Manually Reset or Clear the Dirty Bit in Windows without CHKDSK or a Hex Editor

Another hidden gem

Recently I had a multi-boot system when booting Windows Server 2008 it would constantly want to do a consistency check when starting. If I let it run the consistency check it would corrupt the boot volume. So, anytime I rebooted I had to remember to quickly press any key to stop the automatic disk check process. Here’s a screenshot of what I’m talking about.

I thought there has to be a way to reset that dirty bit. So, I started searching the internet. This ended up being a much bigger deal than I had imagined. Just about every site suggested using a hex editor to manually set the bit on the byte that contains the dirty bit location. Well, that’s just great if you don’t mind taking the risk. I attempted to use the utilities but I could never find a match for the byte that was listed. I didn’t want to just try it on a close match and make the drive completely not bootable. So, I kept searching…

Finally I found CHKNTFS.EXE on a Microsoft website the original article can be found here. I was pretty surprised all the other solutions could be so potentially dangerous, and here was a simple utility to do exactly what I wanted. Here’s how to use it and for this tutorial we’ll assume the drive I want to stop checking is drive C.

How to use CHKNTFS.EXE to reset the dirty bit

First you’ll want to open an elevated command prompt. Just go to your start menu, find “Windows System”, then right click “Command Prompt” and select “More”, then “Run as Administrator”.

From here you’ll get a command prompt…

 

Now, type chkntfs /x c:

Note that it doesn’t return anything, so you might think it didn’t work. But, if you don’t get an error about incorrect syntax you’re good. Also, there are other switches that might be useful to see those check the link above. If you need computer hardware, networking support, any type of custom application work and are in the Dallas / Ft. Worth area I’d be happy to help, just give me a call 972.571.4808.

I can map the drive by IP but not name

The Other Options Didn’t Solve the Problem

When I had the problem of being able to see a shared drive on the file server only by using the IP address and not the name I began searching the internet for answers, some workstations would see it by name and some wouldn’t. There is a mixture of XP, Windows 7, and Windows 10 machines on the network and some of each different type would connect while others wouldn’t. When I searched the Internet I found solutions about going to ‘Credential Manager’ (Control Panel, Credential Manager, Windows Credentials) and removing the saved credentials and that seemed to solve the problem for a lot of people, but not for me.

Back Story / How I got in this Mess

The machine that the file server was on crashed. The drive was fine, but the system itself stopped working. After tracing it to the motherboard I knew there wasn’t going to be a quick fix. This is a small company and they only have one other machine that is used as the SQL server, there old machines, but were pretty good when they were purchased years ago. Anyway, I needed to get this drive up as soon as possible, so not having time to get a new machine and do a bare metal restore, I took down the SQL machine long enough to install the file server drive into it. Then installed Virtualbox, and having the virtual computer use the physical hard drive of the server computer. Whala (voila if your french), file server is back online inside the SQL server box. (They both had similar hardware that aided in making this possible).

As we move ahead in time a few weeks, I built a new machine and kept the old server drive as a virtual drive except converted the physical drive to an actual virtual drive. My thought here was that later I can virtualize both of them (file server and SQL server) and come up with a clustering solution spread over a couple physical machines. So, after putting it all together on a new machine and firing it up suddenly not all workstations see the shared folder on the file server. This is where the trauma begins…

The Solution

I used Windows 10 for the pictorial solution, but, if your familiar with things, just un-check IP version 6 from the list of protocols from the workstations that are having the problem and things should work for you too.

1. First, right click on you network taskbar icon

2. Then when the settings window opens select “Ethernet”

3. Next Select “Change Adapter Options”

4. On the next window “Right Click” on the “network adapter” and select “properties”

5. Next, Un-check the IP Version 6 protocol and select “OK”

Conclusion

You can’t make this stuff up. Anytime when you least expect it something will happen. I handled this with very little user disruption. Even when the server crashed, the time back up was under 3 hours and when the IPv6 problem happened it was intermittent and I could handle most of that over the weekend. Need expert help with your network? In the Dallas / Ft. Worth Area, call me. 972.571.4808.

 

New Year means New Threats…

Remember the IRS hoaxes, and FBI emails

Keep in mind the government doesn’t send emails. Also, be on the lookout for banking emails, be very careful. Sometimes if I get something and I’m not completely sure I’ll hover over one of the links in the email, outlook will usually display the underlying link as a balloon showing the actual location. If I see a strange website location address, then I know for sure it’s a phony. When in doubt, don’t click.

We Add to our Email Filter Once a Month

Every few weeks I sit down and go though my junk email and add those suspicious items.

One thing that might surprise you is that nearly 2.5 million emails have been processed by the server in the last 30 days. In addition of that 1 million were SPAM.

It’s a never ending battle, and striking a balance between what to allow and what to block is daunting. The SPAMers typically change the words in a subject just a little to get through and you can’t use the email address to block, because that will be different next time.

The Biggest Fear is Ransom-ware

In recent time, ransom-ware is the biggest threat. Using Microsoft’s own technology against you, clicking on an email link, or clicking on a suspicious website can infect your computer. The ransom-ware executes an encryption algorithm that encrypts all your documents, images and backups. The encryption key that unlocks it is sent to the perpetrators and you’ll have to pay them to unencrypt your files. This is true for both Apple and PC’s, no one is safe.

Some folks over at Cyber-Reason have put together a free utility that can help prevent ransom-ware attacks, it’s available from this link. Do a google search and you can find free ransom-ware protection for your Mac.

What should you do?

Well, if you’re one of my clients, you’re taken care of on an ongoing basis.  I work hard to help protect and clean up your inbox before you get it. If your not, you should be. Give me a call at 972.571.4808 and ask me about offsite automatic data backups, low cost hosting, and email hosting.