Ransomware Shield

This Article Applies to:

Avast Small Business Solutions
Avast Small Office Protection

Ransomware Shield helps secure your personal photos, documents, and other files from being modified, deleted, or encrypted by ransomware attacks. This feature scans for and automatically secures folders that may contain personal data, and allows you to specify which folders you want to protect from untrusted applications. Additionally, you can specify which applications are allowed to modify the files in your folders and which are not.

Note that Ransomware Shield is not a ransomware decryption tool - it is designed to prevent the infection by protecting your files and folders, but it cannot decrypt files already encrypted by ransomware. To get our free ransomware decryption tools, see this Avast page.

Ransomware Shield can be accessed from the Protection section of the client UI.

On the Ransomware Shield screen, you can enable/disable the component, see the existing protected folders and add new ones (see below), and access the advanced settings (gear icon). You can also use the Block or Allow App option to directly access the Blocked & Allowed Apps section of the settings (see Blocked & Allowed Apps below for more information).

Specifying Protected Folders

By default, Ransomware Shield scans for and secures folders where your personal data might be stored (documents, pictures, desktop). To manually add folders to the list, click the Protect New Folder button, select the desired folder(s), then click OK.

Holding the cursor over an existing entry will show the option to Stop protecting.

Clicking the X will open a pop-up dialog to confirm or cancel the action.

If you want to remove several folders from the list, the easier way would be ticking the checkboxes next to those folders, then clicking Stop Protecting.

Configuring Ransomware Shield Settings

Advanced Ransomware Shield settings can be accessed by either clicking the gear icon on the Ransomware Shield screen or navigating to Menu > Settings > Protection > Ransomware Shield.

The following options are available here:

Modes: Choose whether the Ransomware Shield mode is Smart (allows well-known trusted and approved applications to access protected folders, but needs your permission for allowing any untrusted ones) or Strict (allows approved apps and requires your permission for all unapproved ones).
- Clicking the View allowed / blocked apps link will bring you to the Blocked & Allowed apps list (see Blocked & Allowed Apps below).

File types: Choose whether Ransomware Shield secures all file types in protected folders or only those you specify (select from the available options and/or manually add extensions under Additional file types to protect).
- Clicking the View protected folders link will bring you to the Ransomware Shield screen (see Specifying Protected Folders above).

Blocked & Allowed Apps

As previously mentioned, clicking the View allowed / blocked apps link at the bottom of the Modes settings or the Block or Allow App button on the Ransomware Shield screen will bring you to the Menu > Settings > General > Blocked & Allowed apps section of the client UI, used by Ransomware Shield, as well as Webcam Shield, Sensitive Data Shield, and Browser Shield.

Here, you can configure individually each application that will be blocked/allowed and include whichever of the available shields/components. Rules set here will override the general configuration.

Clicking Block App or Allow App will open a dialog where you can either choose an active application directly from the list or click Select app manually to navigate elsewhere on the disk.

Once you select an app, define which shields/features are applied for that app, then click Add.

On the Blocked & Allowed Apps list, you will see the added applications and which components they apply to. You can edit or remove any listed app via its actions menu (three dots).