the days of paying Microsoft $80-100, or even $129.99 if they would offer an ad-free, telemetry-free Windows Pro OS that also doesn’t strip the Pro features in order to treat me like a consumer user. And since they will not? I feel perfectly justified in using the Windows Registry, Local Policies, and firewall-PiHole blocking techniques, whatever it takes, to block, strip, or blackhole the ads from their operating system. I already have half a dozen Windows 11 Pro licenses with matching Office 2021 Professional Plus licenses that indicate I’m willing to pay them. I just want them to leave me in peace.
Foolish, you’re basically saying “I am going to keep giving you money despite the sub-par user experience and product you provide, BUT it would be nice if you improved your product anyway”.
That doesn’t work in the real world – Microsoft is acting like this because they simply don’t care about the OS space, they have decided to milk the end users as much as possible.
Use Microsoft products only as much as you are required to, by your workplace, or your clients. Run windows 10/11 in a VM environment and find alternatives where possible. Microsoft’s behaviour in the past how many years has signaled that they are only gonna get worse.
Windows’ “System Image” backup feature has been broken for almost a decade. The only backup software I’ve used that has been able to integrate properly with windows 10 has been Macrium (native windows volume shadow copies, incrementals, easy recovery environment creation, encryption, etc).
Comments are messed up, again. Ghacks isn’t what it used to be…
I heard microsoft is working on windows 12 – should i wait for that? When would THAT be released? I have 3!! incompatible win 10 desktops.
I wonder EXACTLY how many laptops & desktops do NOT meet win 11 requirements!
In the hundreds of millions? Close to a billion?! Imagine how many would need to be recycled(or thrown away in countries not recycling), not necessarily using green power to do it. & to make new ones. My head is spinning.
I sure hope at least win 11 is a lot faster than the sooo slow win 10 file manager & picture viewer.
Windows XP was sooooo fast in those areas.
Microsoft should have come out with some sort of inexpensive device or software that would EASILY MAKE incompatible win 10 pc’s compatible.
Is it only for me or are the commands for configuring VB for macOS all “cut up”? Like it’s literally a screenshot with half the command? I’ve tried multiple browsers what should I do lmao
Thx in advance
Same here! I wasn’t sure if the author of the article is trolling or not
Sadly, this guide is completely useless as-is. The section headed “Enter the following commands, one by one, but adjust the name of the OS you gave it” shows a static JPG image.
Not only can you not copy-paste the text, but worse, the lines have been truncated. It’s not possible to scroll it sideways to see the missing parts, since even the “scrollbar” is part of the static image!