1

I have a windoz xp disk that got infected by a virus, a particularly nasty one that hides in a gazillion places and 'activates' on many actions including plugging in any usb device, file writes, etc.

I want to completely erase the files, not just mark the file deleted. So, using an ubuntu 12 live CD, I figured I could shred the C directory and eliminate the threat. So, to shred everything, I needed to follow each directory recursively.

I used the following command: 

find * -exec shred -f -v -z -u {} \;

For 20 gb of data, the shredding lasted about 28 hrs.

After it was completed, I viewed the directory using: ls -l. I expected to see no files. What I saw instead was each filename with a green background. There were a few filename withouth the green background but the text was in green. So, what the heck does the green background mean, and more importantly, why are the files still there?

Radu Rădeanu
  • 174,089
  • 51
  • 332
  • 407
three_jeeps
  • 21
  • 5

2 Answers2

2

If you want to get rid of Windows, it would be far easier to just delete the Windows partition. This can be done with the GParted software program which is available from the software center. To delete the partition:

  • Open GParted and type in your password when prompted to grant it administrative privileges,
  • Locate your Windows partition and right click it to make sure it is not mounted ("Unmount" selection should be greyed out, click it if it isn't),
  • Select the Windows partition and click the Remove button, which is denoted with a red X,
  • As long as you are sure you don't want to risk keeping any important Windows files, click "Apply" and proceed.

To explain the problem you are having with shred: The -u option Deletes the files, but does not remove them. It is possible for the data of a file to be deleted, but the file's record will still remain in the filesystem.

What you are seeing with the ls command is basically the file system's record of the file, rather than file data. The reason shred was written that way is because the command is often used on a device file for a hard disk or something, such as dev/sda, and you don't want to delete those. To remove files after shredding them, use the --remove option.

Richard
  • 8,588
0

If you want the file names to be completely removed from the disk after shred just add -u as an option, as shown below

shred -vzu -n 5 filename.txt

The above command shred filename.txt

v - show progress

z - add a final overwrite with zeros

u - truncate and remove file after overwriting

-n 5 in 5 iterations

Erick
  • 250