How Can I Securely Delete Everything Except the Operating System?

//
I’m about to give away my machine, but I want to leave Windows installed. How can I permanently delete everything except the OS?

You can’t.

Not really, not completely, and not securely.

I’ll describe a few steps that will delete a lot – perhaps enough for your concerns – but it really depends on how paranoid you are about the various traces that will still be left on a machine you’ve been using a while.

Everything? There’s really only one way to do that.

Become a Patron of Ask Leo! and go ad-free!

Delete and uninstall as much as you can

The process starts by deleting your data files and uninstalling all the programs you’ve used or added and don’t want to be part of the machine when it’s reused by someone else.

For your data files, that means deleting things from My Documents and wherever else you keep data files.

A good start for programs is to take a walk through Add/Remove Programs, or Programs and Features in Control Panel, and just start uninstalling.

Delete KeyFor extra security, you might want to use Revo Uninstaller instead of Control Panel. Revo not only lists more things, but it uninstalls more thoroughly. (It has a couple of levels of “aggressiveness” in determining what to remove, and this is one case where it might make sense to risk being as thorough as possible.)

Remove all users but one

If your machine has more than one user account, remove all except for a single account that has administrator privileges. This should delete a plethora of files and settings associated with each account.

Clean crud

Run the built-in Disk Cleanup Utility, or, better yet, grab a copy of CCleaner (a free download – you do not need to buy support), and use it to clean up as much as it can.

The goal here is to remove traces from browser caches, temporary files, and a host of other things – many of which might well be benign, but many others that may inadvertently contain things you’d rather not share with your machine’s subsequent owner.

You might consider running a registry scan. I’m not a big fan of registry cleaners, but this is a case where they might remove additional information you don’t want left behind, and the cost of failure (an unbootable machine) is relatively low. CCleaner’s registry-cleaning utility should be fine. You may want to take an image backup prior to the cleaning, just in case you want to be able to recover from that worst-case scenario.

Turn off some system files

Set your virtual memory to zero and delete the paging files. Turn off Hibernation, and remove the hibernation file.

These are hidden files in the root of your system drive, typically C:\.

Turn off System Restore.

All of these can contain private information, and can be turned back on by the machine’s new owner should they so desire.

Securely erase the empty space

Using a tool like CCleaner’s “Drive Wiper”, securely erase unused space on your hard disk.

By default, just deleting files doesn’t overwrite the data, and it could still be recovered. Tools like Drive Wiper actually overwrite all of the unused space on your hard drive with random data to completely remove all traces of what had been stored there before.

That’s about as good as you can get using this approach.

What still might be missed

The problem with this approach is that you don’t know what you might have missed.

There might be system files that contain information about you: registry settings that remain even after all the deletion and cleaning above that contain settings for programs (perhaps even programs no longer installed) that indicate something about who you are or what you used the machine for.

You just don’t know.

That’s why this is not an approach I ever recommend.

Nuke it instead

Using a tool like DBAN erases the hard drive completely. It’s easy, and every single bit of every single byte – operating system, settings, programs, and data – is removed from the hard drive…

… including all your personal information.

Then, if you like (and if you can), reinstall the operating system from an install disk.

If you don’t have one, then perhaps grab a free copy of a Linux distribution and install that instead.

But erasing the hard disk completely is the only way to be absolutely sure you haven’t left personal information on the machine prior to handing it off to someone else.

Well, that or remove the drive and give them the machine without it. But even then, you’ll want to erase the drive before disposing of it.

Podcast audio

Play

46 comments on “How Can I Securely Delete Everything Except the Operating System?”

  1. You should also know that even simply formatting the hard disk might not suffice in eradicating your data if you’re really truly paranoid or truly need that level of security.

    If you want your data inaccessible by the new owner you’ll have to remove the disk and install a brand-new one. For the old one, if you want to safely dispose of it, you’ll need to go the hammer way. That is to physically and thoroughly destroy the disk. And no, just because when you connect it to your computer the computer can’t read it does not mean that no-one else can’t read it either.

    Of course Leo has talked about using encryption for your disks before http://ask-leo.com/truecrypt_free_open_source_industrial_strength_encryption.html. If you were in the habit of formatting and encrypting the disk before using it even once then a simple format would be quite safe, because the data, even if retrieved, would be unintelligible without the password / keyfiles.

    Of course that’s rather extreme and guessing from your being here to ask advice on how to secure data you really don’t need that level of extreme measures to protect yourself. Just start with encryption from day 1 for the next system you build and go for a fresh install when you decide to give it away. It’s always safer that way.

