KillDisk can be executed with some settings pre-defined when started from a command prompt with specific command line parameters.
KillDisk can be also launched in fully automated mode (batch mode) which requires no user interaction.
KillDisk execution behavior depends on either command line parameters (highest priority), settings configured in interactive mode and stored in the KILLDISK.INI file (lower priority), or default values (lowest priority).
To run Active@ KillDisk in command line mode, you open a command prompt screen. At the command prompt, start Active@ KillDisk for Windows by typing: KILLDISK.EXE -?
In Linux environment, type:
> KillDisk -?
A list of parameters appears. You can find explanations of them in the table below.
A list of parameters appears. The explanations of them can be found in the table below.
|no parameter||With no parameter, the Interactive screens will appear.|
|-erasemethod=[0 - 22]||-em=||2||0 - One pass zeros (quick, low security)
1 - One pass random (quick, low security)
2 - US DoD 5220.22-M (slow, high security)
3 - US DoD 5220.22-M (ECE) (slow, high security)
4 - Canadian OPS-II (slow, high security)
5 - British HMG IS5 Baseline (slow, high security)
6 - British HMG IS5 Enhanced (slow, high security)
7 - Russian GOST p50739-95 (slow, high security)
8 - US Army AR380-19 (slow, high security)
9 - US Air Force 5020 (slow, high security)
10 - Navso P-5329-26 (RL) (slow, high security)
11 - Navso P-5329-26 (MFM) (slow, high security)
12 - NCSC-TG-025 (slow, high security)
13 - NSA 130-2 (slow, high security)
14 - German VSITR (slow, high security)
15 - Bruce Schneier (slow, high security)
16 - Gutmann (very slow, highest security)
17 - User Defined Method. Number of Passes and Overwrite Pattern supplied separately.
18 - NIST 800-88 (1 pass zeros, quick)
19 - NIST 800-88 (1 pass random, quick)
20 - NIST 800-88 (3 pass zeros, slow, high security)
21 – Canadian CSEC ITSG-06 (3 passes, verify)
22 - US DoE M205.1-2 (3 passes ,verify)
|-passes=[1 - 99]||-p=||3||Number of times the write heads will pass over a disk area to overwrite data with User Defined Pattern. Valid for User Defined Method only|
|-verification=[1 - 100]||-v=||10||Set the amount of area the utility reads to verify that the actions performed by the write head comply with the chosen erase method (reading 10% of the area by default). Verification is a long process. Set the verification to the level that works for you better|
|-retryattempts=[1 - 99]||-ra=||2||Set the number of times that the utility will try to rewrite in the sector when the drive write head encounters an error|
|-eraseallhdds||-ea||Erase all detected disks|
|-excluderemovable||-xr||Exclude all removable disks from erasing, if –ea used|
|-excludefixed||-xf||Exclude all fixed disks from erasing, if –ea used|
|-excludedisk = [0,1,..63]||-xd=||Exclude disk from erasing, if –ea used|
|-erasehdd = [0,1,..63]||-eh=||Number in BIOS of the hard drive to be erased. First physical disk has a zero number. In Linux first disk usually named /dev/sda. In Windows Disk Manager first disk is usually named Disk 0. On older systems (DOS, Windows 9x) first disk is usually named 80h (obsolete syntax is still supported in the parameter)|
|-wipehdd = [0,1,..63]||-wh=||Wipe out unallocated space on the disk specified by BIOS number|
|-wipeallhdds||-wa||Wipe all detected disks|
|-ignoreerrors||-ie||Do not stop erasing each time a disk error is encountered. When you use this parameter, all errors are ignored and just placed to the application log|
|-stopaftererrors = [1,2..]||-er=||Stop erasing process after specific number of writing errors encountered|
|-clearlog||-cl||Use this parameter to clear the log file before recording new activity. When a drive is erased, a log file is kept. By default, new data is appended to this log for each erasing process. By default the log file is stored in the same folder where the software is located|
|-exportlog||-el||Export a log file as XML report|
|-logpath=["fullpath"]||-lp=||Path to save application log file. Can be either directory name or full file name. Use quotes if full path contains spaces|
|-certpath=["fullpath"]||-cp=||Path to save erase/wipe certificate. Can be either directory name or full file name. Use quotes if full path contains spaces|
|-inipath=["fullpath"]||-ip=||Path to the configuration file (KILLDISK.INI) for loading the advanced settings|
|-noconfirmation||-nc||Skip confirmation steps before erasing starts. By default, confirmation steps will appear in command line mode for each hard drive as follows: Are you sure?|
|-beep||-bp||Beep after erasing is complete|
|-test||If you are having difficulty with Active@ KillDisk, use this parameter to create a hardware information file to be sent to our technical support specialists|
|-batchmode||-bm||Execute in batch mode based on command line parameters and INI file settings (without user interaction, all operations being stored to log file)|
|-userpattern =["fullpath"]||-u||File to get user-defined pattern from. Applied to User Defined erase method. Each line in the file corresponds to the particular pass pattern|
|-shutdown||-sd||Save log file and shutdown PC after completion|
|-nostop||-ns||Prevent erase/wipe stop action|
|-help or -?||Display this list of parameters|
Parameters -test and -help must be used alone. They cannot be used with other parameters.
