SeriousHoax

Still that's not good enough. Maybe we could ignore if it was one or maybe two. But 7 ransomware miss at the time of testing is a huge number. It shows again what the OP suggested that ESET's ransomware shield is very bad and almost not effective at all. ESET needs to improve.

Just a FYI here.
The July cumulative updates are rolling out and a number of Win drivers were updated. The one that caught my eye was usbprint.sys which is the USB printer driver. So it is possible this Eset BSOD issue might be resolved after applying this update.

The blog post is from 2016. So Avast has this for 4 years. BTW, this particular feature on Avast requires MOTW.
Anyway, ESET should take inspiration from Kaspersky's Application Control.

This is common when If Controlled Folder Access of Windows Defender was enabled prior to ESET installation.
Now if ESET has been installed then Windows Defender and it's Controlled Folder Access module should be disabled by now. Restart the system to be sure and everything should be alright now.

The fact is Eset has all the internal mechanisms in place to accomplish this. All they have to do is block the process until LiveGrid black list determination processing has completed. As to the false positive element, I say "to hell with that." Most home users would not be significantly impacted by such process blocking. 
This could be also further refined by adding Trusted Publisher, signing, etc. criteria to Eset Reputation scanner. Failure on reputation coupled with suspected malicious activity should be enough to block until LiveGrid initial scanning is completed.

Avast blog article here: https://blog.avast.com/cybercapture-protection-against-zero-second-attacks .
Detail on configuration options here: https://support.avast.com/en-us/article/54/
Of note is this feature exists even in Avast free version.
Time Eset "get with the program" and offer same like capability for their home use products.

Turn it on. It's not related to ESET, it's smartscreen that's built into the system. It doesn't usually turn off automatically so not sure what happened there. 

We can't change what happened and you're unlucky that a non-authorized seller sold you a pirated license 2 years ago.
Now if you're still reluctant to buy from your local ESET website then you may go to one of the authorized partner by yourself and buy a physical copy of it from there and this time make sure to register the ESET license to your ESET account. An account isn't needed but it lets you see if the license you is being used on a PC or not.
https://www.eset.com/lt/platintojai/

We can't change what happened and you're unlucky that a non-authorized seller sold you a pirated license 2 years ago.
Now if you're still reluctant to buy from your local ESET website then you may go to one of the authorized partner by yourself and buy a physical copy of it from there and this time make sure to register the ESET license to your ESET account. An account isn't needed but it lets you see if the license you is being used on a PC or not.
https://www.eset.com/lt/platintojai/

It's been a slow forum posting weekend and it appears this thread has run its course. We have all had the opportunity to "rant and rave" about Eset Home version protection features we all wished we had and in reality, probably never will have. So it is time to expose this Python POC for what it is - fake ransonware. Err ..... what, you say? The POC encrypted files. Well so does a lot of legit encryption and other apps including user created ones. So lets get into this.
A few years back, the NextGen security software vendors were trying "to get traction" against the established AV vendors with their supposed superior behavior detection methods. Corresponding to this was the appearance a proliferation of ransomware "simulators" where one was encouraged to test their existing AV solution with. The most infamous of these was RanSim produced by KnowBe4: https://www.knowbe4.com/ransomware-simulator . I wrote a thread about the methodology used by this product and similar ones here: https://forum.eset.com/topic/10792-ransomware-simulators-a-detailed-analysis/ . Eset subsequently commented upon Ransim tactics in their own publish article on Eset ransomware protection:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/eset-vs-crypto-ransomware.PDF
So let's get into some details on the POC. First, note this from the POC's author posting about it at malwaretips.com:
Next is why no vendor on Virus Total detected the POC initially and I believe presently. That one is pretty straightforward. The ransomware portion of the POC never ran. The POC pauses program execution waiting for user input to continue. VT's automated sandbox analysis timed out waiting for input it does not respond to.
In summary, I am not 100% ruling out that techniques used in the POC could bypass existing Eset ransomware detection methods. However, a POC must be developed deploying real world ransomware deployment and execution methods with the most important being the program runs uninterrupted and encryption activities performed against all existing files in C:\Users\xxxx\Documents\*, etc. directories.
 

