Microsoft Edge Try Microsoft Edge A fast and secure browser that's designed for Windows 10 Get started

Skip to main content
Microsoft
Microsoft Support
  • Office
  • Windows
  • Surface
  • Xbox
  • Deals
  • Support
      • Windows apps
      • OneDrive
      • Outlook
      • Skype
      • OneNote
      • PCs & tablets
      • Accessories
      • VR & mixed reality
      • Microsoft HoloLens
      • Xbox games
      • PC games
      • Windows digital games
      • Movies & TV
      • Books
      • Microsoft Azure
      • Microsoft Dynamics 365
      • Microsoft 365
      • Cloud platform
      • Enterprise
      • Data platform
      • .NET
      • Visual Studio
      • Windows Dev Center
      • Docs
      • Microsoft Store
      • Free downloads & security
      • Education
      • Store locations
      • Gift cards
    • View all
    0
    Sign in
    Microsoft Support

    Protect your PC from ransomware

    Content provided by Microsoft

    Content provided by Microsoft

    Applies to: Windows 10Windows 7Windows 8.1


    Important

    To help keep your devices safe against ransomware attacks, such as Petya, back up your data regularly, make sure automatic updates are turned on, and your devices are up to date.

     

    • In Windows 10, go to Settings  > Update & Security. You'll see your update status there.
    • In Windows 8.1, go to Settings  > Change PC Settings > Update and recovery. 
    • In Windows 7, go to Control Panel > Windows Update.

    If your update status says that your device is up to date, then you're all set. Otherwise, Microsoft recommends you immediately install Microsoft Security Bulletin MS17-010.

    Ransomware is computer malware that restricts access—or even stops you from using your PC—or encrypts your files. It then tries to force you into paying money (a ransom) to regain access to them.

    Some of the ways you can get infected by ransomware include:

    • Visiting unsafe, suspicious, or fake websites.
    • Opening emails and email attachments that you weren’t expecting or from people you don’t know.
    • Opening malicious or bad links in emails, Facebook, Twitter, and other social media posts, or in instant messenger chats, like Skype.

    You can often recognize a fake email and webpage because they have bad spelling, or just look unusual. Look out for strange spellings of company names (like "PayePal" instead of "PayPal") or unusual spaces, symbols, or punctuation (like "iTunesCustomer Service" instead of "iTunes Customer Service").

    Ransomware can target any PC—whether it’s a home computer, PCs on an enterprise network, or servers used by a government agency.

    How can I help keep my PC secure?


    Whether you’ve just bought a new PC or you’re using the same one you’ve had, there are some ways in which you can try to keep it more secure:

    • Make sure your PC is up to date with the latest version of Windows. Learn more about Windows Update.
    • Turn on Windows Defender Antivirus to help protect you from viruses and malware.
    • Turn on File History if it hasn’t already been turned on by your PC’s manufacturer. Learn more about File History.
    • Back up the content on your PC regularly. Learn more about backing up your files.
    • Take advantage of storage space to maintain two copies of your PC data. Learn more about storage space.

    If you suspect you’ve been infected


    Use antimalware programs, such as Windows Defender Antivirus, whenever you’re concerned your PC might be infected—for example, if you hear about a new malware in the news or you notice odd behavior on your PC. Learn more about Windows Defender Antivirus.

    If you actually get a ransomware infection


    Unfortunately, a ransomware infection doesn’t show itself until you see some type of notification, either in a window, an app, or a full-screen message, demanding money to regain access to your PC or files. These messages often display after encrypting your files.

    Try fully cleaning your PC with Windows Defender Offline. You should do this before you try to recover your files. Also see Backup and Restore in Windows 10 for help on backing up and recovering files for your version of Windows.

    Do not pay any money to recover your files. Even if you were to pay the ransom, there is no guarantee that you will regain access to your PC or files.

