SafeGuard Enterprise: Performing detailed check of the NTFS file system
Known to apply to the following Sophos product(s) and version(s)
Sophos SafeGuard Disk Encryption 5.50.8
Sophos SafeGuard Disk Encryption 22.214.171.124
Sophos SafeGuard Disk Encryption 126.96.36.199
Sophos Disk Encryption 5.61.0
SafeGuard Device Encryption 6.00.1
SafeGuard Device Encryption 6.0
SafeGuard Device Encryption 5.60.1
SafeGuard Device Encryption 5.60.0
SafeGuard Device Encryption 5.50
SafeGuard Device Encryption 188.8.131.52
Windows XP Professional SP2+, Windows Vista, Windows 7
What To Do
A detailed NTFS file system check can be achieved with chkdsk and the following syntax (partition C) : "chkdsk C: /F /V /X".
Chkdsk is a command-line tool that verifies the logical integrity of a file system and checks the file system and its metadata of a volume for logical and physical errors. Furthermore the MFT (Master File Table) of a file system will be checked for inconsistencies.
Checking the file system/hard disk is also part of the recommended steps prior to an installation of SafeGuard Enterprise (see also KBA:108088). Not following these highly recommended steps can lead to installation errors, worst case installation aborts.
After rebooting the system there is an entry in the event log (application log) of the checked computer under source "winlogon" with the ID "1001". It contains further information of this system check (CHKDSK).
In those cases where CHKDSK has reported errors, please run the program again to verify whether the errors could be removed. If the errors could not be removed, we recommend that you should contact your local support. Please scroll to the bottom of this article to find a negative example.
A detailed description about possible results can be found in the knowledge database of Microsoft (keyword: chkdsk) under: www.microsoft.com
CHKDSK [volume[[path]filename]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:size][/B]
|volume || |
Refers to the drive letter (followed by a colon), the allocation point or the volume
|filename || |
Only FAT/FAT32: files to be checked
|/F || |
Repairs errors on the hard disk
|/V || |
Only FAT/FAT32: reports the complete path and name of files on the hard disk
Only NTFS: reports additional correction messages (if available)
|/R || |
Finds bad sectors and restores readable data (needs /F)
|/L:size || |
NTFS only: changes the size of the logfile (KB). Without explicit size entered, the current size will be displayed
|/X || |
Forces the volume to be unmounted (if available). All open handles on the volume will get lost (needs /F)
|/I || |
NTFS only: skips the analysis of index entries
|/C || |
NTFS only: skips the analysis of cycles within the folder structure
- NTFS only: Re-evaluates bad clusters on the volume (implies /R)
The options /I and /C increase the performance of CHKDSK, because some analysis will be left out.
Below, please find an example for a system which shows severe inconsistencies within the NTFS file system.
Knowledgebase article 108088: How to prepare your system for the installation of SafeGuard Enterprise
Knowledgebase article 107347: How and why to use "defrag" within Windows