We show you how to use the default Controlled Access Folder in Windows 10 to help prevent the ransomware from encrypting your files.
Ransomware is malicious malware that installs itself on your computer, encrypts your documents and other important files and demands a ransom – usually a Bitcoin payment – if you want to get a ‘key’ to decrypt your files again.
But it is never a good idea to pay a ransom because there is no guarantee that you will receive anything from hackers.
That is why it is very important in this day and age to take precautions to protect your important files from this type of attack. Windows 10 has the tools to do this, but it isn’t activated by default.
It should be noted that if you have installed some antivirus software that replaces Windows Defender – Windows 10 antivirus software itself – then you will not be able to use the method shown here: instead, your own antivirus software must protect you. However, this is usually a case similar to having to manually activate ransomware protection by telling your software which folder to protect, so don’t assume it works for you.
As you will see below, this is a little default to set Windows 10 protection yourself so you might prefer to use the ransomware protection offered by Norton 360 Deluxe or Bitdefender Total Security, two antivirus packages that we highly recommend.
- Get a 62% discount on Norton 360 Deluxe
- Get a 50% discount from Bitdefender Total Security
If you don’t want to pay for antivirus and use Windows Defender, there are two things you need to set up: Controlled Folder Access and – to get the best protection – OneDrive backup.
How to use Controlled Folder Access in Windows 10
In the desktop search box, type Security. Click Windows Security to open the application. Now click on Virus & Threat Protection.
Scroll down until you find Ransomware protection and click Manage ransomware protection.
Click the switch to activate the controlled access folder and then click the Protected Folder link.
By default all user folders are added to lists such as Documents, Pictures, Videos and Windows system folders. But if you save the file in another folder, just click Add protected folder and navigate to the folder that you want to protect.
When you add everything, click the back arrow and scroll down to see Ransomware data recovery.
If you have not logged into OneDrive, you will see a ‘Enter OneDrive’ button. Click that, and in the pop-up window enter your e-mail address and password and log in to your Microsoft account.
This option does not automatically make a file copy of the folder in your Controlled Folder Access list. However, OneDrive can automatically copy new files that you create on your Desktop, plus those in your Documents and Pictures folder if you enable folder protection.
To do this, click the OneDrive icon in the notification area to the left of the clock in the Windows 10. Taskbar. Click Other, then Settings.
This will open a new window where you need to click on the Backup tab. Click Manage backup, then Start backup.
In the same tab you can choose to back up photos and videos stored on the device that you connect to your PC or laptop automatically, and separate options for backing up screenshots you take in Windows.
Remember that OneDrive is not a backup: this is a file synchronization system that makes your files available on any device. So if you delete a file from the synchronized folder, it will be deleted from your OneDrive folder. But it makes your files safe from ransomware.
Allows applications and games to access controlled folders in Windows
Now that you’ve done all of this, you might find that some applications and games don’t work properly because you stopped it from changing any file in the controlled folder. To allow them to access the folder, return to the Windows Security application and the Virus & threats protection screen.
Click Manage ransomware protection and then on Allow applications via Controlled folder access.
Click Add permitted applications and then on the Application you just blocked. Hopefully this will display an application) that doesn’t work properly and you can add it to the exceptions list.
If not, select the Browse all apps option, navigate to where the application’s executable file is located. You might need to search online if you can’t find it.
After it’s done, you have successfully activated the Windows 10 ransomware protection.
Learn more about ransomware and what you might be able to do if your PC has been infected.