I read your article about CCleanerâs file deletion overwrite, which I tried
on my Windows Vista. Mine took about three hours to do. My question is how
often should I use this file deletion in general? Once per month? I am really
clueless about that. I am referring to the CCleanerâs wipe section.
Well, let me put it this wayâŠ.
I never run it.
With that having been said, letâs look at why you might want to run it, and
from that, see if we can come up with some ideas for how often it might make
sense to run.
]]>
Deleted files arenât deleted
By now, I think that most people realize that when you delete a file â even emptying the Recycle Bin, if that was used â the data that was contained in the file remains on the disk. The area that contains the data is marked as free, but the data is not actually overwritten until a new file is written in exactly the same place sometime later.
And later could be milliseconds or it could be months.
Thus, until that overwrite actually happens, we have the ability to âun-deleteâ a file using tools like Recuva.
Drive wiping utilities
CCleanerâs Drive Wiper is one example of a tool that is meant to remove this ability to undelete.
The concept is simple. The drive wiper just writes data of some sort in all of the spaces on your hard disk where no files are currently stored: all the space thatâs marked as free. As a result, anything left in that free space that could have been used to recover or un-delete a file is removed.
If you have a lot of free space, that could take some time.
How often?
Now, to your real question: how often should you do this?
It depends.
To me, it depends on three things:
-
It depends on just how sensitive the data that could be recovered might be. In general, with browser caching and temporary files and who knows what else, itâs pretty safe to assume that thereâs some sensitive data in the unused areas of your hard disk.
-
It depends on just how likely it is that your hard disk is to fall into the hands of someone else â either by loss or theft.
-
It depends on just how likely it is that someone who ends up with your hard disk will bother to see whatâs in the free space.
Itâs that last one that, for me, reduces the need for free space wiping to near zero for most people.
Face it, folks. Weâre just not that interesting.
And, perhaps more to the point, thereâs probably much more interesting stuff in the files that havenât been deleted. If a thief wants to go spelunking for data, theyâll probably find plenty in the files and folders that already exist.
Sometimes they are after you
On the other hand, perhaps you are the target of someoneâs attention. Perhaps you do have a sensitive job or work in a sensitive industry where data theft and espionage are not only possible, but even likely.
There are several additional steps (like encryption) that you should be taking, but when it comes to free-space wiping, then Iâd be doing it often.
If itâs important, Iâd do it nightly.
But, as I said, itâs just not that important for the vast majority of people.
Sometimes, theyâre really, REALLY after you
Everything that Iâve discussed above applies to what CCleaner terms a âSimple Overwrite (1 pass)â. A simple overwrite does exactly whatâs described above: it overwrites the free space and prevents common file recovery utilities from undeleting deleted files.
If someone is seriously after your data, that could potentially be not enough.
As I discussed in What difference does multiple-overwrite delete really make? there are techniques â expensive techniques â that can be used by those who are sufficiently motivated that may be able to recover some or all of the data that has been overwritten once.
The solution is to overwrite it more than once. CCleaner offers the option of overwriting 3, 7, and even 35 times.
Threeâs probably plenty, but if youâre in some top-secret government agency, perhaps youâll want to consider more.
And once again, three is overkill for the average user.
Zeroâs probably just fine.
I made a video in Windows Movie Maker. I had this video saved on my computer.
I did a complete reset to factory settings and lost that video (I thought I had it on a disk â I was wrong).
Is there any way to use Recuva to recover a file following a âreset to factory settings?â
The last reset was done well over a year ago. I know Iâve used CCleaner in the past but donât believe that Iâve used it since my last reset (itâs not installed on my computer now). Iâve done multiple resets and donât remember where in the process of the multiple resets & use of CCleaner that the video was deleted.
Windows Vista Home Premium 64-bit Svc pk2
Thank you!
