It's been a long time but It finally happened, I've been compromised.
Like an idiot I reused passwords and they got into most of my accounts. I've changed 300 different passwords and recovered all except one account, my Facebook, which I'm being told is unlikely I'll ever get into again.
This is probably from a data breach, I'm in a few, however, I still want to do a wipe of my PC, but it's been a few years and I don't remember the best practices.
This is a long time coming though because as well as simply possibly being compromised my PC has been experiencing a myriad of errors and annoyances, such as random entire system stutters, apps crashing out of nowhere and general performance slowdown.
Luckily I've got about 7 drives all holding various things, but the entire OS is on the tiny NVME C drive, as well as program installations. IIRC I can factory reset without losing data on the other drives but this one will probably be wiped yes? Is this enough for security though? I would imagine most malicious files would be completely removed by reinstalling the OS but I want to make sure no other avenues exist.
Also what is best practices this day and age to do a clean reset? Thanks guys
I'm not much of a cyber security expert, but I'd be cautious with the old files.
As other said, unplugging those drives while you reinstall will ensure no mess ups can happen (typically a misclick when selecting the drive/partition). Yes the OS drive will be wiped. For "clean" reset, I'll usually just let the OS installer wipe everything. When it asks to "keep data" say no (at this point you've unplugged your actual data drives).
What the nature of the compromise? Was it limited to some online accounts, or was there an active virus on the computer?
If the computer was infected personally I'd boot up a linux live boot and run them all drives through an anti virus or two and painstakingly only keep personal data that can't easily be re-downloaded. Yes, it'll probably take a week. The theory behind this is, if something hid it self on the other drives, you reduce the chance of coming back. I am not aware of this actually happenning, but I'd play it safe as reasonable. A truly parinoid person would just throw out all the drives and start over - but that's not practicle.
If it was only some online accounts, I'd be a less anal about copying data over, but would at least run a scan or two over it.
Finally, I hope part of your password reset included a password manager and using long random passwords on everything, as well as set up 2fa wherever possible.
If not, bit warden (self-hosted) or keepass are popular choices in the realm of you have control of the data, not relying on someone else's cloud to keep it all safe and backed up (backing up the keepass file to a cloud drive is recommended for off-site back up, and to sync between devices if you don't use something like syncthing).