Lists of frequently asked questions

Dr.Web Anti-virus can not only detect known malicious programs but also block the actions of the latest tools used by hackers. Dr.Web Preventive Protection monitors the requests all running programs make of various system resources and, with the help of special rules, identifies actions that are atypical of legitimate programs. In this case, the message indicates that an attempt was made to inject some code into a running process — legitimate programs rarely act in such a way.

Thus, Dr.Web Anti-virus has blocked hackers from using the computer’s unclosed vulnerability.

To avoid such situations, you need to install all the security updates released by Microsoft to date in the system where the malicious action is being detected. After this, reboot your PC.

You must also ensure that the Dr.Web components are up to date and that the virus databases show today’s date.

To detect threats, in the Dr.Web Preventive Protection settings, select Ask as the action for the option Integrity of running applications, and also enable exploit protection interactive mode.

Contact our technical support. Attach to the request a report from the system in which the anti-virus is installed. To do this, right-click on the Dr.Web icon in the system tray, open Security Center -> Support , click on "Go to Report Wizard", and then click on "Create report". Wait for the report-generation process to complete. A file with a .zip extension is generated—attach it to your request.

The Dr.Web Report Wizard (the dwsysinfo application) is a special Dr.Web utility for collecting system information. The utility generates a zip archive containing event logs, XML documents, the HOSTS file, and other information. The full list of data available in the report can be found here.