Your browser is obsolete!

The page may not load correctly.

The rules of ”basic hygiene”

Правила гигиены

Other issues in this category (98)
  • add to favourites
    Add to Bookmarks

How not to lose your anti-virus

Read: 17802 Comments: 5 Rating: 9

Monday, December 17, 2018

Another complaint from a dissatisfied user:

Drweb missed a Trojan that encrypted all the files it was able to get its hands on.

A request submitted to Doctor Web's Technical Support Service

Our support engineers requested additional information:

The information you have provided is insufficient. Please download the dwsysinfo.exe, utility and run it on the compromised PC to generate a report. Attach the report to your next message.

Further investigation revealed that:

The anti-virus failed to detect the encryption ransomware because the anti-virus wasn't installed on the infected PC. On 11.07.2018 the anti-virus agent had been removed from the computer.

Of course, there was no way to tell who actually uninstalled it, but the fact remains. How could that happen? At least two possibilities exist:

  • Someone who had access to the computer took advantage of the fact that Dr.Web's settings weren't password-protected and removed the software;
  • Someone exploited a vulnerability and/or took advantage of the fact that the remote access features weren't disabled and/or a weak password was being used and ran the installation wizard to delete the Dr.Web software.

#password, #vulnerability, #exploit, #Dr.Web_settings

The Anti-virus Times recommends

  • Set a password to protect the anti-virus's settings—that's easy. Important: different passwords must be used to protect the settings and to access the PC.
  • Lock the screen before leaving your PC.
  • Install all security updates—nobody should be able to sneak into your PC through any loopholes.
  • Disable the features you do not use.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments