Dr.Web performs diagnostics of the security of your device and helps resolving the detected problems and vulnerabilities using a special component — . This component is enabled automatically when the application is launched for the first time and after registering the license.
Resolving security problems
Figure 26. List of security problems detected on the device
Dr.Web detects the following categories of security problems: applications with highest priority of SMS processing, hidden device administrators, vulnerabilities and system settings that affect the device security. To view the detailed information on any detected problem and to resolve it, open one of the categories and tap a problem in the list.
Applications with the highest priority of SMS processing
This option is available on devices running Android 4.0-4.3.
This category contains the list of applications installed on the device that have higher priority in SMS processing than Dr.Web. Such applications can block the operation of and , since they are first to process all incoming messages and . Sometimes such applications are malicious and may be harmful for your device.
If you notice that the SMS filtering or Dr.Web Anti-theft does not work properly, try to change the priority settings of the applications in the list, if possible. These applications will disappear from the list of security problems. If you are not sure that these applications are safe, you are recommended to delete them from the device. To delete the application, tap on the screen with the detailed information on the problem related to this application, or use standard OS tools.
Hidden device administrators
Applications that are activated as device administrators but not shown on the list of administrators on the corresponding section of the device settings cannot be deleted by means of the operation system. Most likely, such applications are potentially harmful for your device.
If you do not know why an application is not displayed in the list of device administrators, you are recommended to delete it from the device. To delete the application, tap on the screen with the detailed information on the problem related to this application.
USB debugging and installing applications from unknown sources are the system settings that can affect the security of the device. It is insecure to use conflicting software as well:
• is intended for developers and allows copying data from PC to the device and vice versa, installing the applications on the device, viewing their logs and deleting them in some cases. If you are not developer and do not use the debug mode, you are recommended to turn this mode off. To open the corresponding device settings section, tap on the screen with detailed information on the problem.
• is one of the main reasons devices running Android get infected. Applications downloaded from elsewhere other than the official market (Google Play) are likely to be unsafe and become a threat to device security. To mitigate risks of installing the unsafe applications, you are recommended to disable installation of the applications from unknown sources. To open the corresponding device settings section, tap on the screen with detailed information on the problem. You should also scan for viruses all the applications you install on your device. Before scanning, make sure that Dr.Web virus databases are .
•. Use of conflicting software, including web browsers that are not compatible with URL filter, decreases the security level of your device. While using these browsers you will not be protected against the undesirable and malicious web resources. We recommend that you make one of the following browsers default on your device: Android embedded browser, Google Chrome, Boat Browser, Boat Browser Mini, Yandex.Browser, Opera, Firefox, Adblock Browser, Dolphin Browser and Sputnik.
Vulnerability is a weakness in the source code which allows frauds to impair the correct operation of a system.
Dr.Web detects the following vulnerabilities in the system: Master Key (#8219321), Extra Field (#9695860), Name Length Field (#9950697), Fake ID (#13678484), ObjectInputStream Serialization (CVE-2014-7911), PendingIntent (CVE-2014-8609), Android Installer Hijacking, OpenSSLX509Certificate (CVE-2015-3825), Stagefright and Stagefright 2.0. They allow adding malicious code to some applications, that may result in acquisition of dangerous functions by these applications and damage the device. Dr.Web also detects the Heartbleed vulnerability — an error in OpenSSL, that can be used by fraudsters to access user confidential information.
If one or more of these vulnerabilities are detected on your device, check for operation system updates on the official website of your device manufacturer. Recent versions may have these vulnerabilities fixed. If there are no available updates, install applications only from trusted sources
Applications exploiting Fake ID vulnerability
If applications exploiting Fake ID vulnerability have been detected on the device, they will be displayed in the separate Security Auditor section. These applications can be malicious, therefore you are recommended to delete them. To delete the application, tap on the screen with the detailed information on the problem related to this application, or use standard OS tools.
The device may become vulnerable to different types of threats if it is rooted, i.e. the procedure of rooting has been performed to attain control (known as "root access") over the device system. It results in ability to modify and delete system files, that may potentially damage the device. If you rooted your device yourself, rollback the changes for security reasons. If root access is the integral feature of your device or you need it for your everyday tasks, be extremely cautious when installing applications from the unknown sources.