Solved

Checking the dirty bit in the registry

Posted on 2006-10-23
14
1,656 Views
Last Modified: 2008-01-09
I have used fsutil dirty query x: DOS command to see if the drive is dirty or not. What I need to find is the exact location in the registry where the dirty bit is located. I have found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute in the registry. I think this is the location of the dirty bit, but I am looking for confirmation. Also, I am looking for how to simulate a dirty bit so I can see what it will look like in the registry.

If this is not the right path, can someone tell me where it is? This is very urgent.
0
Comment
Question by:Mister_Spock
  • 5
  • 4
  • 3
  • +1
14 Comments
 
LVL 13

Expert Comment

by:haim96
ID: 17789609
0
 
LVL 38

Expert Comment

by:younghv
ID: 17789618
0
 
LVL 13

Expert Comment

by:haim96
ID: 17789624
and this one too :
http://support.microsoft.com/kb/218461/en-us

and yes,it's the right path acording to the article.
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17789627
0
 
LVL 4

Expert Comment

by:expexchuser
ID: 17789632
Everybody's quick on the trigger 'round here.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17789650
Sysinternals has the commands and the Registry location:

http://forum.sysinternals.com/forum_posts.asp?TID=3724


Very quick,
0
 
LVL 13

Expert Comment

by:haim96
ID: 17789655
:)
yap ... smoking mouse...
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 4

Expert Comment

by:expexchuser
ID: 17789661
I believe it!
0
 
LVL 3

Author Comment

by:Mister_Spock
ID: 17789963
Good information and I appreciate all of the feedback. I am looking for what the registry key in question will look like when set to dirty. I can use fsutil dirty set and it comes back saying the bit is set to dirty. What I can't find is where the dirty bit is set. I have written a program that will elevate the user permissions (all PC's are locked down except for a few) and runs a defrag. I need to have a program that will check the dirty bit and if it is dirty will inform the user to call the help desk. We have reason to believe that a defrag run on a system that has a dirty bit may break an HDD that is close to breaking anyway.

We want to give the help desk the opportunity to back up the HDD in question and run defrag remotely so that if the HDD does break, we have a recent back up of the data.  


0
 
LVL 4

Accepted Solution

by:
expexchuser earned 500 total points
ID: 17790116
Maybe I'll be fast enough this time.

There is a value called BootExecute in this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager

I scheduled a chkdsk on C: for next boot and here's what it set the value to
autocheck autochk /r \??\C:

Originally it was just
autocheck autochk *

So anything after or in leui of just the asterisk will mean a dirty bit is set.

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=0008
0
 
LVL 13

Expert Comment

by:haim96
ID: 17790139
whay don't you run a test in the login script or somthig?
just do :
fsutil dirty query C:
with error check and some "goto" commands that will popup a massage
0
 
LVL 13

Expert Comment

by:haim96
ID: 17790242
batch check.... just in case:
******************
echo off
fsutil dirty query e: |find /i "Volume - e: is NOT Dirty"
echo %errorlevel%
if %errorlevel%==1 goto yes

:no
echo no dirty bit on D:
goto exit

:yes
echo dirty bit on D:
:exit
****************************
0
 
LVL 38

Expert Comment

by:younghv
ID: 17790264
Did you even bother looking at my post?

"Sysinternals has the commands and the Registry location:
http://forum.sysinternals.com/forum_posts.asp?TID=3724"

launch regedit and locate HKLM\System\CurrentControlSet\Control\Session Manager
0
 
LVL 3

Author Comment

by:Mister_Spock
ID: 17790314
I found the location in the registry before I even posted my original question. What I wanted to know was what to look for if the bit is dirty. Yes I did look at your post; I looked at all of them. I picked the one I felt best answered my question.

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now