Commands –erasehdd, -eraseallhdds, -wipehdd and -wipeallhdds cannot be combined.
Type the command and parameters into the command prompt console screen at the prompt.
killdisk.exe -eh=80h -bm
> KillDisk -eh=80h -bm
In the example above, data on device 80h will be erased using the default method (US DoD 5220.22-M) without confirmation and returning to the command prompt screen when complete.
> killdisk.exe -eh=80h -nc -em=2
> KillDisk -eh=80h -nc -em=2
In this example, all data on the device 80h will be erased using US DoD 5220.22-M method without confirmation and showing a report at the end of the process.
In Linux environment, to detect and work with physical disks properly, Active@ KillDisk must be launched under SuperUser account, so, if you are not a SuperUser, you should type a prefix sudo, or su (for different linux versions) before each command.
After you have typed KillDisk and added command line parameters, press ENTER to complete the command and start the process.
Information on how drives have been erased is displayed on the screen when the operation has completed successfully. KillDisk execution behavior depends on either command line parameters (highest priority), settings configured in interactive mode and stored in the KILLDISK.INI file (lower priority), or default values (lowest priority).
This feature is intended for advanced users.
Batch mode allows KillDisk to be executed in fully automated mode without any user interaction. All events and errors (if any) will be placed in the log file.
This allows system administrators and technicians to automate erase/wipe tasks by creating scripts (*.CMD, *.BAT files) for different scenarios that can be executed later on in different environments.
To start KillDisk in batch mode, add the –bm (or -batchmode) command line parameter to the other parameters and execute KillDisk either from the command prompt, or by running a script.
Here is an example of batch mode execution with the wipe command:
> KillDisk -wa -bm -em=16
This will using Gutman's method and returning to the command prompt when complete, wipe all deleted data and unused clusters on all attached physical disks without any confirmations.
If –ns (-nostop) command line parameter is specified, no user interaction is possible after erase/wipe action started, so user cannot cancel the command being executed.
After execution, application returns exit codes to the operating system environment: 0 (zero) if all disks being erased successfully, 1 (one) if errors occurred or nothing erased/wiped, and 2 (two) if minor warnings occurred.
When you start KillDisk, change its settings (erase method, certificate options, etc…) and close the application, all current settings are saved to the KILLDISK.INI file in the location of the KillDisk executable. These settings will be used as default values the next time KillDisk is run.
KILLDISK.INI is a standard text file possessing sections, parameter names and values. All KillDisk settings are stored in the [General] section.
For parameter storage the syntax being used:
Here is an example of INI file:
[General] logging=0 showCert=true saveCert=false initDevice=true clearLog=false ignoreErrors=false skipConfirmation=true retryAtt=2 certPath=C:\\Program Files\\LSoft Technologies\\Active KillDisk\\ logPath=C:\\Program Files\\LSoft Technologies\\Active KillDisk\\ logName=killdisk.log …
When KillDisk is running in interactive mode, all these parameters can be configured from a settings dialog accessed by clicking the “Settings” toolbar button. They also can be changed manually by editing the KILLDISK.INI file in any text editor such as Notepad.
