Ms Windows Pagefile and Privacy

From Wikichris
Jump to: navigation, search


In every version of MS Windows, the pagefile.sys is the virtual memory file that is saved on your hard drive. Therefore this file can become quite big.

This file contain a lot of information about what you are doing, and the problem is that it contains even some passwords. Extracting a password from pagefile.sys is not easy but it's still possible.

If you work on sensible data, this file could be the weak point of all your security process.



in Windows Vista and 7 you can encrypt these data, the option is available but not activated by default.

NB: your disk must use NTFS.

Launch a command window as administrator and type

fsutil behavior set EncryptPagingFile 1

Then you must reboot Windows

Here is the command to check if the functionality is activated

fsutil behavior query EncryptPagingFile

It should show

EncryptPagingFile =1

If you want to stop encrypting your pagefile

fsutil behavior set EncryptPagingFile 0

et vous reviendrez avec un PageFile non chiffré !


If you have a lot of RAM (4GB for example) you can disable the use of Pagefile.sys, it is said that your system become a lot faster, at least there will be nothing to spy on if it doesn't exist any more

Windows XP

  • Open the Start Menu and go to Control Panel
  • Click on the System icon
  • Select the Advanced tab
  • Under Performance, click Settings
  • Go to Advanced
  • Under Virtual Memory, click Change
  • Select No Paging File and then click Set
  • Click OK in all the menus
  • Restart

Windows Seven

  • Open up the Control Panel
  • Click on System and Security
  • Click on the System link
  • In the sidebar click on “Advanced system settings”
  • Go to the tab Advanced:
  • Click on Settings at the top (Performance field)
  • Go to the Advanced tab
  • At the bottom you will see how much disk space is currently used as virtual memory. Click on the Change button
  • Uncheck Automatically manage paging file size for all drives
  • Check No paging file and click on Set
  • Click on Ok and reboot. The pagefile.sys will be gone for good you don’t even have to delete it.

If the pagefile.sys is still there, don’t delete it manually and double-check that you followed the instructions carefully. Only then if the virtual memory is set to 0 you can try to delete the pagefile.sys