Viruses and other malicious programs are an unfortunate reality of the modern age. If your phone or computer has fallen victim to them, one of the recommended solutions is to do a factory reset. But will it make your device safe again?
Before discussing whether a factory reset is useful in the event of a malware infection, it’s a good idea to understand what a factory reset involves on a device.
What is a factory reset?
A factory reset is an option found on many modern electronic devices, including computers and smartphones, that allows you to revert the operating system (OS) and device drivers to their original state. It also returns all settings to their default state and removes any programs or files that did not come with the device. That said, in the case of computers, you do have the option to keep the files. But if you are rebooting your system to remove viruses, you should remove everything after backing up critical files.
Interestingly, the nickname of factory reset suggests that your device will return to the same state when it was shipped to you or when you bought it. But that’s not always technically true, particularly for phones and tablets that have an updated operating system.
For example, suppose you try to use the factory reset option on a phone or tablet that received an updated operating system. In that case, your device will revert to a fresh installation of the current operating system on the device, not your original operating system. But it will work the same for any malware infection as a real factory reset would.
RELATED: Does your computer have a virus? Here is how to check
Is a factory reset useful to remove viruses?
You can get rid of almost all viruses and other malware by doing a factory reset. By returning the operating system to its original state, the factory reset option inadvertently deletes any infected programs or files on your device. It’s the nuclear option, but it works, except in some very rare cases.
Every year, viruses become more sophisticated and cybercriminals find new ways to infect unsuspecting devices. Therefore, you can find Trojans and rootkits that can survive a factory reset, but it is relatively rare. One such Trojan, xHelper, emerged in 2019. It targeted Android devices and managed to survive factory reset. Fortunately, by 2020, the folks at MalwareBytes were able to find a way to remove it.
What if the virus comes back after factory reset?
If your device has been infected with malware that keeps coming back even after a factory reset, there is a chance that you are dealing with one of the following scenarios:
- Your backup is infected, and as soon as you try to restore it to your newly rebooted device, the malware jumps onto your device and infects it again.
- Another possibility is that malware has invaded the recovery partition of your device. It is a space in your device storage that keeps a clean image of the system for the factory reset option. So if the recovery partition is infected, a factory reset won’t do you much good.
- Rootkits and bootkits could also be responsible for the infection on your device. Unfortunately, these are notoriously sophisticated and can evade detection and removal via factory reset.
- Sometimes some latest generation malware can also take refuge in your system peripherals like Wi-Fi adapters and webcams. Many modern peripherals have built-in storage to store user settings, which malware can use to keep a copy of itself. So even if you restart your device, they can go back from the peripheral to your device.
Fortunately, all of these are relatively rare. But if you’re dealing with one of those malware, there are a few things you can try, or if you’re not very technically inclined, you can contact an expert, such as a computer technician.
One of the first things you can try while dealing with malware that still survives the factory reset is to scan the drive that contains your backup. You can connect it to another machine with good antivirus software and scan it. You can also use a rescue disk to thoroughly inspect your device, including the recovery partition, to make sure nothing nefarious is hiding there.
If neither works, you can completely erase your computer’s SSD or HDD and do a clean install after destroying all partitions.
While these methods are useful for computers, it’s best to contact your device manufacturer if malware is on your mobile device and a factory reset isn’t helpful. The lack of root access on the mobile makes it difficult to do anything other than a factory reset. Your device manufacturer may be able to wipe the storage completely and flash a new OS image to remove the infection.
RELATED: Can my iPhone or iPad get a virus?
How to avoid getting viruses again
As they say, prevention is better than cure. So, if you have managed to protect yourself from malware infection by doing a factory reset, it is a good idea to secure your device to prevent it from getting infected with viruses in the future. One of the best and easiest ways to accomplish this is to keep your device’s operating system and apps up to date with the latest updates.
It’s also a good idea to only install apps and programs from reputable sources, preferably the official app stores. Don’t fall for free games or free apps and install something from an unverified source. However, always be on your guard, because even apps from verified sources are notorious for “uploading” viruses by prompting users to download malicious updates from external sources.
As a general rule, avoid clicking on unknown links or opening suspicious attachments in chat messages or emails.
While all modern operating systems have built-in malware protection, you can also install Malwarebytes to complement your operating system’s security program. It is available for all popular operating systems. Also, you can check out our guide to the best antivirus software for more recommendations.
THE LAST RESORT
Factory reset is a powerful tool and can be useful as a nuclear option if your computer or smartphone has been infected with malware. But it should only be used as a last resort because you will have to set everything up again which is time consuming. In the end, good cyber hygiene and basic security precautions can go a long way toward living a malware-free life.