If someone works for an ultra-top secret company and possesses some super sensitive information, would not the personâs company give a seminar or tutorial on how to keep their data safe? I find it idiotic to hire someone to keep sensitive data and not teach him/her some techniques to safeguard it.
09-Mar-2012
My son works for a large aircraft company and the designs are highly secret. Their IT dept discovered that not one âwipe outâ program worked 100%. They now crush all old hard drives and incinerate the debris.
I have noticed that CC Cleaner is available for Macs now!
I run CCleaner on a daily basis â before I shut down my PC for the night (possibly overkill, bit it only takes seconds to run on my machine). I have noticed that CCleaner takes differing times to run depending on the particular browser youâre running.
Firefox is around 3-5 seconds, Chrome around 20-30 seconds, and finally IE(x) anything up to 2-3 minutes! This seems to be caused by the way each browser organises its caching.
Iâm guessing that were one to run CCleaner for the very first and only time on a machine, thereâs a chance it could take three hours to finish its scan, particularly if youâve been tardy with your PCâs âhouseworkâ over a lengthy period of time.
I always use CCleanerâs three-pass method as I reckon this is more than sufficient for any average home user. I agree with Leo that 37 passes, whilst not only massive overkill, is a pointless waste of time better spent doing other system housework.
âGeoff, Australia.
09-Mar-2012
Shelly :),
Why would you not simply try it? You can get a free version of Recuva (just click on the underlined âRecuvaâ word itself in this Leoâs article which will then take you to his another article on Recuva where thereâs a link to their official website with a download of a free version (yes, Leo always does (re)direct you to the official website(s) of whatever he recommends).
No harm to try⊠Install it and perform a recovery. Unless you donât want to install something that you wouldnât use often enough. But how important could that deleted file be to you? At the end of the day you can always uninstall it. Or, if you happen to have Acronis TIH installed on your machine then you can simply perform a Recuva installation and file recovery while in âTry&Decideâ mode.
I recall thereâs also a portable version of free Recuva (not sure if still, but recall the discussions about it, â just browse the comments in Leoâs article on Recuva).
Shelly, btw, talking Recuva is slightly off the topic in this article â sorry! :) Best, search Leoâs answers first! :)
@Shelly
Unfortunately, a factory re-install overwrites everything on your hard drive. There may be a small outside chance that if the file resides on an unwritten portion of the drive, it might be recoverable shortly after the re-install. But after a year of use since the re-install, the likelihood of recovery is virtually zero.
There are additional aspects that should be addressed in an article like this, namely the free space at the tail end of the last sector of a file, the deleted entries in the file directory (which still contain nearly complete file names), and the swap file on the hard drive. Perhaps even the hibernation file on the hard drive. A program such as BCWipe will wipe all of these, except perhaps the hibernation file. From what Iâve read about CCleaner, it doesnât address these concerns. If your hard drive had super sensitive data on it, then you will want to consider these areas, because the bad guys probably will.
I had a friend that had his house broken into and computers stolen. Because he had all his records on the computer, he had to get all new credit cards etc. etc. At that point you have no idea how sophisticated the burglar was although the likelihood is that they are not all that computer savvy. However, with the computer gone am I willing to risk it. Since then, I encrypted my data drive and run Eraser in the background at night to erase the free space.
Question: Does cleaning the free space add anything if the drive is encrypted?
17-Mar-2012
Leo, based on your reply to Natâs 3/10/12 question, it sounds like CCleaner can wipe a free space even if that free space is encrypted (ie., no need to decrypt first) â is that correct?
Plus, you had mention in another article that using a file shredder causes accelerated wear on a flash/thumb drive. Does wiping the free space on a flash/thumb drive also cause the flash drive to wear out faster?
ThanksâŠ
@Yeppers
It would not be possible to wipe the free space inside an encrypted file with out first opening it. Since the free space is encrypted, the free space cleaner would have no way of determining what is free space or not. In any case, there is no need to wipe the free space on encrypted data as this free space would be inaccessible due to the encryption.