Windows has a special location called Recycle Bin where deleted files and folders are stored
temporarily, so the user has a choice to restore accidentally deleted stuff or remove it permanently. However, files delete from the Recycle Bin can be easily recovered. Windows only marks the file as deleted, but physically the files stay on the hard drive until they are overwritten by new data. Here's how to add a special 'Secure Delete' context menu entry to the Recycle Bin right-click menu to securely erase its contents.
Unfortunately, Windows 10 doesn't include built-in tools to securely remove a file or folder. For this purpose, we will use an external tool, SDelete. It is created by Microsoft's Mark Russinovich, and is available for download on the Microsoft Sysinternals web site.
The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. SDelete (Secure Delete) is such an application. It overwrites a deleted file's on-disk data using techiques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever.
Warning! The context menu entry will permanently delete the contents of the Recycle Bin stored on ALL DRIVES that have a letter in File Explorer. The File Explorer app will be restarted automatically. Use it carefully!
To Add Secure Delete Recycle Bin Context Menu in Windows 10,
- Download the latest version of SDelete from Microsoft's web site: Download SDelete.
- Unblock the SDelete.zip file.
- Double-click the SDelete.zip file to open it as a ZIP folder.
- If you are running 64-bit Windows, extract the file
sdelete64.exeto the folder C:\Windows\System32. You can simple drag and drop the file from the ZIP folder to the System32 folder opened in a separate File Explorer window.
- You'll be prompted to confirm the operation. Click on the Continue button to approve.
- If you are running a 32-bit Windows 10 version, extract the sdelete.exe file to the C:\Windows\System32 folder.
- Download the following Registry files: Download Registry Files.
- Double-click the file Windows 64-bit\Add Secure Delete Recycle Bin Context Menu.reg for the 64-bit Windows version, otherwise use the file Windows 32-bit\Add Secure Recycle Bin Delete Context Menu.reg.
- Now, right-click the Recycle Bin. Use the Secure delete context menu entry to securely erase its contents.
You are done.
How it works
SDelete will perform 3 passes of zero-fill to securely delete your files and folders stored in the Recycle Bin. The context menu entry calls SDelete as follows:
cmd /c "for %%I in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do if exist "%%I:\$Recycle.Bin" (sdelete.exe -p 3 -s "%%I:\$Recycle.Bin\*") && taskkill /im explorer.exe /f & start explorer.exe"
Arguments for sdelete:
- -p - passes Specifies number of overwrite passes, in our case it is 3.
- -r - recurse subdirectories when erasing a folder.
It is called for each drive that contains the "$Recycle.Bin" folder with the FOR loop. SDelete will be able to erase only files owned by your user account due to NTFS permissions set for the subfolders, so the contents of other users' Recycle Bin will remain untouched.
Note that on SSDs, this causes some extra writes which will in the long term slightly lessen its life span. But your sensitive information will be securely erased, so nobody will be able to recover your files or know what activities you have done on the PC by recovering the partially deleted data. On hard disk drives, sdelete.exe is an excellent way to securely wipe free space.
Tip: You can add the same command for all files and folders. See Add Secure Delete Context Menu in Windows 10.
Tip: To securely wipe all files and folder you have already deleted, i.e. securely wipe the free disk space, you can use the built-in console tool cipher.exe. Run it as follows:
Replace "C" with the letter of your drive on which you want to wipe the free space. For reference, see the post
Articles of interest:
- Add Empty Recycle Bin Context Menu in Windows 10
- Fix Corrupted Recycle Bin in Windows 10
- Change Days After Which To Empty Windows 10 Recycle Bin
- Delete Files Permanently in Windows 10 (Bypass Recycle Bin)
- How to Pin Recycle Bin to Taskbar in Windows 10
- How to pin Recycle Bin to Quick Access in Windows 10
- How to add Recycle Bin icon to navigation pane in Windows 10 File Explorer