Data Doctors: Infected backup better than no backup - East Valley Tribune: Business

Data Doctors: Infected backup better than no backup

Print
Font Size:
Default font size
Larger font size

Posted: Friday, December 25, 2009 2:48 pm | Updated: 12:33 am, Sat Oct 8, 2011.

Q. I'm pretty sure a horrific virus infected the hard drive on my wife's computer. We need to have some way to back up our information, and I'm wondering if a similar virus would infect an external hard drive. - Stephen

Q. I'm pretty sure a horrific virus infected the hard drive on my wife's computer. We need to have some way to back up our information, and I'm wondering if a similar virus would infect an external hard drive. - Stephen

A. Virus infections and backups are two of the more misunderstood processes in the world of computers and understandably fall into the "smoke and mirrors" category for many.

I think I understand your question, which is "if I back up an infected computer, won't the infection also be on the backup system?"

Most of today's malicious code attacks the average computer in one of three areas: the operating system, software programs or data files.

The Windows operating system is the most attacked because it is the most widely used; Internet Explorer, Mozilla's Firefox and Adobe's Reader programs are amongst the most widely attacked (at the moment); and Microsoft Office files tend to be the most targeted data types.

When you execute a typical backup, you only back up (or copy) the data files. So if your computer is infected with code that attacks a specific program, then the virus won't transfer unless you are copying that program over as well.

Viruses that attack the operating system can include an element that will try to attach itself to any other data device, such as a hard drive or flash card. In these cases, simply connecting and/or accessing any storage device can allow the strains to spread and infect those devices.

The good news is that these types of "boot sector" viruses are much less prevalent in today's computing.

Data infectors are also in the minority these days because most of the focus for the very sophisticated cyber-gangs is Internet-based applications such as browsers and operating systems that can spread their infection to other computers on the Internet.

The real focus should be on your data, which is actually what you care about; operating systems and programs can be reinstalled from the original discs, but your data is unique to you.

The thing to keep in mind is that any backup, even an infected one, is better than no backup. You can always disinfect the backed-up files individually or disinfect an entire external hard drive, especially if you know what kind of infection you might have.

Knowing how a specific virus infects a computer and attempts to spread makes it much easier to know how best to go about disinfecting any data that you have backed up. For instance, if you know that you have been infected by a file infector, you can simply scan and clean your external drive once you have disinfected your primary hard drive (usually the C: drive).

Up-to-date anti-virus and anti-spyware software are a critical part of this process so that you can automatically block any automated attempts to infect your computer from your backup. If your anti-virus program has the ability to detect and clean a virus, then it will also have the ability to block any automatic attempts to infect you when you plug in your backup drive.

So based on what little I know of your situation, here is a basic plan of attack:

Step 1: Back up everything that you care about (data, pictures, music, video, favorites, address books, etc.) to an external hard drive or online backup service.

Step 2: Disconnect the backup unit, then go through the disinfection process on your primary hard drive (the steps will vary based on what your system is infected with).

Step 3: Once you have verified that your primary drive is clean and that none of your critical data were corrupted as a result of the cleanup, you have two choices: run through the same cleanup procedure on the external drive or wipe it clean and do a new backup of your clean system. If you are using an online backup service, deleting the infected files from your backup and backing them up again is the most efficient.

If program or operating system files become corrupted by the disinfection, then reinstalling those items from your original discs will put you back in business. HOWEVER, if your data files become corrupted as a result of the disinfection, don't perform the same cleanup on your backup drive. Consult a professional.

If all of this sounds too complicated, do yourself a favor and keep your security software up-to-date and keep a regular backup going with redundancy and validation. If that sounds too complicated, consult a professional.

Ken Colburn is president of Data Doctors Computer Services and host of the "Computer Corner" radio show, which can be heard at noon Saturdays on 92.3 KTAR-FM or at www.datadoctors.com/radio. Readers may send questions to evtrib@datadoctors.com.

  • Discuss

EVT Ice Bucket Challenge

The East Valley Tribune accepts the Ice Bucket Challenge.

'EV Women in Business'

A PDF of the Tribune special section, featuring a mix of sponsored content from our loyal advertisers and newsroom coverage of the East Valley business community.

Your Az Jobs