Today an anti-virus alone cannot provide reliable protection against encryption ransomware.
Doctor Web is entitled to decline a user's request for free data recovery if at the time of the incident:
The target PC ran the anti-virus rather than the comprehensive protection solution*.
Dr.Web had not been updated for more than 24 hours, and the system had not been rebooted after the anti-virus's modules were updated.
Dr.Web was disabled.
An out-of-date version of Dr.Web for Windows was in use when the incident occurred (the current version is 11).
A Dr.Web component, such as SpIDer Guard, Anti-spam, SpIDer Gate or Preventive Protection, was disabled.
The value "Allow" was assigned to the Preventive Protection parameters “Integrity of running applications” and “Integrity of user files”.
The Data Loss Prevention component was neither enabled nor configured.
The user configured Dr.Web to exclude from scanning malware or application files containing vulnerabilities that enabled a malware program to start or perform its tasks.
The user re-installed Dr.Web or the operating system after the incident. Actions of this kind make it impossible to analyse the incident.
The user refused to provide Dr.Web logs to Doctor Web's support engineers or the log provided contains no information about the incident.
The user did not have a valid Dr.Web license.
The petitioner is not a rightful license owner. Doctor Web support engineers can request documented evidence confirming that the user is the rightful owner of the serial number found in the user's request.
* Products that provide comprehensive protection: Dr.Web Security Space, the Dr.Web Premium subscription package, and Dr.Web Desktop Security Suite under the comprehensive protection license.