Today an anti-virus alone cannot provide reliable protection against encryption ransomware.
Doctor Web is entitled to decline a user's request for free data recovery if at the time of the incident:
The PC on which the incident occurred had the Anti-virus installed on it rather than the Comprehensive Protection solution*.
Either Dr.Web was not updated with the default settings or the system was not rebooted after the anti-virus's modules were updated.
Dr.Web was disabled.
An outdated Dr.Web for Windows version was in use when the incident occurred.
One of Dr.Web’s components was disabled.
In the Behavior Analysis section of the Preventive Protection settings, the Allow action was selected for the Integrity of running applications item and/or the Ransomware Protection module was disabled (in versions below 12.0, in the Preventive Protection settings, the Allow action was selected for the Integrity of running applications and Integrity of user files items).
The user made changes to the settings that instructed Dr.Web not to scan the files of a malware program or an application containing vulnerabilities. This enabled a malware program to become activated or perform actions.
After the incident, the user re-installed Dr.Web or the operating system. Such actions make it impossible for the incident to be analysed.
Either the user refused to provide Dr.Web logs to Doctor Web's support engineers or the log provided contains no information about the incident.
The user did not have a valid Dr.Web license.
The petitioner is not the rightful license owner. Doctor Web support engineers have the right to request documented evidence confirming that the user is the rightful owner of the serial number indicated in the user's request.
* Products that provide comprehensive protection: Dr.Web Security Space, the Dr.Web Premium subscription package, and Dr.Web Desktop Security Suite under the Comprehensive Protection license.