So maybe your computer is doing something odd, or you have a little warning flash up from your anti-virus software that makes you think, can a hard drive have a virus?
A hard drive can have a virus, it is known as hard drive malware and comes in many forms, usually attached to software or files stored on a hard drive. Hard drive malware cannot damage your hard drive but can disable it.
Hard drive malware can be subtle or can be very malicious and there are different types with different objectives. In this article, we will have a look at the main types, how to detect them, and how to remove them.
What is hard drive malware?
Personally, I think the name hard drive malware is somewhat confusing seeing as most viruses are hard drive viruses because they need to be stored somewhere. With that in mind, I define hard drive malware as affecting an external hard drive.
An internal hard drive is usually a system drive and is connected via SATA or another port that isn’t easily accessible. I consider these viruses as “Computer Viruses” because the drive is intrinsically linked to the computer itself.
An external hard drive is any drive that you can easily plugin and remove from your computer. Typically malware stored on an external drive is not fussy about what type of drive it is stored on so this also includes USB sticks or memory cards etc.
Ok, so we have a definition, and in my opinion, there is some grey area, but moving forwards we will be using an example of an external hard drive as the steps are the same for that as they are for an internal backup drive or a USB stick.
What does hard drive malware do?
Hard Drive malware is a term used to describe any number of viruses that could be stored and run from an external hard drive. There are several types all with their own objectives. Some simply want to make your computer slow, some create endless pop-ups, some scan your computer for credit card information and some hold files hostage this is known as ransomware. The main characteristic of the type of virus that affects hard drives specifically is that it can self replicate and attach itself to other computer files.
Hard drive malware needs to be loaded by the user. This is why it is attached to program files so that when you open that document or program it is launched alongside and can work in the background attaching itself to other files on other drives or even other computers on the network.
You may be wondering what you have to worry about… I often find myself explaining to people the importance of strong passwords and being highly suspicious of any links in your email inbox… It occurs to me that most people aren’t aware of the scope of the damage that a computer virus can do.
When this question arises I encourage people to imagine the worst thing they could theoretically do with access to someone else’s computer if their end goal was to extort them. After a while, they soon come to some pretty terrible ideas, unfortunately, people who know how to make those ideas a reality have done just that and that is the intention of hard drive viruses. Data is king on the internet and they will get as much of it as they can in order to extort you.
Offline these sorts of crimes are highly targeted and are unlikely to affect you unless a very organized crime outfit thinks they can get away with it. Online the game is different, the criminals can use a scattergun approach because using malware is so easy.
How to tell if a hard drive has malware?
There are a few telltale signs if a drive is infected.
- Sluggish read/write speeds and response times.
- The hard drive randomly crashes.
- You are seeing a lot of pop-ups.
- Warning messages.
But some viruses can go completely unnoticed unless you find them first, to do this you will need to scan the hard drive. There are a few essential steps to ensure that this is done effectively.
1. Close all programs, unplug the drive, and reboot.
This will close any host files that the virus is attached to. Remove the drive to ensure the virus cant be relaunched and reboot to clear it out of the system memory.
2. Upon restart, disable autorun.
Autorun is a windows feature that automatically runs software launched from an external drive. Disable this in order to prevent the virus host file from being launched automatically.
hit the windows key, type settings, and press enter. Click on devices and then navigate to autoplay, from there you can disable it.
3. Plug in the drive.
Once autoplay is disabled you can safely plug in the drive. Just be sure not to open any files from the drive.
4. Run a virus scan.
Use your antivirus software to check the hard drive for malicious files. To do this navigate to “My Computer” or “This PC” depending on which windows version you have. Then right-click on the drive and click “scan with (anti-virus software)”.
5. Let the antivirus software do the rest.
If you are using good antivirus software it should be able to take care of the problem pretty easily. Let it do its thing and scan again to make sure any malware has been located and destroyed.
How to remove hard drive malware.
Some hard drive malware can survive a hard drive format, and some can attach themself to bootable files, which can make them very hard to remove.
Once you have established the hard drive has a virus as outlined above the best way is to let your preferred antivirus software do the rest. If your software can detect it, it can usually remove it too.
Failing that, formatting the disk may be necessary but you stand the chance of losing the data, and seeing as the data is infected already it isn’t advisable to back it up or if you do back it up, compress the data and scan it before opening any files.
How to protect your computer against viruses.
The first step is to understand that viruses exist and are completely unbiased. If you have a computer or mobile device then that device is at risk of getting a virus. In fact, you should use your device as if you are expecting to be targeted and to keep things secure.
Before we get to antivirus software let’s look at some stats and see how a virus is likely to find its way to your device.
(graphics courtesy of https://www.safetydetectives.com)
9 out of 10 cyberattacks start with a phishing email. This means that the hackers who want to get malware into your computer are using social engineering to do so by manipulating users through legitimate-looking emails. You may well have seen this email but if in doubt here are a couple of rules to abide
- Never click a link in an email asking you to log in.
- Check the actual sender’s email address, not their name.
- Report any suspicious emails to the legitimate company.
- Never send personal information.
- Never download from emails you aren’t expecting.
So even though you are rigorous in the links you click online it is still worthwhile to have a line of defense on your device to protect you from hackers.
Top Antivirus Software.
I have a few recommendations here. Firstly all of these come with free versions that will do enough to detect if a hard drive has a virus. Secondly, I recommend getting a decent premium antivirus installed on your computer. These are the three programs I recommend based on my own experience, research on testing, and brand confidence.
Panda comes highly recommended across the board. In testing, it detected 100% of the threats hidden on a computer. It has an easy to use interface that simplifies the whole process. The free version will do the job for you but using this link gives you 50% discount… so you can protect everything. I use it on my windows machine and it works very well.
Norton has been a long-standing leader in the world of antivirus. They are the best of the best. The only reason I don’t use them is that I prefer to have slightly more control over the software. However, I do recommend them to friends and family.
Kaspersky is a name you will see on most recommendation lists for antivirus software. It is a good choice for an all-rounder at a reasonable price. With all of these sorts of things, I recommend giving it a try and see which interface you like.
When to get in professional help.
There is one form of hard drive malware that is particularly bad and difficult to get rid of and that is boot sector malware.
These viruses affect the boot sector partition of a hard drive which controls the operating system and file allocation system essentially meaning that the virus has access to all of your data both on the device and on hard drives connected to the device. These viruses are extremely hard to get rid of and usually require a complete rebuild of the boot sector partition, while possible at home is usually better in the hands of a professional who can ensure that the sector is virus-free as this malware can survive a drive format.
Getting a hard drive virus needn’t be the end of the world. If you take measures to protect your computer and take steps to ensure you are aware of how attackers will try and infect your devices then you should be able to keep yourself safe.
If you think a hard drive has a virus hidden on it, use the steps outlined above and take extra care not to infect anything else.
I’ve said it before and I’ll say it again. BACKUP! Always keep a backup whether in the cloud or in a hard drive locked away in a drawer, keep important files backed up and safe!