File by file, KIS complained too about it and even offered to roll back the changes that the app did!
View attachment 229574
Meanwhile in ESET-land.....
View attachment 229575
At this point I don't know how much more blatantly ransomware-y this could get. This is pretty much what ransomware fundamentally does.
(F-Secure calls it Trojan:W32/CryptoRansomwareBehavior.B!DeepGuard, leaves behind 1 .encrypted file, but was blocked from deleting the original copy... Even if I disable the "Ransomware Protection" or remove My Documents from the protected directories list, DeepGuard still triggers, suggesting it's more than just blocking any access to My Documents)