Oct 5th, 2020

In the modern world, smartphones have become a lifeline for everyone. When a phone gets malfunctioned because of some reason, people can go to any extent to recover it. 

If an android phone or any other smartphone is tainted with malware, for fixing it, users generally go for security solutions such as Malwarebytes or similar apps like it.

A factory reset or hard reset is one of the options to clear the smartphone from any infection. But it is an extreme step and must be taken with caution and after a proper backup.

A factory reset clears all the data from the device, such as apps, photos, videos, contacts, saved settings, etc. and resets the device to its starting state when it was in the factory. The factory reset is not just for the phones. It can also rectify malfunctioned electronic devices such as laptops, desktops, printer, fax machines, WiFi modems, etc.

Though theoretically, a factory reset should remove all the viruses from the Android phone, but does it always do that?

Let us find out!

Why someone performs a Factory Reset?

As already mentioned, a factory reset can free your device from the virus infection. Other than this, there are more reasons when people perform a hard reset. 

  1. Passing or Selling the device to others: Many users perform a factory reset when giving away or selling their phones to others. This is to be done to wipe out all the personal information from the device.
  2. To improve the Device’s Performance: With time, the android phones tend to slow down because of the clutter it collected. A factory reset can refresh the device and significantly improve its performance.
  3. Broken OS Update: A failed OS update can lead to the device’s malfunctioning, and then hard resetting is the only option left. Hard resetting can also fix many OS errors and failures.
  4. Solving the Glitches: Many times, Android users experience the glitches in their system apps such as camera, gallery, WiFi, GPS, and others. To fix these errors, ultimately, they have to factory reset the phone.

Does Factory Reset really remove the virus?

Of course, yes, but not ALWAYS. Theoretically, a factory reset must convert the device to its original state. However, with ever-evolving advancement in the cybercrimes field, this does not always happen.

The classic example is the xHelper virus, which is said to be an unremovable virus and already infected over 45,000 android devices. 

xHelper was first recognized in March 2019, and within a few months, it was able to infiltrate into thousands of devices by hiding in the codes of the unverified android apps. These unverified apps are installed by the users outside the Google play store.

It was reported that, even after multiple tries of resetting the Android phones, xHelper refuse to leave the device and always become active after a few hours of resetting.

So, how does xHelper or any other virus can survive the factory reset? Let us find out that in the next section.

How do some viruses survive factory resets?

There could be several reasons that could save some viruses from getting removed with the factory reset. Some of them are because of the user’s negligence. Here is the list for that.

  1. Virus is in the Recovery Partition: In some rare cases, advanced malware can infiltrate onto your device’s recovery partition. A recovery partition is where the factory reset settings are stored. Hence resetting the phone would not remove the virus from the recovery partition, and it would be active.
  2. Infected Backup: Most users perform a backup to restore it later, before hard resetting the device. However, they ignore scanning the whole phone before executing a backup, and hence the virus also gets backed up with other user data. On restoring the backup, the virus also gets revamped and continue troubling the user.
  3. SD Card Might be Infected: If you have equipped your device with and external storage such as a micro SD card, it is a possibility that the SD is infected with the culprit virus. Hence, it keeps disturbing your device even after the multiple factory resets. Try removing the SD card and then run the phone. If it is working without any trouble, then scan your memory card for the viruses or format it.
  4. Infection of a Rootkit Malware: A rootkit program is basically developed to provide the root level access of the Android to the authorized developer or tester. However, with advanced technology, the cybercriminals can corrupt the rootkit with the malware, and hence they can become undetectable or unremovable.

Alternatives to Factory Reset 

A factory reset is a good option for curing the phone, but only if all other options are closed. When working on removing the viruses and other malware programs from the android phone, the factory reset should always be kept as the last option. Before it, you can try following these options.

  1. Scan your whole device with a robust antimalware solution like Malwarefox that can detect even the hidden malicious files.
  2. Before backing up the device’s data, ensure that it doesn’t contain any malware program.
  3. Remove the recently installed and other suspicious apps from the device. They might be the reason for the virus infection. If you can’t remove it in normal mode, try removing them in the Safe Mode.
  4. Clear your browser’s cache.

If none of these options work, then only go for the hard reset.

Avoid Viruses on your Android Phone

It is rightly said that prevention is better than cure. Instead of wasting time and resources and ultimately resetting your phone, it is better to take measures to avoid viruses and other malware programs on it.

Here are some tips for that.

  1. Always keep installed a robust security solution on your device for a total safeguard from any threats.
  2. Keep the OS and apps updated with the latest versions. An outdated app can be potential malware.
  3. Avoid installing apps from unknown and unverified sources.
  4. Follow healthy browsing practices.
  5. Never use an unsecured WiFi connection. If it is necessary, then use a VPN for a security layer.
  6. Always keep yourself updated with the latest reforms in the cybercriminal world.

local_offer    android viruses   Factory reset   reset android