All the ASR are available for Windows Defender too.

You can use FRST to delete that registry entry from windows security integration. Reinstall ESET only after doing so.
hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

You can try scanning by the tool. It will open two logs after scanning then search ESET to check whether it exist.

Ok Live installer it is. Just a synonym but the meaning should be the same. The live installer can still determine the OS and install the full product from online and then install it. Maybe it would be even possible to implement something like multi-threaded download so that the download speed should be fast unlike the in product download speed which is terribly slow for me which is also I mentioned above.
Is 85 mb would be the size of the installer for the whole package? I see that ESET currently downloads around 150 mb during the first update. So if the compressed version in an offline installer is only 85 mb then I think that's not big at all. That's probably the smallest I've seen. Even with my not so good internet it would only take over a minute to download that. Even a 150 mb installer shouldn't be considered huge and many other AVs have a lot larger ones. Also like you said, the live installer's job is to download the product without worrying about OS versions, etc so most people are likely to download the live installer anyway so a 85 mb or even a bit larger optional offline installer is fine and seems more appropriate than the current one.

I'm stating two issues here in one topic.
First, ESET has two types of installers, one is an online installer and the other is offline. But both are totally misleading. The offline installer is merely a 53 mb file which only installs the product but the all the modules data is downloaded after installing. Then the online installer which should do what the name suggests but it doesn't. All it does is downloads that 53 mb installer and install and of course downloads all the modules data after installing. Why even say it an online installer while it's definitely not! Highly misleading. Literally every AV I ever tried, all of their online installer download the whole product including modules and signatures, etc. ESET is the only exceptional one. Same goes for which is supposed to be ESET's offline installer. Almost all AV who still provides an offline installer installs the full product and only download the required new updates after installing unlike ESET. I don't understand! If you want to give users the option for an offline installer then that should contain every modules, updates till the day of creation and for the online installer it must download everything first then install the product.
The second issue is, ESET update downloading speed right after installing is always very slow for me. Most of the time it only use 10-20% of my bandwidth even when there is no other internet activity. I started using ESET when version 12 came out and so far it has always been this way. My internet is already pretty slow so only using 10-20% bandwidth makes the process extremely annoying. Update download speed is always slow I guess but since the daily signature updates are only a few kilobytes, those are not noticeable but the first update is. Why does this happen? Why can't ESET make use of the rest of the free internet bandwidth?

Ok Live installer it is. Just a synonym but the meaning should be the same. The live installer can still determine the OS and install the full product from online and then install it. Maybe it would be even possible to implement something like multi-threaded download so that the download speed should be fast unlike the in product download speed which is terribly slow for me which is also I mentioned above.
Is 85 mb would be the size of the installer for the whole package? I see that ESET currently downloads around 150 mb during the first update. So if the compressed version in an offline installer is only 85 mb then I think that's not big at all. That's probably the smallest I've seen. Even with my not so good internet it would only take over a minute to download that. Even a 150 mb installer shouldn't be considered huge and many other AVs have a lot larger ones. Also like you said, the live installer's job is to download the product without worrying about OS versions, etc so most people are likely to download the live installer anyway so a 85 mb or even a bit larger optional offline installer is fine and seems more appropriate than the current one.

