SafeGuard Enterprise: Performing detailed check of the NTFS file system

  • Article ID: 107799
  • Updated: 18 Jun 2014

Issue

SafeGuard Enterprise: Performing detailed check of the NTFS file system

Known to apply to the following Sophos product(s) and version(s)

Sophos SafeGuard Disk Encryption 5.50.8
Sophos SafeGuard Disk Encryption 5.50.1.17
Sophos SafeGuard Disk Encryption 5.50.0.116
Sophos Disk Encryption 5.61.0
SafeGuard Device Encryption 6.0
SafeGuard Device Encryption 5.60.1
SafeGuard Device Encryption 5.60.0
SafeGuard Device Encryption 5.50
SafeGuard Device Encryption 5.40.0.152
SafeGuard  Device Encryption 6.00.1

Operating systems
Windows XP Professional SP2+, Windows Vista, Windows 7

What To Do

A detailed NTFS file system check can be achieved with chkdsk and the following syntax (partition C) : "chkdsk C: /F /V /X".

Chkdsk is a command-line tool that verifies the logical integrity of a file system and checks the file system and its metadata of a volume for logical and physical errors. Furthermore the MFT (Master File Table) of a file system will be checked for inconsistencies.

Checking the file system/hard disk is also part of the recommended steps prior to an installation of SafeGuard Enterprise (see also KBA:108088). Not following these highly recommended steps can lead to installation errors, worst case installation aborts.

After rebooting the system there is an entry in the event log (application log) of the checked computer under source "winlogon" with the ID "1001". It contains further information of this system check (CHKDSK).

Note:
In those cases where CHKDSK has reported errors, please run the program again to verify whether the errors could be removed. If the errors could not be removed, we recommend that you should contact your local support. Please scroll to the bottom of this article to find a negative example.

A detailed description about possible results can be found in the knowledge database of Microsoft (keyword: chkdsk) under: www.microsoft.com

CHKDSK [volume[[path]filename]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:size][/B]

volume
    Refers to the drive letter (followed by a colon), the allocation point or the volume
filename
    Only FAT/FAT32: files to be checked
/F
    Repairs errors on the hard disk
/V
    Only FAT/FAT32: reports the complete path and name of files on the hard disk
    Only NTFS: reports additional correction messages (if available)
/R
    Finds bad sectors and restores readable data (needs /F)
/L:size
    NTFS only: changes the size of the logfile (KB). Without explicit size entered, the current size will be displayed
/X
    Forces the volume to be unmounted (if available). All open handles on the volume will get lost (needs /F)
/I
    NTFS only: skips the analysis of index entries
/C
    NTFS only: skips the analysis of cycles within the folder structure
/B  
  • NTFS only: Re-evaluates bad clusters on the volume (implies /R)

The options /I and /C increase the performance of CHKDSK, because some analysis will be left out.

Below, please find an example for a system which shows severe inconsistencies within the NTFS file system.

http://sophserv.sophos.com/repo_kb/107799/file/107799-chkdsk.txt


Related documents:

Knowledgebase article 108088: How to prepare your system for the installation of SafeGuard Enterprise

 

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments