by      
Having a great backup plan is a good thing. Having a really bad virus in your backup is not what you planned. Be sure to scan your backup files weekly to find those viruses that slipped by the first time. It is better to know later than to never have known. Just ask anyone that has had their systems breached by a simple virus that was never detected. Not even in the backups!

Detecting a virus in your backup files. 

One thing for sure about viruses, "No one knows them all."

I don't mind you telling me all about your favorite anti-virus programs. I actually like listening (reading) about your experiences. 

I run 3 flavors of antivirus on a scheduled bases and run 2 additional ones when I remember or after each major update. 

Primary is AVG, Security Essentials. 

In this post I'll be adding viruses discovered in my backup files. 

Yes, I did say backup files. Can you imagine keeping a backup that's flooded with viruses? 

This doesn't mean that the virus was installed and running it just means that it was on your drive ready. 

My email server has hundreds in the attachment folder. All those ADP announcements about my $47,000 unclaimed wages. The certificate virus which is very creative tells you the site you are visiting needs to have its certificate updated and offers you the .EXE file to update it for them and for you!

Well, it's a virus and if you did it I'm guessing you don't know yet or you just discovered it. I'll add more details in the Self Installed Virus section. 

My Technical Tip: Delete the backup, scan your computer again and then create a new backup. 

You should be doing this weekly anyway. But, if you haven't and need help setting up a good backup and virus removal plan send me a note with your system details and I'll start the topic just for you. 

Here's my list from the backups I have created 10-08-2012. (4 days ago)

I use ClamAV, Microsoft Security Essentials and AVG. 

How I scan, ClamAV income email, Microsoft Security Essentials active and daily scans, AVG active and daily scans. 

It's important to know that you should not run more than one AV on a single computer. I run these applications on 3 different computers but scan selected folders of each other. Email folders are scanned by more than one AV because that's one of the faster ways of getting a virus.

This list is after my last scan with AVG. So what's listed is what the other two missed. It doesn't mean they didn't find viruses, believe me, they both remove a good share. I find AVG scans within archives better than most so I scan my backups with AVG as my last scan. I also keep backups for 6 months scanning them weekly. This keeps me up to date if something was missed long ago.

  1. ADP_dig_cert.exe = Trojan horse Generic29.BDOV 
  2. Email Attachment EPS09678.zip / EPS09678.exe Win32/Cryptor  
  3. Temp Internet folders PDF.Exploit 

The third one is interesting, I setup a VHD (Virtual Hard Drive) to use as my temporary internet file storage. AVG detected a virus but didn't identify what file other than listing the .vhd file. I'll look into AVG and how it scans VHD files later. But, because I know what was in the VHD it's not a problem. Issue is what type of AV do you run if you are using VHD files. 

 

 

Having a great backup plan is a good thing. Having a really bad virus in your backup is not what you planned. Be sure to scan your backup files weekly to find those viruses that slipped by the first time. It is better to know later than to never have known. Just ask anyone that has had their systems breached by a simple virus that was never detected. Not even in the backups!