Add Secure Delete Recycle Bin Context Menu in Windows 10

Windows has a special location called Recycle Bin where deleted files and folders are stored
temporarily, so the user has a choice to restore accidentally deleted stuff or remove it permanently. However, files delete from the Recycle Bin can be easily recovered. Windows only marks the file as deleted, but physically the files stay on the hard drive until they are overwritten by new data. Here's how to add a special 'Secure Delete' context menu entry to the Recycle Bin right-click menu to securely erase its contents.

Unfortunately, Windows 10 doesn't include built-in tools to securely remove a file or folder. For this purpose, we will use an external tool, SDelete. It is created by Microsoft's Mark Russinovich, and is available for download on the Microsoft Sysinternals web site.

The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. SDelete (Secure Delete) is such an application. It overwrites a deleted file's on-disk data using techiques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever.

Warning! The context menu entry will permanently delete the contents of the Recycle Bin stored on ALL DRIVES that have a letter in File Explorer. The File Explorer app will be restarted automatically. Use it carefully!

To Add Secure Delete Recycle Bin Context Menu in Windows 10,

  1. Download the latest version of SDelete from Microsoft's web site: Download SDelete.
  2. Unblock the SDelete.zip file.
  3. Double-click the SDelete.zip file to open it as a ZIP folder.
  4. If you are running 64-bit Windows, extract the file sdelete64.exe to the folder C:\Windows\System32. You can simple drag and drop the file from the ZIP folder to the System32 folder opened in a separate File Explorer window.
  5. You'll be prompted to confirm the operation. Click on the Continue button to approve.Windows 10 Place Sdelete To System32
  6. If you are running a 32-bit Windows 10 version, extract the sdelete.exe file to the C:\Windows\System32 folder.
  7. Download the following Registry files: Download Registry Files.
  8. Double-click the file Windows 64-bit\Add Secure Delete Recycle Bin Context Menu.reg for the 64-bit Windows version, otherwise use the file Windows 32-bit\Add Secure Recycle Bin Delete Context Menu.reg.
  9. Now, right-click the Recycle Bin. Use the Secure delete context menu entry to securely erase its contents.Windows 10 Secure Delete Recycle Bin Context Menu

You are done.

How it works

SDelete will perform 3 passes of zero-fill to securely delete your files and folders stored in the Recycle Bin. The context menu entry calls SDelete as follows:

cmd /c "for %%I in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do if exist "%%I:\$Recycle.Bin" (sdelete.exe -p 3 -s "%%I:\$Recycle.Bin\*") && taskkill /im explorer.exe /f & start explorer.exe"

Arguments for sdelete:

  • -p - passes Specifies number of overwrite passes, in our case it is 3.
  • -r - recurse subdirectories when erasing a folder.

It is called for each drive that contains the "$Recycle.Bin" folder with the FOR loop. SDelete will be able to erase only files owned by your user account due to NTFS permissions set for the subfolders, so the contents of other users' Recycle Bin will remain untouched.

Note that on SSDs, this causes some extra writes which will in the long term slightly lessen its life span. But your sensitive information will be securely erased, so nobody will be able to recover your files or know what activities you have done on the PC by recovering the partially deleted data. On hard disk drives, sdelete.exe is an excellent way to securely wipe free space.

Tip: You can add the same command for all files and folders. See Add Secure Delete Context Menu in Windows 10.

Tip: To securely wipe all files and folder you have already deleted, i.e. securely wipe the free disk space, you can use the built-in console tool cipher.exe. Run it as follows:

cipher /w:C

Replace "C" with the letter of your drive on which you want to wipe the free space. For reference, see the post

Erase free space securely in Windows without third party tools

Articles of interest:

3 thoughts on “Add Secure Delete Recycle Bin Context Menu in Windows 10

  1. m

    Doesn’t work, shows the command prompt window with some files supposedly being deleted, then stops, After manually closing the window and opening recycle bin again, all the content is still there.

    Reply
  2. Gabriel

    I could not make it to work:

    It opens CMD and executes the 3 passes ant the CMD window closes
    it does not kill Explorer.exe
    it opens several new instances of Explorer.exe
    It does not empty the Recycle Bin
    When I restore the Recycle Bin contents, the files are intact

    Reply
  3. James Edward Lewis II

    In recent versions of Windows, ordinary drives can be labelled A or B also; Windows 10 doesn’t even come with floppy drivers anymore.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *