Secure delete does seem to do nothing

[Hoffnungslosheim]

So my HD ran for like 3 hours to "Secure delete/overwrite" a bunch of files. Then I ran recuva again, and all of them are present w3ith a "no overwritten clusters found" as before. So I tried with a single file. Thje green dot changed to red. Same thingh, next start of the program it was green again. There is not much you could do differently...what can be the problem?

[Augeas]

What you are seeing is the file entry in the MFT. The file's data will have been overwritten, If you look in the Info pane in Recuva you will see that the header is all zeroes.

When you run a secure delete in Recuva the file status will turn to red, as Recuva knows that it has been overwritten in that session. When you restart Recuva the status will be back to green, as Recuva has no way of knowing that you overwrote the file on the last run, and a file of all zeroes is, or can be, a valid file.

[Hoffnungslosheim]

Thanks for the fast response! Guess I can relax then

[ArchAngle]

That does bring up an issue that whilst it is secure deleting the files making them unrecoverable a record of the name of the file can still be present and reported by Recuva.

That in itself is evidence the file was on your PC and possibly even useful information to anyone unauthorised who might gain access to your PC.

Using CCleaner to wipe free space on a volume will multiple overwrite it with ZZZZZZZZZZZ file names, I think including the MFT. However if before that was done the deleted file space was over-written by another file still in use the 'underlying' file name may still be read by Recuva.        

[Augeas]

That's the fundamental difference between CC's secure delete and Recuva's. CC can legitimately rename a file because it is still live, but Recuva can't because the file is deleted and its MFT record is inaccessible. Also small files, under 700 bytes or so, can be contained wholly within the MFT so remain in their entirety.

What is wanted is an independent MFT wiper, with random lower case file names instead of those ugly ZZZ capitals. You can of course build your own MFT wiper. Create a folder on a flash drive with sub-folders holding say 20 files with random names and a few bytes of data. Duplicate the sub-folders until you have a few thousand files. Just copy the lot to your drive, and  then delete them. If you do that all your incriminating file names and contents will have gone.

Surprisingly since I went to Win 10 I can find hardly any user files with Recuva. It's as if constant updates are overwriting the deleted user data files. Perhaps they are.