Defender on Windows 8, 8.1, and 10 should have real-time detection capabilities. I admit, I do prefer other products, but the point is that Defender for Win 8 and above is not really the same beast it was in the past and shouldn't be a works-on-demand-only program. That said, I don't argue when other applications get recommended since I'd rather use something different myself.
Anyway, crypto-ransomware: I agree with roundtop - I don't see this being delivered from the housing portal. Most ransomware variants work from links in malicious emails, some work via ad injection (which wouldn't really come from the page you're visiting, but rather "injected" into a displayed ad... I don't see this being the case with the housing portal, BTW), and there are yet others out there that anyone can read up on. I don't know if I'd dismiss drive-by download attacks based on diminishing prevalence - it's not like that attack method has vanished yet - but at the same time, like roundtop, I'm not ready to accept that it's the case here, not without evidence from the page hosting side at least. In my mind it's more likely that this was simply a time-delayed onset infection, since that is actually a feature found in some of these malware packages (Locker, for example. Or for Mac OS, KeRanger).
I can't rule out a housing portal compromise, but I'd be surprised if that ended up being the case. Even if it was, why a ransomware attack? Why chose that when these attackers successfully compromised a site where they can collect much personally identifiable information - and if an attacker plays their cards right, credit card info - in a way that wouldn't be immediately obvious to the user? Granted, that's easier said than done; for credit cards, PCIDSS may not be perfect, but it is an obstacle that can confound thieves unless they're well versed in attacking payment card systems. Plus, gathering stolen data, whether it includes payment card info or not, doesn't automatically mean you can exfiltrate it without attracting notice. But again, sticking cryptolocker there is sort of like breaking into a bank, then refusing to go after the money in the vault, and instead choosing to slap new passwords on everyone's account so you could demand ransoms for them. You've gotten yourself into the middle of a larger score and you settle for that?
Well, anyway, my 2 cents.