    • There is no reason to take a hammer to a perfectly functioning disk. DBan will do the job. Run it at the most serious setting.

  2. Since you mention CCleaner, you may want to know that the new 3.x version includes the ability to securely wipe the freespace of a drive, as well as the entire drive itself:

    “A new Drive Wiper tool screen under the Tools section, which allows users to securely erase the contents or free space on a specified drive.”

    (Though I’d still probably use DBAN to wipe an entire drive.)

  3. I recall wiping a mac recently. The number of passes for overwriting data they offered were… 1, 5 (DoD spec compliant), and 35. So to be security compliant with DoD (Department of Defense) specs, you have to do the wipe/overwrite process 5 times. Some people, however, require more.

  4. I wipe my free space about every two months. It really speeds up my system. As I keep almost all my files on external HDD this can take some time! I have used File Shredder for years, when I wipe my free space with it I usually go for the 3 pass.(DoD) On my 419gb free of 494gb usable internal, this takes about 9/10 hours. I just tried a newer program East-Tek Eraser that I used to wipe the last 2 times,using the 7 pass “stop hardware recovery” setting. This takes a whopping 16 1/2 hours! Have also used the Guttman setting once 35 passes, and will never again because of the time involved. A 3 to 7 pass should be enough for almost anyone.

  5. As a add on to my above post……. Make sure that you do everything else before you run the wiper. By this I mean, Empty the recycle bin,delete all programs/files/whatnot you dont want,run defragger. Then wipe. This WILL speed up your system.

    • I’d really challenge the idea that wiping free space speeds up the computer. How could it do that ? Wiping free space may be needed, precisely because the operating system never goes there, despite there being remnants of officially “erased” files.

      If the above poster really did experience a measureable acceleration of his system (as opposed to the placebo effect of spending many hours doing lots of “techy” stuff, then subconsciously assuming that it must be faster, since he took that much pain to clean it), then it’s most likely because of the things he did before, such as defragging his disk.

      I’ve read many articles by experts about the theory and practice of wiping data. I don’t remember ever reading that it had the effect of making the computer faster, or that it should be done to that effect.

  6. I have had to purge many computers many times. I am the IT Help for several small local businesses, and regardless of company rules, employees continually add junk to office machines.

    Follow the usual steps to Control Panel > Remove Programs, and then look at the folders. In my case, there will be a great many mystery folders and I have no idea what they are for.

    So, after the usual cleaning, I add and “X” to the unknown folders. The folder, “Mystery” becomes “Mysteryx”

    Now we continue to operate the comuter, reboot a few times, and if no problems surface, I delete the folder.

    If a problem occurs, you can boot to Safemode, remove the “X” and then dig deeper to learn what this mystery folder is used for.

  7. After recently parting ways with my employer, I had to return my laptop which I must admit included a fair bit of extra -unrelated- junk from my weird techie side habits. I went through most of what Leo said, but not the part including turning off sys files etc. There were things I didn’t want potential snoopers to find, so I downloaded a program called Eraser which does exactly what SDelete does. It wiped a lot of stuff away in a systematic and straight forward way. All in all, I am comfortable believing I left very little traces behind, but as Leo says, it really depends on how paranoid one is about the data on the machine.
    Alternatively, if I were selling my machine, there is no question I would have nuked it, as I did with a previous-previous job’s laptop as well. I have no qualms about doing that at all to satisfactorily cover all traces.

  8. Is it really worth it to sell the computer? The only really sure way to insure no one finds anything is to trash the hard drive and trash the rest of the computer. This is hard to do but psychologically worth it. There always could be stuff on there even after nuking the system I think. Call me paranoid but I sleep nights.

    If you nuke the hard drives (all hard drives if more than one), then I believe selling a machine with an empty hard drive is safe.

    Leo
    27-Jan-2011

  9. Thanking you Leo.
    As usual, another informative article. Having previously ‘looked around’ regards disk cleansing, I’d like to share my comments since more knowledge never hurts. Perhaps the readers may know further security in making their tool selection for what is after all potentially capable of major repercussions at both personal and financial levels should sensitive data remain on the supposed cleansed disk.

