How Can I Securely Delete Everything Except the Operating System? Five Steps to Get as Close as You Can

I’m about to give away my machine, but I want to leave Windows installed. How can I securely delete everything except the operating system?

You can’t.

Not really, not completely, and definitely not securely.

I’ll describe a few steps that will delete a lot — perhaps enough for your concerns — but it really depends on how paranoid you are about the various traces that will still be left on a machine you’ve been using a while.

Deleting everything? There’s only one way to do that.

While you can’t securely delete everything, you can get close.

  • Delete and uninstall data and programs.
  • Remove users.
  • Run a disk cleaning utility.
  • Delete some system files.
  • Wipe free space.

Alternately: erase everything, including Windows.

Delete and uninstall as much as you can

The process starts by deleting your data files and uninstalling all the programs you’ve used or added and don’t want to be part of the machine when it’s reused by someone else.

For your data files, that means deleting things from My Documents and wherever else you kept data files.

A good start for programs is to take a walk through Add/Remove Programs, or Programs and Features in Control Panel, or the Settings App, and just start uninstalling.

For extra security, you might want to use Revo Uninstaller instead. Revo not only lists more things, but it uninstalls more thoroughly. It uses a couple of levels of “aggressiveness” to determine what to remove, and this is one case where it makes sense to be as thorough as possible.

Remove all users but one

If your machine has more than one user account, remove all except for a single account that has administrator privileges. This should delete a plethora of files and settings associated with each account.

Clean crud

Run the built-in Disk Cleanup Utility, or, better yet, grab a copy of CCleaner (a free download — you do not need to buy support), and use it to clean up as much as it can.

The goal here is to remove traces from browser caches, temporary files, and a host of other things — many of which might be benign, but many others that may inadvertently contain things you’d rather not share with your machine’s subsequent owner.

Consider running a registry scan. I’m not a big fan of registry cleaners, but this is a case where they might remove additional information you don’t want left behind, and the cost of failure (an unbootable machine) is relatively low. You may want to take an image backup prior to the cleaning, in case you want to be able to recover from that worst-case scenario.

Turn off some system files

Set your virtual memory to zero and delete the paging files. Turn off Hibernation and remove the hibernation file.

These are hidden files in the root of your system drive, typically C:\.

Turn off System Restore.

All of these files could contain private information, and could be turned back on by the machine’s new owner should they so desire.

Securely erase the empty space

Using a tool like CCleaner’s “Drive Wiper”, securely erase unused space on your hard disk.

Merely deleting files doesn’t overwrite the data, so it could still be recovered. Tools like Drive Wiper actually overwrite all of the unused space on your hard drive with random data to completely remove all traces of what had been stored there before.

That’s about as good as you can get using this approach.

What still might be missed

The problem with this approach is that you don’t know what you might have missed.

Even after all the deleting and cleaning above, there might be system files left that indicate something about who you are or what you used the machine for. For example, registry settings could remain that contain settings for programs (perhaps even programs no longer installed).

You just don’t know.

That’s why this is not an approach I recommend.

Nuke it instead

Using a tool like DBAN erases the hard drive completely. It’s easy, and every single bit of every single byte — operating system, settings, programs, and data — is removed from the hard drive…

… including all your personal information.

Then, if you like (and if you can), reinstall the operating system from an install disk.

If you don’t have one, perhaps grab a free copy of a Linux distribution and install that instead.

But erasing the hard disk completely is the only way to be absolutely sure you haven’t left personal information on the machine prior to handing it off to someone else.

If you found this article helpful you’ll love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe (including what needs erasing, and when), and increase your confidence with technology.

Subscribe now, and I’ll see you there soon,

Video Narration

Originally published as How Can I Securely Delete Everything Except the Operating System? Five Steps to Get as Close as You Can on Ask Leo!