Ms Windows Pagefile and Privacy
In every version of MS Windows, the pagefile.sys is the virtual memory file that is saved on your hard drive. Therefore this file can become quite big.
This file contain a lot of information about what you are doing, and the problem is that it contains even some passwords. Extracting a password from pagefile.sys is not easy but it's still possible.
If you work on sensible data, this file could be the weak point of all your security process.
in Windows Vista and 7 you can encrypt these data, the option is available but not activated by default.
NB: your disk must use NTFS.
Launch a command window as administrator and type
fsutil behavior set EncryptPagingFile 1
Then you must reboot Windows
Here is the command to check if the functionality is activated
fsutil behavior query EncryptPagingFile
It should show
If you want to stop encrypting your pagefile
fsutil behavior set EncryptPagingFile 0
et vous reviendrez avec un PageFile non chiffré !
If you have a lot of RAM (4GB for example) you can disable the use of Pagefile.sys, it is said that your system become a lot faster, at least there will be nothing to spy on if it doesn't exist any more
- Open the Start Menu and go to Control Panel
- Click on the System icon
- Select the Advanced tab
- Under Performance, click Settings
- Go to Advanced
- Under Virtual Memory, click Change
- Select No Paging File and then click Set
- Click OK in all the menus
- Open up the Control Panel
- Click on System and Security
- Click on the System link
- In the sidebar click on “Advanced system settings”
- Go to the tab Advanced:
- Click on Settings at the top (Performance field)
- Go to the Advanced tab
- At the bottom you will see how much disk space is currently used as virtual memory. Click on the Change button
- Uncheck Automatically manage paging file size for all drives
- Check No paging file and click on Set
- Click on Ok and reboot. The pagefile.sys will be gone for good you don’t even have to delete it.
If the pagefile.sys is still there, don’t delete it manually and double-check that you followed the instructions carefully. Only then if the virtual memory is set to 0 you can try to delete the pagefile.sys