Hello. I used your product NOD32 in the past, and I heard that a new version has been released recently. I am currently concerned with ransomware protection, so I am very interested in capabilities of the ransomware shield component. I don't want to lose my data to something like bad rabbit :(.
So, I've decided to check if NOD32 is the product that I need. As I understand it, ransomware outbreaks happen because it takes time to add malware signatures to antivirus database, so most antivirus products have good dynamic analysis. I wanted to test how ESET deals with "unknown" ransomware. To do it, I've disabled real-time file system protection and advanced memory scanner, leaving ransomware shield enabled. After that I launched a WannaCry sample, and it successfully encrypted my test files. In my understanding, ransomware shield must have been sufficient to stop a well-known sample. What am I doing wrong? Should I enable some additional settings?
