Secure Delete software

[kozukumi]

Hi, I am looking for a simple secure deletion tool. I have a bunch of old financial documents I want to securely delete now I have archived them to an encrypted container.

 

I used to use Eraser but it seems to be a dead project now and the couple of versions I have just tried have given me errors.

 

What I want is a simple tool that integrates into the context menu for files and folders and correctly wipe all files and sub-folders.

 

Anyone got any suggestions? I would like only free and/or open source software. Cheers

[Odom Member]

I remember a tool called Heidi eraser, but that was a few years ago. I'm not sure that still exists. My company at the time employed it.

[SnoopZ]

I remember a tool called Heidi eraser, but that was a few years ago. I'm not sure that still exists. My company at the time employed it.

Still exists and i use it. The site is throwing up a harmful message in Google Chrome for some reason, but as i have been using it for years i ignored it so click at your own risk.

 

http://eraser.heidi.ie/download/

[kozukumi]

I remember a tool called Heidi eraser, but that was a few years ago. I'm not sure that still exists. My company at the time employed it.

 

Yeah I mentioned I was using that but it has problems and doesn't look to be actively developed.

 

Still exists and i use it. The site is throwing up a harmful message in Google Chrome for some reason, but as i have been using it for years i ignored it so click at your own risk.

 

http://eraser.heidi.ie/download/

 

Sadly I get errors when using it and have had a few crashes which have managed to crash Explorer also as it is a shell extension. Frustrating.

 

 

For now I have gone with adding the parent folder to CCleaner's custom location and used 1-pass overwrite delete. Can't imagine anyone being able to recover from that. It is a bit clunky to use but isn't like I need to use it daily so I guess it will have to do for now. Shame Eraser seems to have been left to die.

[SnoopZ]

I wouldn't say eraser has been left to die, the latest version was released 13th April 2015.

Personally it has never crashed on any of my oses, Windows 7,Windows 8.1 and Windows 10, so far no crashes or problems.

[Cnónna]

a hammer and let rip on the drive(s)

[+BudMan MVC]

so you just want to secure delete the file(s), not wipe the disk.  Will the sysinternals tools works great why would you need anything else?  It is a ms tool https://technet.microsoft.com/en-us/sysinternals/bb545021.aspx

 

C:\>sdelete

SDelete - Secure Delete v1.61
Copyright © 1999-2012 Mark Russinovich
Sysinternals - www.sysinternals.com

usage: sdelete [-p passes] [-s] [-q] <file or directory> ...
       sdelete [-p passes] [-z|-c] [drive letter] ...
   -a         Remove Read-Only attribute
   -c         Clean free space
   -p passes  Specifies number of overwrite passes (default is 1)
   -q         Don't print errors (Quiet)
   -s or -r   Recurse subdirectories
   -z         Zero free space (good for virtual disk optimization)

 

Or if you want just the built in tool - cipher

 

C:\>cipher /?
Displays or alters the encryption of directories [files] on NTFS partitions.

  CIPHER [/E | /D | /C]
         [/s:directory] [/H] [pathname [...]]

  CIPHER /K [/ECC:256|384|521]

  CIPHER /R:filename [/sMARTCARD] [/ECC:256|384|521]

  CIPHER /U [/N]

  CIPHER /W:directory

  CIPHER /X[:efsfile] [filename]

  CIPHER /Y

  CIPHER /ADDUSER [/CERTHASH:hash | /CERTFILE:filename | /USER:username]
         [/s:directory] [/H] [pathname [...]]

  CIPHER /FLUSHCACHE [/sERVER:servername]

  CIPHER /REMOVEUSER /CERTHASH:hash
         [/s:directory] [/H] [pathname [...]]

  CIPHER /REKEY [pathname [...]]

    /B        Abort if an error is encountered. By default, CIPHER continues
              executing even if errors are encountered.
    /C        Displays information on the encrypted file.
    /D        Decrypts the specified files or directories.
    /E        Encrypts the specified files or directories. Directories will be
              marked so that files added afterward will be encrypted. The
              encrypted file could become decrypted when it is modified if the
              parent directory is not encrypted. It is recommended that you
              encrypt the file and the parent directory.
    /H        Displays files with the hidden or system attributes. These files
              are omitted by default.
    /K        Creates a new certificate and key for use with EFS. If this
              option is chosen, all the other options will be ignored.

              Note: By default, /K creates a certificate and key that conform
                    to current group policy. If ECC is specified, a self-signed
                    certificate will be created with the supplied key size.

    /N        This option only works with /U. This will prevent keys being
              updated. This is used to find all the encrypted files on the
              local drives.
    /R        Generates an EFS recovery key and certificate, then writes them
              to a .PFX file (containing certificate and private key) and a
              .CER file (containing only the certificate). An administrator may
              add the contents of the .CER to the EFS recovery policy to create
              the recovery key for users, and import the .PFX to recover
              individual files. If SMARTCARD is specified, then writes the
              recovery key and certificate to a smart card. A .CER file is
              generated (containing only the certificate). No .PFX file is
              generated.

              Note: By default, /R creates an 2048-bit RSA recovery key and
                    certificate. If ECC is specified, it must be followed by a
                    key size of 256, 384, or 521.

    /S        Performs the specified operation on the given directory and all
              files and subdirectories within it.
    /U        Tries to touch all the encrypted files on local drives. This will
              update user's file encryption key or recovery keys to the current
              ones if they are changed. This option does not work with other
              options except /N.
    /W        Removes data from available unused disk space on the entire
              volume. If this option is chosen, all other options are ignored.
              The directory specified can be anywhere in a local volume. If it
              is a mount point or points to a directory in another volume, the
              data on that volume will be removed.
    /X        Backup EFS certificate and keys into file filename. If efsfile is
              provided, the current user's certificate(s) used to encrypt the
              file will be backed up. Otherwise, the user's current EFS
              certificate and keys will be backed up.
    /Y        Displays your current EFS certificate thumbnail on the local PC.
    /ADDUSER  Adds a user to the specified encrypted file(s). If CERTHASH is
              provided, cipher will search for a certificate with this SHA1
              hash. If CERTFILE is provided, cipher will extract the
              certificate from the file. If USER is provided, cipher will
              try to locate the user's certificate in Active Directory Domain
              Services.
    /FLUSHCACHE
              Clears the calling user's EFS key cache on the specified server.
              If servername is not provided, cipher clears the user's key cache
              on the local machine.
    /REKEY    Updates the specified encrypted file(s) to use the configured
              EFS current key.
    /REMOVEUSER
              Removes a user from the specified file(s). CERTHASH must be the
              SHA1 hash of the certificate to remove.

    directory A directory path.
    filename  A filename without extensions.
    pathname  Specifies a pattern, file or directory.
    efsfile   An encrypted file path.

    Used without parameters, CIPHER displays the encryption state of the
    current directory and any files it contains. You may use multiple directory
    names and wildcards. You must put spaces between multiple parameters.

C:\>

 

So for example if you have already deleted the files and now you want to make sure they are gone with no way to recover them simple

 

cipher /w:C

 

will wipe all free space on the C drive.