Jump to content
CCleaner Community Forums

secure deletion suggestion


login123

Recommended Posts

Seems to be concern about secure deletion. auto101234 and Green Eyes.

 

If I understand correctly, ccleaner will overwrite a file 1, 3, or 7 times, users choice, more overwrites is slower. Am I right about that? If so, that means that without extraordinary effort, the file contents are not recoverable, but some indicators are still present.

 

The dos batch files shown in the forums seem to only delete the target files, so probably the ccleaner default at startup would be more secure, but would still leave indications that a file had been there. Moving the (overwritten) file does the same thing. . .indicators are still present.

 

Two possibilities: use another developers free space wiper, or build one into ccleaner. As a rule they are sloooooow, start'em up, check on'em tomorrow. But, they would remove the tracks. Don't know of any free ones.

 

For ccleaner, may I make 2 suggestions: 1. that a free space wiper be incorporated, and 2. that the Peter Guttman 35 pass overwrite scheme be included as an option in the future.

 

Thanks. Have a happy and safe new year.

Link to post
Share on other sites

Thanks very much, will try it, have it on disk but not "deployed" yet.

 

Make sure you have either the old v5.7 or v5.82 which was released last week and no longer has the dangerous "first & last 2kB" feature introduced in v5.8.
Link to post
Share on other sites

CCleaner is mainly a random crap remover.

 

If you want secure file deletion, its better you look into something with that dedicated purpose, such as Eraser which other people have suggested.

Link to post
Share on other sites

Since CCleaner cleans files out of the recycle bin, what I've been doing is dropping files I want securely deleted there, enabling one of the secure delete methods in CCleaner, and then running it. It seems like that is a decent method of securely wiping files. Does that sound like a decent method or is it not advisable?

Link to post
Share on other sites

Sure, a decent method is advisable, and decent methods are available.

But if you are really serious about secure deletion, then you use software that is dedicated to the purpose of secure deletion.

Link to post
Share on other sites

Since CCleaner cleans files out of the recycle bin, what I've been doing is dropping files I want securely deleted there, enabling one of the secure delete methods in CCleaner, and then running it. It seems like that is a decent method of securely wiping files. Does that sound like a decent method or is it not advisable?

 

I actually use Eraser (5.7) for deleting almost everything, either via right click>erase or delete to recycle bin then erase recycle bin. Personally I trust Erasers secure deletion far more than CCleaners due to finding some files securely deleted by CCleaner easily recoverable.

Link to post
Share on other sites

Thanks, JDPower and Eldmannen, for pointing out that ccleaner is just for cleaning out space and getting rid of junk, which it does very well. A secure delete program would be necessary to get rid of files forever.

 

TEEJAY3800, the idea about the recycle bin should work for any files we put there, thanks for the suggestion. Ccleaner does apparently overwrite the files there, so they are pretty well gone when it is done.

 

By the way, what are those little boxes under our names? I have 2 now, had just one day before yesterday, does that mean I have gotten promoted? I am not listed as a newbie any more, so I guess so.

 

Be safe.

Link to post
Share on other sites
. . .some files securely deleted by CCleaner easily recoverable.

 

Hello, JDPower. I also am interested in the secure deletion issue.

 

It appears that the temporary internet files (TIFs) are not securely deleted at startup, just deleted. If the "easily recoverable files" were TIFs, maybe that is why they were recoverable. ???

 

Andavari pointed out the delete mechanism for TIFs here: http://forum.CCleaner.com/index.php?showtopic=8314

 

Don't want to be too inquisitive, but if those recoverable files were from an area that is supposed to be securely deleted, such as system\temporary files or system\windows log files, I would like to know that. Overwriting a file even once should mean that it would be difficult to get it back, and impossible for ordinary undelete utilities. So if you could remember the type of files which were easily recoverable it sure would help.

 

 

Thank you. Be safe. login123

Link to post
Share on other sites

This is a similar, but separate issue regarding secure file deletion. CCleaner overwrites files as many times as you specify in Options/Settings, and if you try to recover a file that CCleaner has overwritten, you will indeed find that it has been 'destroyed' (to some degree.) The problem is that the file name itself remains intact. Many other secure file deletion utilities destroy the file name completely, as well as overwriting the data. I, for one, would prefer that people could not recover my files OR read the file names that I have overwritten. Just a suggestion for future releases. This program remains on the top of my 'Favorites' list! Please keep up the GREAT work ! !

Link to post
Share on other sites

 

This is a similar, but separate issue regarding secure file deletion. CCleaner overwrites files as many times as you specify in Options/Settings, and if you try to recover a file that CCleaner has overwritten, you will indeed find that it has been 'destroyed' (to some degree.) The problem is that the file name itself remains intact. Many other secure file deletion utilities destroy the file name completely, as well as overwriting the data. I, for one, would prefer that people could not recover my files OR read the file names that I have overwritten. Just a suggestion for future releases. This program remains on the top of my 'Favorites' list! Please keep up the GREAT work ! !
where do you read the file names from? Some file names ARE undeletable. This is because they reside in the MFT and are impossible to get rid of, unless you delete the MFT itself. I believe this happens if a file is under a certain size.
Link to post
Share on other sites

I use a FAT file system, therefore no MFT. The file names are visible in almost any 'undelete' utility. Most erase utilities destroy the file name as well as the contents. CCleaner destroys the contents to 'X degree', but the file names remain intact. It is relatively easy to erase file names as well as overwriting their contents. Just a suggestion for future releases. Certainly destroying file content is the primary goal, but it is normally desireable to delete names as well when 'erasing' files. Thanks for listening.