    Readers are encouraged to look further afield in their quest for a real security disk wipe utility.
    Perhaps as a starter: http://www.zdnet.com/blog/storage/how-to-really-erase-a-hard-drive/129

    Please pay particular attention to “Secure Erase” and it’s authorship pedigree and the host of governmental and legal requirements which it satisfies. Additionally, numerous governmental agencies and commercial bodies use this ‘approved’ tool.
    Note that it is free for download (and usage – aka: freeware) http://cmrr.ucsd.edu/hughes/SecureErase.html

    In your research, you will also note that DBAN “does not” satisfiy any technical or legal regulatory requirements (NIST 800-88) of any security departments or ‘in the know’ disk scientists etc. Note that it is known that DBAN will not cleanse a remapped block…
    In the U.S.A, there are stringent legal requirements placed upon those that embark on disk cleansing. Failure to comply can lead to $250k fine and even 10years in jail…

    Ultimately, if money to burn then fork out for NSA approved degausser 🙂

  10. ComputerWorld reports (March 7, 2011) that recovering data from both SSD drives and flash drives is incredibly easy even after being overwritten.

    This article requires you to sign up. But it is harmless to do so. Remove the check marks from both boxes and you will not get any additional mailings. At least that is my experience.

    This article is scary and should be required reading.

    http://www.computerworld.com/s/article/355159/SSD_Security_Issues_Surprise_Experts

  11. How do I remove all users except “administrator”…and where do I go to find it? I am unable to update my browser, download Adobe to see any videos, or anything. Any help would be appreciated. thanks

  12. @Pooky
    Windows 7: from the Control Panel click on User Accounts, then click Manage Other Accounts, click on the icon for the account you want to remove and then click on Delete the Account. From there, follow the prompts and decide whether you want to remove the data files and then confirm the delete.

    Windows XP: from the Control Panel click on User Accounts, click on the icon for the account you want to remove and then click on Delete the Account. From there, follow the prompts and decide whether you want to delete the files and then confirm the delete.

    Vista should be somewhat similar.

    You may want to back up any data from the account before deleting it and choosing the Delete Data option.

  13. hi,
    i unconciously deleted my administrator. but then i had made a new administrator. But i cant access those programs that was saved in my deleted administrator. Unknowingly, I went to documents and settings looking for the folder of my administrator which i had deleted and i tried to copy all folders in there and i tried to paste those in my new administrator but my hard disc had reach to its fullest storage, so i go back to documents and settings and look again for the folder of the administrator i deleted before, and decided to erase all data folders in there.
    now, i cant find any of it. but even i deleted all those, my hard disc size is still the same,means that the files from the folder of the administrator was still in my machine, but i cant find it. My Local Disc C: turns into color blue letters,unlike the other drives which is just black.
    What is the possible problem of my laptop???
    i am using a hp mini 2133 windows xp home edition.
    Is there any way that i could bring back my old settings?or whats the best thing i could do to fix this problem?

    • The best thing you could do to fix this problem is to bring it to a professional for help. After all your attempts to fix it, however, it is doubtful if your data can now be recovered. You are in way over your head with this technology. You need to recognize that, and get professional help when you need it. It’s nothing to be ashamed of, but something that you need to recognize.

  14. I have used Revo Uninstaller for years, and love it. It is the only program I have used that finds Registry entries, and safely deletes them along with the program you no longer want. The only issue I have right now with Revo is that it still seems to have issues in Windows 10. You know you installed a program, but it is not showing up in Revo.

  15. With Windows 10, a simple option is to Reset the PC (Update & Security > Recovery), selecting the option to Remove Everything. You can then securely erase the unused areas as per Leo’s suggestion using “Drive Wiper”. I recently used Reset to clean a laptop that had become clogged with programs.

    • this is an excellent point. I had inquired to several sites, about the windows 10 clean install.
      had a prior windows 7 machine, had upgraded to windows 10, used it for a while, then decided to retire it and donate it.

      per all the windows 10 feedback, the windows install (even the CLEAN INSTALL) will KEEP the windows 10 activation keys, because it is related to machine hardware (it activates automatically). so, essentially, a NEW windows 10 install, maintaining the windows 10 key, and no other data.

      again, to be safe, just wipe the empty space, but unless you’re giving it to the NSA, or you had secure secure financial stuff, this should suffice.

      AND, to be doubly safe, just WIPE WIPE WIPE the whole drive, and then do a clean windows 10 install.
      we just did this to one machine, and it is activated (had prior windows 7, then was upgraded to windows 10), and it has kept the windows 10 activation.

  16. Suppressing all accounts excepe for the administrator account is good, but could not be enough. It’s important to NOT preserve the content of any of the deleted accounts. The option to preserve or not is offered each time you delete any account.
    As the administrator account may content some personal information, an additional step may be needed : After deleting all regular accounts, create a brand new administrator account. Log into that new account and suppress the original administrator account. Defragement and wipe the free space clean.