Here is an explanation of all settings:
|showCert=||true||true/false – option of displaying the Erase/Wipe Certificate for printing after completion|
|saveCert=||false||true/false – option of saving the Erase/Wipe Certificate after completion|
|certPath=||Full path to the location where Erase/Wipe Certificate will be saved. This is a directory name|
|logPath=||Full path to the location where log file will be saved. This is a directory name|
|logName=||Name of the log file where event log will be saved to|
|skipConfirmation=||false||true/false – whether to display or skip Erase/Wipe confirmation dialog, or not|
|ignoreErrors=||false||true/false – whether to display disk writing errors (bad sectors), or ignore them (just place them to the log file)|
|clearLog=||false||true/false – whether to truncate log file content before writing new sessions, or not (append to existing content)|
|initDevice=||true||true/false – whether to initialize disks after erasing complete, or not|
|fingerPrint=||false||true/false – whether to initialize disk(s) and write fingerprint to the disk's first sector, or not|
|hideDefaultLogo||false||true/false – whether to hide default KillDisk logo at the top-left corner of the certificate, or not|
|shutDown=||false||true/false – whether to shutdown PC after Erase/Wipe execution complete, or not|
|sendSMTP=||false||true/false – to send e-mail report by e-mail via SMTP|
|useDefaultAccount=||true||true/false – use pre-defined Free SMTP account for sending e-mail reports|
|fromSMTP=||E-mail address you'll get a report from, for example: firstname.lastname@example.org|
|toSMTP=||E-mail address the report will be sent to|
|nameSMTP=||SMTP server (relay service) being used for sending e-mail reports, for example: www.smtp-server.com|
|portSMTP=||25||TCP/IP port SMTP service will be connected on. The standard SMTP port is 25, however some internet providers block it on a firewall|
|authorizeSMTP=||false||true/false – use SMTP authorization for sending e-mail reports (Username and Password must be defined as well)|
|usernameSMTP=||In case if SMTP service requires authorization, this is SMTP Username|
|passwordSMTP=||In case if SMTP service requires authorization, this is SMTP Password|
|showLogo=||false||true/false – whether to display custom Logo (image) on a Certificate, or not|
|logoFile=||Full path to the file location where Logo image is stored|
|clientName=||Client Name - custom text to be displayed on a Certificate|
|technicianName=||Technician Name - custom text to be displayed on a Certificate|
|companyName=||Company Name - custom text to be displayed on a Certificate|
|companyAddress=||Company Address - custom text to be displayed on a Certificate|
|companyPhone=||Company Phone - custom text to be displayed on a Certificate|
|logComments=||Any Comments - custom text to be displayed on a Certificate|
|killMethod=||2||[0-17] – Erase method to use for disk/volume erasing. See table of Erase Methods available. DoD 5220.22-M by default|
|killVerification=||true||true/false – whether to use data verification after erase, or not|
|killVerificationPercent=||10||[1-100] – verification percent, in case if data verification is used|
|killUserPattern=||ASCII text to be used for User Defined erase method as a custom pattern|
|killUserPasses=||[1-99] – number of overwrites to be used for User Defined erase method|
|wipeMethod=||2||[0-17] – Wipe method to use for volume wiping. See table of Erase Methods available. DoD 5220.22-M by default|
|wipeVerification=||true||true/false – whether to use data verification after wipe, or not|
|wipeVerificationPercent=||10||[1-100] – verification percent, in case if data verification is used|
|wipeUserPattern=||ASCII text to be used for User Defined wipe method as a custom pattern|
|wipeUserPasses=||[1-99] – number of overwrites to be used for User Defined wipe method|
|wipeUnusedCluster=||true||true/false – whether to wipe out all unused clusters on a volume, or not|
|wipeUnusedBlocks=||false||true/false – whether to wipe out all unused blocks in system records, or not|
|wipeFileSlackSpace=||false||true/false – whether to wipe out all file slack space (in last file cluster), or not|
|mapName=||Drive letter (with colon) to be assigned to the network share on Windows platform, or mount point on Linux|
|mapPath=||Full path to the network share, ex. \\SERVERNAME\Sharename|
|mapUser=||User account to be used to connect the network share|
|mapPass=||Password for the user account for network share connection|
You can find a more detailed explanation of each parameter in Erase/Wipe parameters.
When you start KillDisk with or without command line parameters, its execution behavior depends on either command line settings (highest priority), settings configured in interactive mode and stored in the KILLDISK.INI file (lower priority), or default values (lowest priority).
Default value means that if the KILLDISK.INI file is absent, or exists but contains no required parameter, the pre-defined (default) value will be used.