June 19, 2023

Doctor Web has released Dr.Web FixIt! — a new solution for ensuring the information security of PCs running Microsoft Windows.

Dr.Web FixIt! has been designed to diagnose information security incidents remotely and eliminate their consequences. It generates the FixIt! diagnostic utility to detect traces of malware that are present and, based on its report, carries out diagnostics. If malware is detected, the FixIt! curing utility is created to eliminate the consequences of infection.

Unlike products designed to detect already known malicious programs (or programs similar to them) with the help of virus databases, Dr.Web FixIt! detects brand-new malware as well as programs that are used to carry out targeted attacks and cannot be detected by any other tools.

“This service will be useful for specialists whose duties include incident analysis”, says Igor Zdobnov, the head of Doctor Web's virus laboratory. — “Especially when it comes to checking a station to which there is no physical access. The solution consists of a data-collection system, an analytical part involving the creation and application of filters for the required data categories, and mechanisms for ascertaining causes and curing incidents in the user's system. Unlike desktop applications with similar features, Dr.Web FixIt! operates as a web application. Both at the moment of collection and during the analysis process, we use our own developments in the field of cloud computing”.

Initially, the service was designed for internal use by Doctor Web. Its creation began at the initiative of our technical specialists who got tired of sorting out tickets and solving the same problems over and over again for many years. So they got the idea to make a portal in which the company would aggregate all of its knowledge and experience in terms of OS infections, detection algorithms and threat curing.

“There exists a system with OS data”, explains Konstantin Yudin, Doctor Web anti-virus project manager. — Depending on the tasks involved (technical support, virus laboratory, development, research, etc.), the operator selects or creates the slice of data they need to analyse and has the opportunity to cure or correct issues in the system. The value is in the unique filters that identify the necessary slices, infections, problems, anomalies, etc., out of tons of data”.

The target group for the service is teams of information security specialists responsible for security monitoring and incident response (SOC centers). At the same time, Dr.Web FixIt! will be useful for companies whose system administrators lack the qualifications needed to properly analyse computer incidents involving malware activity. Using this solution will allow a business to optimise the costs associated with maintaining technical staff.

The service is licensed per number of tasks. Dr.Web FixIt! is available in packages of 1, 10, 20, 50, or 100 tasks. The Dr.Web FixIt! license period is 1 year.

If necessary, Doctor Web's specialists will help users analyse the data obtained by Dr.Web FixIt! and tell them how to eliminate the consequences of infection. To do this, the user needs to submit a technical support request.