  17. Here’s what I would do; it could take a long time but I think it would work. I would delete everything except the windows folder. Then, I would find a way to automatically copy (with some program) some sharabia (insignificant data) until the disk is full; than I would erase these insignificant data, which would be the only think recoverable on the disk, wouldn’t it?

  18. In the year 2000, when I left the job I had under less than amiable circumstances, I deleted everything from the one hard drive, data and programs, except mspaint.exe. I then filled the entire drive with large .bmp files and deleted all of them. The only thing that could have remained was raw data of innocuous content, along with the file headers. I was not concerned with such residues as those. I never heard anything about the computer after that. Does anybody have reason to believe that technique does not work?

    • If you left MSPaint, that would mean that you didn’t remove Windows. You may have gotten most of it wiped, but as the article states, there are a few places which you might have missed where residual data might have remained, for example the swap files and some files in App Data etc.

  19. Why does this site keep mentioning a windows install disk? Besides me, NOBODY has ever made one. (I have given the usual speeches, but eventually gave up). Nobody wants to bother. (I never told them it takes hours, they do not care). Two computers are macs, so I know nothing about them. When that day comes, I may rub it in or not.

    • If you are using Windows 7 or later, you can download the appropriate installation disc image for Windows (the version corresponding to your current OS) for free from Microsoft and burn it to a DVD or create a bootable installation USB flash drive. It should register automatically if you have an eligible version installed.

  20. When donating an old computer, I always remove the hard drive and then “erase” it with a ball peen hammer. It takes about 30 seconds, has no cost, and I know that all the data is unrecoverable. All the platters are crushed. A low-tech solution is sometimes the best.

  21. I don’t think anybody’s mentioned doing a factory reset yet. Usually you got to press a couple of keys while booting up your system. Sometimes you can do a reset from within Windows. My Acer Win7 desktop includes software named Acer eRecovery Management where I can start a reset from there. After 4 years I’m planning to do this to my Acer, not to sell, just to many issues, software rot more likely. The key combo for Acer is Alt + F10, by the way.

    • The problem with a factory reset is that it doesn’t wipe the free space on the c: drive, so any body with moderate hacking skills would be able access the data.

  22. My data isn’t very interesting but my preferred method was to have 2 hard drives in my machine and separate Windows from everything else. Then just remove my data and program drive If i wanted to remove all the data and programs I could format that drive then fill it with movies and then format it again or just leave it full of movies.and music. I tend not to sell or give away machines anyway. I think i still have my win3.1 drive kicking around.

  23. Good article and bang on the button. It takes approx… one hour to format a hard drive and install any version of windows. Attempting to delete/clean all areas of a hard drive and cleanse all repositories like the registry could take days and like you said; you just couldn’t be sure you got everything.

  24. This is just what I needed. I upgraded to a new PC and sold my old one. I was just going to use the “shred” function on my virus software to wipe all the data, but I was concerned that there might be stuff left behind in the Windows folder or in the registry. I downloaded and ran DBAN. My only (minor) complaint was that it took 15 hours to finish wiping a 1.5 TB drive. The person who bought the computer had to wait until the next day to pick it up. Thank you, Leo!

  25. I have OEM Windows 10 fully updated. Could I just pick up on the suggestion made to use the Reset option within Windows 10? Microsoft recommend this if the clear all option is the selected (all files and non original software plus all accounts are removed and one administration account is established) if passing on or selling. Is there still any concern about private data still residing somewhere which would need further action after the reset? Thanks Jonathan

    • A deleted file recovery utility would be able to recover the deleted files. Running a free space wiping utility like the one in CCleaner would help with that and it would be secure against normal attempts to recover the data. Forensic recovery methods might be able to recover some of the data.

  26. One more layer of security would be to create a new administrator account, delete all of the other accounts and wipe (not just delete) all the files associated with the deleted accounts and wipe all folders in “Program Files” and “Program Files (x86) which pertain to uninstalled programs if any still remain” before the final free space wipe.

  27. Hello All
    I have a DELL CPU PC that I want to completely wipe clean the hard drive so that the hard drive is totally blank
    The reason being is that I have no more use of the Dell CPU PC and want to sell the unit
    I need to completely wipe the hard drive so that it is blank so that EVERYTHING is wiped away and whoever has my machine has to start completely again
    I have a Dell CPU PC running Microsoft Windows XP
    How do I wipe away all data, pictures, videos, music, and take off Windows XP so that a new OS is put on when the next owner/buyer has my Dell CPU PC desk top
    Thank You

  28. Having read all this, I am glad that we have kept all of our old computers (we even still have our Apple IIe). It may be time to open a museum.

Leave a reply: