How to Clear the Windows NT Paging File at Shutdown

ID: Q182086

The information in this article applies to:

Microsoft Windows NT Workstation versions 3.51, 4.0
Microsoft Windows NT Server versions 3.51, 4.0
Microsoft Windows NT Server, Enterprise Edition version 4.0

IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SUMMARY

This article documents the method for clearing the Windows NT paging file (Pagefile.sys) during the shutdown process, so that no unsecured data is contained in the paging file when the shutdown process is complete.

Some third-party programs may temporarily store unencrypted (plain-text) passwords or other sensitive information in memory. Because of Windows NT's virtual memory architecture, this information may be present in the paging file.

Although clearing the paging file is not a suitable substitute for physical security of a computer, you may want to increase the security of data on a computer while Windows NT is not running.

MORE INFORMATION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it.

Start Registry Editor (Regedt32.exe).

Change the data value of the ClearPageFileAtShutdown value in the following registry key to a value of 1:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ Memory Management

If the value does not exist, add the following value:

Value Name: ClearPageFileAtShutdown Value Type: REG_DWORD Value: 1

This change does not take effect until you restart the computer.

For more information about Session Manager memory management settings, please refer to the following article in the Microsoft Knowledge Base:

ARTICLE-ID: Q102985
TITLE : REG: CurrentControlSet Entries PART 2: SessionManager

Additional query words: erase delete zero null wipe


Keywords          : kbenv 
Version           : WINNT:3.51,4.0
Platform          : winnt 
Issue type        : kbhowto

Last Reviewed: February 1, 1999