Do you need another reason to backup your data?
Wednesday, April 7, 2010 at 11:52AM Brian Fine one of our in-house support technicians reported today, but this virus seems to have been around since at least Dec 2008. So it isn’t exactly new but its delivery is. It seems to have found the WIN Antivirus (virus) trojan and is now using it to jump onto your machine although we are not positive this is the case. Brian wrote:
Destructive trojan
For the first time today I encountered the FileError_22001 variant of win antivirus.It corrupts and overwrites all Word, Excel and (apparently) PowerPoint documents on the workstation. The solution from microsquish at this point is to restore from a clean backup.
Notice the file message left in your documents
The best I can tell from some Googling is that the "malware" was yet another trojan downloader. Unfortunately, it's beginning to look like the "payload" program corrupts those files by overwriting - the simple solution is to replace corrupted files with ones from your known clean backups.
I know, I know, it's not something you want to hear - but this (corruption) is why you need to implement a backup strategy. Unfortunately there is no way to prevent this kind of intentional corruption any more than there is a way to prevent sudden hard drive failure.
I found a reference on McAfee’s Community Site (not someplace I would normally go) that sounds like it might be a fix for this error. There is a Catch 22 to this in that if you don’t notice that this is the problem… then you will probably want to clean your machine of the virus before knowing that the files themselves have been encrypted. This response on the site sounds good but we don’t have a system to try it out on. RE- FileError_22001. You will have to search the internet for a site that has the decrypt software because it is not where he states that is in the article. If you do a typical fix on the computer though this will not work because you will have gotten rid of the encryption keys during the clean up process.
My parting thought. Don’t ignore the fact that you need to backup your files, at least the ones you can’t afford to lose. If you treat your computer and its data with the thought in mind that you could lose the content of the system at any time, and you are compulsive in protecting your important information with one or more backups, then losing a system and its data is no big deal. It is a time consuming event to reinstall your applications if you have quite a few, but if you are backing up your data effectively then it is an annoyance not a catastrophe.
Reader Comments (5)
Amen to your comments about making backups! However your explanation about the supposed catch 22 was not entirely clear. Not sure if you are saying that file loss can sometimes be avoided if the threat is detected early enough or what...
No need to clarify, however, because I haven't contracted this particular trojan (yet, luckily). Makes me think however that I really need to invest in an additional external hard drive that I can typically leave disconnected and stored in a secondary geographic location, such as at a relative's home, in case of fire or some actively destructive malware such as this.
Online Backup is the most effective way of preventing data loss. I am using SOS Online Backup (http://www.sosonlinebackup.com) to backup data from multiple PCs (Personal Computer / Laptop) in real time.
Dunno 'bout that. Technically, any backup method that works is equally "effective." Do you have an agenda or any affiliations to that company, Randy? Or are you genuinely sold on it? You may be trying to sell your product by subtly insisting that online is more practical or efficient, but that is not true for everyone. For someone like me, who has over 1 terabyte of data to backup, it is much simpler, faster, and cheaper (and thus smarter) to use a local backup method, such as the RAID 1 drive mirror (genuine real-time data protection) and external hard drive that I currently use.
However, if your SOS Online Backup can offer me 2-5 TB of online storage space for free, and will guaranty that I will have access to it for the rest of my life, sure, I'll bite. Oh yeah, one last thing. To keep me interested, SOS will have to pay any additional charges added to my Comcast bill after I exceed their 150GB-per-month traffic quota limitation.
I have actually thought this through, just a little. Online backup methods may be good for some, but not for all people and situations. Please avoid sweeping generalizations, unless you are intentionally trying to mislead people/sell something.
It goes without saying that backups are important, especially with one of a kind data like digital pictures and videos but of course not just limited to that. I have use both online backup as well as multiple methods of local backup. The biggest downfall of online backup is the initial load and then the time it takes to bring things back especially if you are trying to bring back large chunks of data. Online backup provides a hands off approach that makes it nice for some to set and forget but don't forget to check it out fairly often to make sure that it is performing correctly.
You may want to consider one backup rule that I have seen over and over again in my travels, and that is to have at least two backups of your data and that it is stored in two location on two different types of media. This will provide you a better chance of recovery when you have a disastrous data loss.
Abe, I am not misleading anybody. My View is SOS is very good option for SMB's