Link to post
Share on other sites

hi,

 

my suggestion for secure file and folder deletion or wiping free hd space (including mft on ntfs partitions) is sysinternals sdelete. its a free and small (46kb zip, no installation needed) commandline utility.

 

http://www.microsoft.com/technet/sysintern...sk/SDelete.mspx

 

it uses the department of defense clearing and sanitizing standard dod 5220.22-m, but number of overwrites can be manually set for security freaks like me. file and folder name entries in the filesystem get wiped too:

 

 

"To overwrite file names of a file that you delete, SDelete renames the file 26 times, each time replacing each character of the file's name with a successive alphabetic character. For instance, the first rename of foo.txt would be to AAA.AAA".

 

it can also delete all free space including mft on ntfs systems. remind that file and folder names of already deleted files cannot be deleted securely because rebuilding the filesystem would be needed:

 

 

"The reason that SDelete does not securely delete file names when cleaning disk free space is that deleting them would require direct manipulation of directory structures. Directory structures can have free space containing deleted file names, but the free directory space is not available for allocation to other files. Hence, SDelete has no way of allocating this free space so that it can securely overwrite it."

 

the best secure delete utility for advanced users in my opinion, very usefull for batch files, sendto entries, startupscripts... check homepage for more details.

Link to post
Share on other sites
  • 2 weeks later...

There is a way to securely delete temporary internet files (TIF) which are locked by windows, using CCleaner. You will wish to move and overwrite 3 folders: Cookies, History, and Temporary Internet Files. You move them at startup to the C:\windows\temp folder. When they get to C:\windows\temp, CCleaner can securely delete them by overwriting them however many times you have told it to. The file names still exist, but the files are overwritten.

 

I have a DOS batch (bat) file that does it, but am not going to post it all here. Reason is that the file names for your installation of WXP may not be the same as mine, and the file paths must be described accurately in the bat file.

 

Sdelete is a great utility, but it will not easily delete these locked files on my computer, even after I move them. I don't know if Eraser will erase locked files or not, but CCleaner can do it automatically after they are moved to c:\windows\temp. This method is slower to set up, but when you get the bat file right and set CCleaner right, it is all done when you restart.

 

Well, here goes.

 

BE CAREFUL!

DOS does what you tell it to, not what you want it to. If you tell DOS to delete something, it sure will.

 

I will not accept any responsibility for damage or harm you do by performing this or any other operation. It works for me, but will not work for you unless you have the file paths set up right, have the .exe files in the right place, and have CCleaner and everything else set up right. The CCleaner team did not write, test, nor endorse this bat file.

If you don't know that you have everything right, don't run the bat file.

Sorry for the harsh language, but disasters happen when someone leaves out one little semicolon or letter from a bat file, or gets a file path wrong.

 

First, get on the internet and get 2 files: movefile.exe and pendmoves.exe. They are free at

http://www.microsoft.com/technet/sysintern.../PendMoves.mspx. Unzip them into your windows system folder, usually c:windows\system32. Usually NOT c:\windows\system, although that folder probably exists.

How they work.

The Movefile command will move the specified file or folder when you restart. The moved file will wind up in the folder from which you ran the movefile command. Tifbat3 will run movefile from c:\windows\temp, so that the TIF files will wind up there.

The pendmoves command shows you if any moves are scheduled to take place on restart.

--The line describing "Source:" (without the quotes) tells you which file or folder will be moved.

--The line describing "target:" (without the quotes) tells you where the file or folder will go.

 

Second, download tifbat3.txt to your computer.

 

Third, THIS IS VERY IMPORTANT: Edit tifbat3.txt to make sure all the file paths are correct for your computer.

 

This Bat file will delete all your cookies. If you don't want it to, leave out the line for cookies. Let CCleaner clean them using the options you prefer.

 

Fourth, set CCleaner options so that when you restart your computer:

It Does NOT

--clean Temporary Internet Files

--clean Cookies

--clean History

--Delete Index.dat files

It DOES clean

--System Temporary files

 

Fifth, rename tifbat3.txt to "tifbat3.bat" (without the quotes). This changes it to a bat file. Now it is ready to run (if the file paths are right). From now on, When you left click on it, it will execute. You might wish to make a shortcut to tifbat3.bat and drag it to your desktop screen. It will run from wherever it is, if you have DOS enabled.

 

To make it work, click on the tifbat3.bat file or the shortcut you made. A DOS window will open and you will get a prompt. You can then press any key to continue or you can exit. Unless you exit, the next time you restart windows, Movefile will move the 3 TIFs and CCleaner will overwrite them as many times as you have told it to. This will make your hard drive rattle and hum for a while. This takes longer if you have been on the internet a long time or if you have CCleaner set for multiple overwrites.

 

You should leave tifbat3 written so that you see the prompt every time. This is a safety feature, it allows someone to quit out of the operation if they start it by mistake.

 

BE CAREFUL! DOS DOES WHAT YOU TELL IT TO, NOT WHAT YOU WANT IT TO.

 

I hope this file helps.

 

Be safe.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...