Viruses and other malware are an unfortunate reality of the modern age. If your phone or computer has fallen prey to it, one of the recommended solutions is to do a factory reset. But will it make your device safe again?
Before discussing the usefulness of a factory reset in the event of a malware infection, it is a good idea to understand what a factory reset entails on a device.
What is a factory reset?
A factory reset is an option present in many modern electronic devices, including computers and smartphones, which allows you to return the operating system (OS) and device drivers to their original state. . It also resets all settings to their default state and removes any programs or files that were not bundled with the device. That said, in the case of computers, you have the option of keeping the files. But if you reset your system to remove viruses, you should delete everything after backing up all critical files.
Interestingly, the factory reset moniker suggests that your device will return to the same state when it was shipped to you or when you bought it. But that’s not always technically true, especially in the case of phones and tablets with an upgraded operating system.
For example, let’s say you try to use the factory reset option on a phone or tablet that has received an upgraded operating system. In this case, your device will revert to a clean install of the current OS on the device, not its original OS. But it will work the same for any malware infection as an actual factory reset would work.
RELATED: Does your computer have a virus? Here’s how to check
Is a factory reset useful for removing viruses?
You can get rid of almost all viruses and other malware by performing a factory reset. By returning the operating system to its original state, factory reset option unintentionally deletes all infected programs or files on your device. It’s the nuclear option, but it works, except in very rare cases.
Every year, viruses become more sophisticated and cybercriminals find new ways to infect unsuspecting devices. So, you may come across Trojans and rootkits that can survive a factory reset, but that’s relatively rare. One such Trojan—xHelper–appeared in 2019. It targeted Android devices and managed to survive factory reset. Luckily, in 2020 the folks at MalwareBytes were able to find a way to remove it.
What if the virus comes back after factory reset?
If your device has been infected with malware that comes back even after a factory reset, you might be dealing with one of the following scenarios:
- Your backup is infected and as soon as you try to restore it to your freshly reset device, the malware jumps onto your device and re-infects it.
- Another possibility is that the malware has invaded your device’s recovery partition. It is a space on your device storage that keeps a clean system image for factory reset option. So, if the recovery partition itself is infected, a factory reset won’t do you any good.
- Rootkits and bootkits could also be responsible for infecting your device. Unfortunately, these are notoriously sophisticated and can evade detection and removal by factory reset.
- Some state-of-the-art malware can sometimes also take refuge in the peripherals of your system, such as Wi-Fi adapters and webcams. Many modern devices have built-in storage to store user settings, and malware can use this to keep a copy of itself. So even if you reset your device, they can come back from the device to your device.
Fortunately, all of this is relatively rare. But if you are dealing with one of these malware, there are some things you can try, or if you are not very technical, you can contact an expert, such as a computer technician.
One of the first things you can try when dealing with malware that continues to survive factory reset is to scan the drive containing your backup. You can connect it to another machine with good antivirus software and scan it. You can also use a rescue disk to thoroughly inspect your device, including the recovery partition, to make sure nothing harmful is lurking there.
If both don’t work, you can completely erase your computer’s SSD or HDD and perform a clean install after destroying all partitions.
While these methods are useful for computers, it is best to contact your device manufacturer if malware is on your mobile device and factory reset is not helpful. The lack of root access on mobile makes it hard to do anything beyond a factory reset. Your device manufacturer will likely be able to completely wipe the storage and flash a new OS image to clear the infection.
RELATED: Can my iPhone or iPad catch a virus?
How to avoid getting viruses again
As they say, prevention is better than cure. So, if you managed to avoid malware infections by performing a factory reset, it’s a good idea to secure your device to avoid getting viruses in the future. One of the best and easiest ways to do this is to keep your device’s operating system and apps updated with the latest updates.
It is also a good idea to only install apps and programs from reputable sources, preferably official app stores. Don’t fall for free games or free apps and install something from an unverified source. However, always be on your guard as even apps from verified sources have been known to “load” viruses by prompting users to download malicious updates from external sources.
As a general rule, avoid clicking on unknown links or opening suspicious attachments in chat messages or emails.
Although all modern operating systems have built-in malware protection, you can also install Malwarebytes to complement your operating system’s security program. It is available for all popular operating systems. Additionally, you can check out our guide to the best antivirus software for more recommendations.
The last resort
Factory reset is a powerful tool and can be useful as a nuclear option if your computer or smartphone has been infected with malware. But it should only be used as a last resort because you will have to reconfigure everything, which takes time. Ultimately, good cyber hygiene and basic security precautions can go a long way toward living a malware-free life.