Hidden Windows Feature: Wipe free disk space with a simple command
Windows 7, Windows 8x and Windows 10
By now you know (or you should know) that when you delete files or folders in Windows, they’re not really deleted. Not even close. Deleting a file or folder merely tells Windows that the space occupied by the file or folder that you deleted is available for use, and Windows considers it free space, space it can use. So everything you delete is still on your computer, but the hard drive space it used shows as free space. Of course this means any of those files are very recoverable at least for a while. In fact, with the right software, everything you’ve ever had on your computer, every word you’ve typed, every picture you’ve saved and deleted, everything is recoverable.
Did you know there’s a hidden utility in Windows that will overwrite all the free space, thus making the files you’ve deleted virtually unrecoverable? There is and all it takes is a simple command to run it.
Press the Windows Key plus the “R” key and type:
cipher /w:C (where C is the letter of the drive you want to wipe). So if you want to wipe drive C, type: cipher /w:C . If you want to wipe drive D, type cipher /w:D . Please note the space between cipher and the forward slash.
Also, it’s important to note that wiping the free space on your drives does not affect any of your data or programs. It merely wipes the space Windows shows as free to use. So you aren’t going to lose any data by doing this.
One more thing: If you have a very large hard drive with a lot of free space, this process is going to take a long time, so be prepared. Also, closing all open applications while the free space is being wiped, helps speed up the process. So it’s best to do this when you’re not actively using your computer.
cipher /w:C doesn’t work in XP
If you opened the local search on your computer and typed in:
CIPHER.EXE
You will find it in these directories:
c:\windows\system32\cipher.exe 55kb
C:\Windows\ServicePackFiles\i386
C:\Windows\SoftwareDistribution\SelfUpdate
C:\Windpows\Prefetch
Open a run command and type in:
cmd click [OK]
On the command prompt type cipher /? Hit Enter on your keyboard. The
output will be this:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\USER>cipher /?
Displays or alters the encryption of directories [files] on NTFS partitions.
CIPHER [/E | /D] [/S:directory] [/A] [/i] [/F] [/Q] [/H] [pathname […]]
CIPHER /K
CIPHER /R:filename
CIPHER /U [/N]
CIPHER /W:directory
CIPHER /X[:efsfile] [filename]
/A Operates on files as well as directories. The encrypted file
could become decrypted when it is modified if the parent
directory is not encrypted. It is recommended that you encrypt
the file and the parent directory.
/D Decrypts the specified directories. Directories will be marked
so that files added afterward will not be encrypted.
/E Encrypts the specified directories. Directories will be marked
so that files added afterward will be encrypted.
/F Forces the encryption operation on all specified objects, even
those which are already encrypted. Already-encrypted objects
are skipped by default.
/H Displays files with the hidden or system attributes. These
files are omitted by default.
/I Continues performing the specified operation even after errors
have occurred. By default, CIPHER stops when an error is
encountered.
/K Creates new file encryption key for the user running CIPHER. If
this option is chosen, all the other options will be ignored.
/N This option only works with /U. This will prevent keys being
updated. This is used to find all the encrypted files on the
local drives.
/Q Reports only the most essential information.
/R Generates an EFS recovery agent key and certificate, then writes
them to a .PFX file (containing certificate and private key) and
a .CER file (containing only the certificate). An administrator
may add the contents of the .CER to the EFS recovery policy to
create the recovery agent for users, and import the .PFX to
recover individual files.
/S Performs the specified operation on directories in the given
directory and all subdirectories.
/U Tries to touch all the encrypted files on local drives. This
will
update user’s file encryption key or recovery agent’s key to the
current ones if they are changed. This option does not work with
other options except /N.
/W Removes data from available unused disk space on the entire
volume. If this option is chosen, all other options are ignored.
The directory specified can be anywhere in a local volume. If it
is a mount point or points to a directory in another volume, the
data on that volume will be removed.
/X Backup EFS certificate and keys into file filename. If efsfile
is
provided, the current user’s certificate(s) used to encrypt the
file will be backed up. Otherwise, the user’s current EFS
certificate and keys will be backed up.
CIPHER.EXE is not included in XP Home Edition.
When you say /W “Removes Data” – is this different than Cipher overwriting the data?
Cipher does not remove any data, it only overwrites deleted data.
“cipher /w:C” command-line only works on Windows Vista or later (Windows7, 8, 10) which contains Windows PowerShell in Start/All Programs/ Accessories/PowerShell.
So, I’m sorry 🙁
Cipher.exe is located in C:\Widnows\System32 in Windows 7, Windows 8, Windows 8.1 and Windows 10. It can be started from a simple run command on Windows 7, Windows 8, Windows 8.1 and Windows 10. You don’t need Powershell to run Cipher.
Like “dianna”, cipher /w:C doesn’t work on WinXP for me either.
Also, a search for “cipher” tells me the file doesn’t exist.
CIPHER.EXE
Search for CIPHER.EXE produced reply: “There are no results to display.”
Andy I.
I experienced the same problem as Andy. I have Windows exe pee ( kindle won’t let me put in the letters). What seems to be the problem ?
Thanks,
Mary Lynne James
CIPHER.EXE is included in XP Professional but not Home Edition.
So basically there is a typo. Many of you who get the dreaded “Cannot write 0xD0 may want to try this
cipher /w:C:
Without the colon after the C many systems will not run this command.
Thanks a lot.