    What to do if you already paid


    If you’ve already paid the ransom, immediately contact your bank and your local authorities. If you paid with a credit card, your bank may be able to block the transaction and return your money.

    You can also contact the following government fraud and scam reporting websites:

    • In Australia, go to the SCAMwatch website.
    • In Canada, go to the Canadian Anti-Fraud Centre.
    • In France, go to the Agence nationale de la sécurité des systèmes d'information website.
    • In Germany, go to the Bundesamt für Sicherheit in der Informationstechnik website.
    • In Ireland, go to the An Garda Síochána website.
    • In New Zealand, go to the Consumer Affairs Scams website.
    • In the United Kingdom, go to the Action Fraud website.
    • In the United States, go to the On Guard Online website.

    If your country or region isn't listed here, Microsoft recommends that you contact your country or region's federal police or communications authority.

    For an illustrated overview about ransomware and what you can do to help protect yourself, see The 5Ws and 1H of ransomware. 

    If you're in an enterprise, see the Microsoft Malware Protection Center for in-depth information about ransomware. 


    Last Updated: Jun 28, 2017
    • Email
    • Print
    Thanks! Your feedback will help us improve the support experience.

    Support

    Support

    • Find downloads
    • Account support
    • Supported products list
    • Microsoft Lifecycle Policy

    Security

    Security

    • Safety & Security Center
    • Download Security Essentials
    • Malicious Software Removal Tool

    Contact us

    Contact us

    • Report a support scam
    • Contact Microsoft Support
    • Locate Microsoft addresses worldwide
    This site in other countries/regions
    Algérie - Français
    Argentina - Español
    Australia - English
    Belgique - Français
    België - Nederlands
    Bolivia - Español
    Bosna i Hercegovina - Hrvatski
    Brasil - Português
    Canada - English
    Canada - Français
    Chile - Español
    Colombia - Español
    Costa Rica - Español
    Crna Gora - Srpski
    Danmark - Dansk
    Deutschland - Deutsch
    Dominican Republic - Español
    Ecuador - Español
    Eesti - Eesti
    El Salvador - Español
    España - Español
    Estados Unidos - Español
    France - Français
    Guatemala - Español
    Hong Kong SAR - English
    Hrvatska - Hrvatski
    India - English
    Indonesia (Bahasa) - Bahasa
    Ireland - English
    Italia - Italiano
    Latvija - Latviešu
    Lietuva - Lietuvių
    Luxembourg - Français
    Magyarország - Magyar
    Malaysia - English
    Maroc - Français
    México - Español
    Nederland - Nederlands
    New Zealand - English
    Norge - Bokmål
    Panamá - Español
    Paraguay - Español
    Perú - Español
    Philippines - English
    Polska - Polski
    Portugal - Português
    Puerto Rico - Español
    România - Română
    Schweiz - Deutsch
    Singapore - English
    Slovenija - Slovenščina
    Slovensko - Slovenčina
    South Africa - English
    Srbija - Srpski
    Suisse - Français
    Suomi - Suomi
    Sverige - Svenska
    Tunisie - Français
    Türkiye - Türkçe
    United Kingdom - English
    United States - English
    Uruguay - Español
    Venezuela - Español
    Việt Nam - Tiếng việt
    Ísland - Íslenska
    Österreich - Deutsch
    Česká Republika - Čeština
    Ελλάδα - Ελληνικά
    България - Български
    Казахстан - Русский
    Россия - Русский
    Україна - Українська
    ישראל - עברית
    الإمارات العربية المتحدة - العربية
    المملكة العربية السعودية - العربية
    مصر - العربية
    भारत - हिंदी
    ไทย - ไทย
    中国 - 简体中文
    台灣 - 繁體中文
    日本 - 日本語
    香港特別行政區 - 繁體中文
    대한민국 - 한국어
    English (United States)
    • Terms of use
    • Privacy & cookies
    • Trademarks
    • © Microsoft 2018