Ransomware is a virus that can encrypt the information on a device, make it unusable, and extort money from the owner of the device in exchange for returning the data.
Also, in some ransomware, there is an internal timer, so if the user does not pay within the specified time, the price of data and hardware recovery will be increased, or the data will be deleted forever.
If you work on the same network as your device, you should be more cautious because ransomware is very interesting in spreading. In such a way that if a device is infected in a network, the probability of other devices in the network being infected increases.
In this article, we want to explain how I use Ransomware Protection on Windows 7.
How do I turn on Windows Defender in Windows 7
1. Go to the Start menu.
2. Type Windows Security, in the search bar.
3. Click on Virus & threat protection.
4. Click the Manage settings, under Virus & threat protection settings.
5. Place each switch under Real-time protection and cloud protection so you can turn it on.
How do I turn on Microsoft Defender in Windows 7
1. Click the Start button.
2. Open the Settings button.
3. Click on Update & Security.
4. Go to the Windows Security settings.
5. Click a network profile.
6. Turn on the settings below the Microsoft Defender Firewall.
The best anti-ransomware methods in ESET products
1. Keep Advanced Memory Scanner and Exploit Blocker features active.
These two features are enabled by default in ESET products. These algorithms have been recently developed to protect against malware that tries to anonymize itself or encrypts itself so that Nod 32 antivirus cannot identify them.
2. ESET LiveGrid must be active.
If ESET LiveGrid is disabled, ESET Cloud Protection is also disabled. The ESET Cloud Malware Protection System is a significant feature in detecting new malware. It detects new and unknown programs of all ESET users in the world and analyzes their behavior.
If a suspicious program or malware is detected, the antivirus will prevent it from running.
3. Make sure “Network drives” is enabled in Real-time file system protection.
With the Network Drives Scan feature enabled, the antivirus also scans the files in the network drives and prevents encryption of the drive by ransomware.
4. The Ransomware Shield feature must be enabled
Ransomware Shield is one of the HIPS protection layers. Ransomware Shield is a behavior-based method.
This feature detects and controls programs that try to encrypt files. If a malicious app’s behavior is detected, the app is blocked and stopped running, or if a credential-based scan shows the app is suspicious, the user is encouraged to block or allow it.
Note: For Ransomware Shield to be active, ESET LiveGrid must be enabled.
The best ways to deal with ransomware by the user
In the process of protecting the device against ransomware, in addition to buying and installing the original antivirus, the user must also pay attention to important points when using the device.
1. Make a backup copy of your data
Plan to back up your data at regular intervals and keep the backup on offline storage for 100% ransomware protection.
2. Keep your Windows up to date
The importance of keeping the operating system up-to-date is no less significant than installing an original antivirus.
Operating system manufacturers continuously provide users with security updates to deal with malware, especially ransomware.
So never disable automatic updates. If you do this, be sure to manually update your Windows twice a week.
Note: If you are using Windows 7 and you cannot use Windows 10, you can install the latest version of Node 32 on your device by updating your Windows 7.
3. Do not disable User Account Control
The activation of User Account Control in Windows means that if a suspicious file wants to be executed, you will be asked whether you want to manage the file or not.
4. Close frequently used ports
To prevent brute force attacks by unknown IPs, it is strongly recommended to close or change the SMB, SQL, and RDP ports. There are many ways to lock the ports, it is also easy to lock the port in ESET.
Close file-sharing ports. Ports 135 to 139 and 445. SMB ports should not be exposed to the Internet.
Specify IP addresses for SQL ports and allow only those.
RDP remote ports
To prevent brute force attacks, close the remote desktop RDP port, or use a VPN with two-factor authentication.
Set auto-score for a specified number of failed attempts.
Choose a strong password.
Change unused and default accounts.
Such as administrator, admin, or root Whitelist specific users and groups so they can log in using RDP.
Whitelist specific IP addresses so they can make RDP connections.
In this article, we have explained how to use Windows Defender to protect your information and files in Windows 7 against ransomware.
We also explained the best ways to deal with ransomware for the user.
Don’t worry about your files and information in Windows 7 by doing the above steps.
Have you used these methods to protect your data and information in Windows 7 against ransomware?
What other methods do you know to protect your data in Windows 7 against ransomware?
Share your thoughts and experiences with us.