Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

macpot

macrumors regular
Original poster
Feb 14, 2017
168
249
Hi guys,

I have a Macbook Pro 2020 with T2 chip and File Vault enabled.

I installed Windows using Bootcamp, and after some time got a virus there so I quickly used Bootcamp assisstant in macOS and removed Bootcamp completely.

Is it safe to assume that application (virus) on Windows had no access to Mac partition in my case (being encrypted)?

So I don't have to reinstall macOS too right?

Not worried about read access there while bootcamp was installed, just want to be sure my Mac is safe to use now.
 
Last edited:
Download MalwareBytes and run it:

It will run fine "in free mode".
You do not have to pay to register if you don't wish to.

After a time period (2 weeks or 30 days) it will ask if you wish to continue with the "real time" version (that would require payment).

NO, you don't need to do this.
It will convert itself to "free mode", I believe.

Then you just run it manually when you wish to.
Works for me.
 
  • Like
Reactions: macpot
Is it safe to assume that application (virus) on Windows had no access to Mac partition in my case (being encrypted)?
I'm not an expert, but in my opinion it's safe to assume that a malicous Windows application could not read or write meaningful or "sneaky" harmful data to the Mac Filevault-protected filesystem, due to the encryption. I suppose it could have written junk to the Mac filesystem, but I think that would be immediately noticed (probably by not booting up).

I suppose it may be possible that a Windows application could alter something in the EFI or other partition in some sneaky way, perhaps, if they aren't protected is some way -- I don't know.

If it were me, I wouldn't feel the need to reinstall macOS. Another good reason to have FileVault enabled!

(Hmmm... if you had external drives attached though, you might want to think about them if they were not encrypted.)
 
  • Like
Reactions: macpot
I believe that the T2 systems use a "signed" system volume, so if a Windows virus were to corrupt MacOS then you'd get an error on boot.

As mentioned above, it could theoretically write nonsense data into your data volume. You should ensure that you have a backup of your data in any case.
 
  • Like
Reactions: macpot
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.