I'm stating two issues here in one topic.
First, ESET has two types of installers, one is an online installer and the other is offline. But both are totally misleading. The offline installer is merely a 53 mb file which only installs the product but the all the modules data is downloaded after installing. Then the online installer which should do what the name suggests but it doesn't. All it does is downloads that 53 mb installer and install and of course downloads all the modules data after installing. Why even say it an online installer while it's definitely not! Highly misleading. Literally every AV I ever tried, all of their online installer download the whole product including modules and signatures, etc. ESET is the only exceptional one. Same goes for which is supposed to be ESET's offline installer. Almost all AV who still provides an offline installer installs the full product and only download the required new updates after installing unlike ESET. I don't understand! If you want to give users the option for an offline installer then that should contain every modules, updates till the day of creation and for the online installer it must download everything first then install the product.
The second issue is, ESET update downloading speed right after installing is always very slow for me. Most of the time it only use 10-20% of my bandwidth even when there is no other internet activity. I started using ESET when version 12 came out and so far it has always been this way. My internet is already pretty slow so only using 10-20% bandwidth makes the process extremely annoying. Update download speed is always slow I guess but since the daily signature updates are only a few kilobytes, those are not noticeable but the first update is. Why does this happen? Why can't ESET make use of the rest of the free internet bandwidth?

This is a great article on how to perform security forensics after a malware attack to determine the source MS Office entity responsible:
https://www.bleepingcomputer.com/news/security/windows-registry-helps-find-malicious-docs-behind-infections/

Actually, there are better ways to deliver script based malware. That is, convert the script to a .exe.
Here's an article on how to do so for a PowerShell script: https://www.ilovefreesoftware.com/19/windows/powershell-to-exe-converter.html . This will also allow me to password protect my script code so Eset can't scan it via hueristics. I then phish the target into entering the password via e-mail etc..
Here's one for .bat scripts: https://www.addictivetips.com/windows-tips/convert-a-bat-script-to-an-exe-on-windows-10/ . Note this runs hidden.
One for .vbs scripts: https://www.snapfiles.com/get/vbstoexe.html
Finally and my favorite, one for Python scripts: https://ourcodeworld.com/articles/read/273/how-to-create-an-executable-exe-from-a-python-script-in-windows-using-pyinstaller . Note that Win AMSI does not scan Python scripts.

One other important point in regards to ransomware protection and any other malware that deploys scripts.
Eset firewall rules need to be created to monitor outbound network traffic done by scripts and other commonly abused processes used by malware developers. Additionally, these firewall rules will serve as a backup mechanism to any like HIPS created rules in the event malware was able to bypass those. A very common technique employed by malware developers to use scripts to connect to their remote C&C servers for the purpose of downloading their malicious payload executable or to stage a remote execution attack. How to create these firewall rules are given here: https://support.eset.com/en/kb6132-configure-firewall-rules-for-eset-endpoint-security-to-protect-against-ransomware .
Finally, Eset best practices recommendations should be reviewed for additional ways to mitigate ransomware: https://support.eset.com/en/kb3433-best-practices-to-protect-against-filecoder-ransomware-malware .

In fact, I provided a proof that on Windows 10 ESET detected and blocked execution of the ransomware and protected the user where the other "free" AV failed. If you have a proof that ESET doesn't protect users well, please provide a proof and support it with logs and other necessary stuff.

Since regasm.exe was used in this Nemty ransomware sample, I will point out that there are more stealthy methods to deploy it for malicious purposes as noted here: https://securelist.com/using-legitimate-tools-to-hide-malicious-code/83074/ . One would be advised to monitor its execution per Mitre's recommendation: https://attack.mitre.org/techniques/T1121/ or at least minimally, monitor via firewall rules any outbound communication from it.

I have long argued that what is need is a "professional" version of Eset consumer products. For example, the above mentioned EES 7.2 aggressive option could be one feature provided. Another I would like to see is more aggressive reputational scanning options such as the ability to alert/block unknown non-system processes and the like. Etc., etc..
To date, this has fallen "on deaf" Eset ears.

It's now detected by ESET : Win32/Filecoder.NZG
In my opinion what needs to be improved is the machine learning and HIPS , but I am not expert like those who program at ESET for sure , also as SeriousHoax said , Application Manager and Reputation(rep is already there) , to be combined with everything , so the AI could try to decide if this app is trying to do malicious things or it's not.
But I could be mistaken , I don't know , but also as ITman said , nothing is 100% safe.

I think learning machine and Ransomware Shield and Hips need to be improved

I did test another one also with no alert from ESET