Does a Factory Reset Remove Viruses?

Pavel Ignatov/Shutterstock.com
Viruses and other malware are an unfortunate reality of the modern age. If your phone or computer has fallen prey to them, one of the recommended solutions is doing a factory reset. But will it make your device safe again?
Before we discuss whether a factory reset is helpful in case of a malware infection, it’s a good idea to understand what a factory reset entails on a device.

What Is a Factory Reset?

A factory reset is an option found in many modern electronic devices, including computers and smartphones, that allows you to revert the device’s operating system (OS) and drivers to their original state. It also returns all settings to their default state and removes any programs or files that didn’t come with the device. That said, in the case of computers, you get the option to keep the files. But if you are resetting your system to remove viruses, you should delete everything after backing up any critical files.

Interestingly, the factory reset moniker suggests your device will return to the same state when it was shipped to you or when you bought it. But that isn’t always technically true, particularly in the case of phones and tablets that have gotten an upgraded operating system.
For example, suppose you attempt to use the factory reset option on a phone or tablet that has received an upgraded OS. In that case, your device will return to a fresh install of the current OS on the device, not its original operating system. But it’ll work the same way for any malware infection as an actual factory reset would work.
RELATED: Does Your Computer Have a Virus? Here’s How to Check
Is a Factory Reset Helpful in Removing Viruses?
You can get rid of pretty much all viruses and other malware by doing a factory reset. By returning the OS to its original state, the factory reset option unwittingly removes any infected programs or files on your device. It’s the nuclear option, but it works, except in some very rare cases.

Each year, viruses become more sophisticated, and cybercriminals are finding new ways to infect unsuspecting devices. So, you may encounter trojans and rootkits that can survive a factory reset, but it’s relatively rare. One such trojan—xHelper–emerged in 2019. It targeted Android devices and was successful at surviving the factory reset. Fortunately, by 2020, the folks at MalwareBytes were able to find a way to remove it.
What If the Virus Returns After Factory Reset?

If your device has been infected with malware that keeps coming back even after a factory reset, there is a possibility you are dealing with one of the following scenarios:

Your backup is infected, and as soon as you try to restore it to your freshly reset device, the malware jumps to your device and reinfects it.
Another possibility is that the malware has invaded your device’s recovery partition. It’s a space on your device storage that keeps a clean system image for the factory reset option. So if the recovery partition itself is infected, a factory reset will not do you much good.
Rootkits and bootkits could also be responsible for the infection in your device. Unfortunately, these are notoriously sophisticated and can evade detection and removal by factory reset.
Some state-of-the-art malware can sometimes also take shelter in your system’s peripherals, like Wi-Fi adapters and webcams. Many modern peripherals have onboard storage to store user settings, and the malware can use it to keep a copy of itself. So even if you reset your device, they can jump back from the peripheral to your device.

Thankfully, all of these are relatively rare. But if you are dealing with one such malware, there are a few things that you can try, or if you are not very technically inclined, you can reach out to an expert, like a computer technician.
One of the first things you can try while dealing with malware that keeps on surviving factory reset is to scan the drive holding your backup. You can connect it to another machine with good antivirus software and scan it. You can also use a rescue disc to thoroughly inspect your device, including the recovery partition, to make sure nothing nefarious is hiding there.
If both don’t work, you can completely wipe your computer’s SSD or HDD and do a clean install after nuking all partitions.
While these methods are useful for computers, it’s best to reach out to your device manufacturer if the malware is in your mobile device and the factory reset is not helpful. The lack of root access on mobile makes it hard to do anything beyond a factory reset. Your device manufacturer will likely be able to wipe the storage completely and flash a new OS image to eliminate the infection.
RELATED: Can My iPhone or iPad Get a Virus?
How to Avoid Getting Viruses Again

As they say, prevention is better than cure. So if you have managed to ward off malware infection by doing a factory reset, it’s a good idea to secure your device to avoid getting viruses in the future. One of the best and easiest ways to achieve this is to keep your device’s operating system and apps up-to-date with the latest updates.
It’s also a good idea to only install applications and programs from reputed sources, preferably the official app stores. Don’t fall into the trap of free games or free apps and install something from an unverified source. Always remain on guard, however, because even apps from verified sources have been known to “sideload” viruses by prompting users to download malicious updates from external sources.
As a rule, avoid clicking on unfamiliar links or opening suspect attachments in chat messages or emails.
While all modern operating systems have built-in protection against malware, you can also install Malwarebytes to complement your OS’s security program. It’s available for all popular operating systems. Additionally, you can check our guide on the best antivirus software for more recommendations.
The Last Resort
The factory reset is a powerful tool and can be helpful as a nuclear option if your computer or smartphone has been infected with malware. But it should only be used as a last resort because you will have to set up everything again, which is time-consuming. In the end, good cyber hygiene and basic security precautions can go a long way in living a malware-free life.