We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Checking the dirty bit in the registry

Mister_Spock asked
Medium Priority
Last Modified: 2008-01-09
I have used fsutil dirty query x: DOS command to see if the drive is dirty or not. What I need to find is the exact location in the registry where the dirty bit is located. I have found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute in the registry. I think this is the location of the dirty bit, but I am looking for confirmation. Also, I am looking for how to simulate a dirty bit so I can see what it will look like in the registry.

If this is not the right path, can someone tell me where it is? This is very urgent.
Watch Question

Author of the Year 2011
Top Expert 2006


and this one too :

and yes,it's the right path acording to the article.
Everybody's quick on the trigger 'round here.
Author of the Year 2011
Top Expert 2006

Sysinternals has the commands and the Registry location:


Very quick,

yap ... smoking mouse...
I believe it!


Good information and I appreciate all of the feedback. I am looking for what the registry key in question will look like when set to dirty. I can use fsutil dirty set and it comes back saying the bit is set to dirty. What I can't find is where the dirty bit is set. I have written a program that will elevate the user permissions (all PC's are locked down except for a few) and runs a defrag. I need to have a program that will check the dirty bit and if it is dirty will inform the user to call the help desk. We have reason to believe that a defrag run on a system that has a dirty bit may break an HDD that is close to breaking anyway.

We want to give the help desk the opportunity to back up the HDD in question and run defrag remotely so that if the HDD does break, we have a recent back up of the data.  

Maybe I'll be fast enough this time.

There is a value called BootExecute in this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager

I scheduled a chkdsk on C: for next boot and here's what it set the value to
autocheck autochk /r \??\C:

Originally it was just
autocheck autochk *

So anything after or in leui of just the asterisk will mean a dirty bit is set.


Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

whay don't you run a test in the login script or somthig?
just do :
fsutil dirty query C:
with error check and some "goto" commands that will popup a massage

batch check.... just in case:
echo off
fsutil dirty query e: |find /i "Volume - e: is NOT Dirty"
echo %errorlevel%
if %errorlevel%==1 goto yes

echo no dirty bit on D:
goto exit

echo dirty bit on D:
Author of the Year 2011
Top Expert 2006

Did you even bother looking at my post?

"Sysinternals has the commands and the Registry location:

launch regedit and locate HKLM\System\CurrentControlSet\Control\Session Manager


I found the location in the registry before I even posted my original question. What I wanted to know was what to look for if the bit is dirty. Yes I did look at your post; I looked at all of them. I picked the one I felt best answered my question.

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.