Search Ask Leo!:

YouTube - Patron Perks - Books - Ask - About

Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

If an automated backup might automatically backup malware, shouldn’t I backup manually when I know things are clean?

by

Backing up manually will not give you better options in recovering from malware. In fact, it could easily be worse than an automated system.

In reference to Matt Honan’s problems, I wholeheartedly agree that one
should do frequent backups. However, turning my backups over to an automated
program seems to be a very easy way to back up a virus or a trojan or any other
problem on your system. I would much rather set up a reminder to a do a backup
regularly. At least when I do a backup, I have some sense that my system is
behaving normally at that time.

In this excerpt from
Answercast #49, I look at the idea that backing up manually will prevent
malware from being backed up. It’s just not so.

Become a Patron of Ask Leo! and go ad-free!

Scheduling backups

I disagree with you actually, and I disagree fairly strongly.

  • It’s much too easy to skip doing backups when you have yourself in the
    loop.

  • In other words, when the backups rely on you remembering or reacting to a
    reminder or anything like that.

Backing up viruses

Now, the problem that you are mentioning about backing up Trojans and
viruses and so forth. Yes, it absolutely happens.

  • If you get a virus on Tuesday;

  • Then the backup you take Tuesday night will, in fact, include the virus in
    the backup.

But a proper backup system will let you do something very important and that
is:

  • They will let you restore your machine to the state it was on Monday;

  • Or some time before the infection occurred;

  • Which means that everything that happened on Tuesday is lost.

Yes, if you were doing work on Tuesday, you might lose that. There are still
ways to potentially recover specific pieces of work, but if you recover your
entire system to the state it was on before the virus actually appeared, then
you’ve recovered:

  • You’ve got your machine back without the virus;

  • And all that is quite possible just using an automated backup system that
    does backups every night;

  • Without your needing to think about it.

Automated is better

So, like I said:

  • I strongly disagree with making yourself a critical part of the backup
    process.

  • Backups are simply too important;

And the reason you are insisting being part of the process, I think, is not
an appropriate one. There are ways to recover to positions prior to the viruses
and malware appearing on your system.

You might not notice malware

Again, don’t take this the wrong way, but:

  • Just because you believe a machine is acting appropriately;

  • Doesn’t mean that you aren’t backing up something on your machine that you
    didn’t want;

  • Like malware, or a virus, or a bot, or something else;

And you may not discover it for several days later. So you may in fact
yourself have manually backed up your virus.

Again, the only way to recover from that kind of thing with a proper backup
system is to restore to a backup that was taken prior to the malware
appearing. An automated backup system makes that easy.

Next from Answercast 49 – How do I get my two monitors to display at different maximum resolutions?

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

1 thought on “If an automated backup might automatically backup malware, shouldn’t I backup manually when I know things are clean?”

  1. OK, suppose I inadvertently back up with malware on my computer, then a month later after the malware has been removed, incrementally backup my computer. If I restore the entire computer from the latest incremental backup, will the malware still be gone?

    As always it depends on the backup software you’re using, but a backup image is supposed to represent a snapshot in time. So if on Monday you remove a virus and on Tuesday you backup then the snapshot as of Tuesday would not have the virus. It gets complicated only because with incremental backups you might still be able to restore to the snapshot as of Monday when the virus was present, but as long as you only restore to Tuesday you should restore to a virus-free state. (Or, rather, whatever state your machine was on on Tuesday.)

    Leo
    05-Sep-2012
    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Additional information is available at https://askleo.com/creative-commons-license/.