The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. Secure delete applications overwrite a deleted file's on-disk data using techiques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. SDelete (Secure Delete) is such an application. You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever. SDelete is presented with full source code so that you can verify yourself that it works as advertized. Note that SDelete securely deletes file data, but not file names located in free disk space. SDelete works on Windows 95, 98, Windows NT 4.0 and Windows 2000.It should work on XP. I suspect they haven't updated the page recently.
Another freeware alternative is Sami Tolvanen's Eraser :
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. The patterns used for overwriting are based on Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory" and they are selected to effectively remove magnetic remnants from the hard drive. Other methods include the one defined in the National Industrial Security Program Operating Manual of the US Department of Defense and overwriting with pseudorandom data. You can also define your own overwriting methods. Eraser works on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000 and Windows XP. Author notes there have been 500,000+ downloads. Guess we all have something worth hiding.
Taking a partition approach : NecroFile. NecroFile takes the partitions you select from a list and it overwrites the clusters with mock data. This will push all deleted programs off of the hard disk and into oblivion where it belongs. It does *not* damage any data that exists on the drive, and this is guaranteed. The speeds vary, and the user selects the one best suited to his or her computer processor. It can usually complete quickly, and the help file details all necessary information regarding the specifics. In the new release, the ability to destroy files individually (or entire directories) is introduced. This makes the selected files unable to be recovered under any circumstances. When deleting sensitive information, it is highly suggested to use this mode.
X-Ways Security: Permanent Erasure offers up to 9 fully configurable overwrite passes and the U.S. Department of Defense (DoD) standard for hard drive sanitization as specified in the 5220.22-M operating manual.