I've never actually deleted it with software installed that enables it, not feeling too experimental to do it really.
And I do wonder if deleting it would possibly cause a problem with some security software which will automatically enable it during setup if it isn't already enabled, such as; Avast Antivirus, Microsoft Security Essentials, etc...
If you delete the $UsnJrnl:$J on a domain controller, you will create a big problem. Before recommending anyone deletes a system file, you should be very sure of what you are saying.
As far as I can find, there is no 100% safe way to deal with a fragmented UsnJrnl. In some cases you "may" be able to delete it with no significant side effects. In others it may be catastrophic.
Here is a post from another site that sums up the issue around deleting this file on a DC.
This can be a really BAD idea on a domain controller. If you delete this file it KILLS the File Replication Service that keeps multiple DCs in sync. After doing this you have to manually reconnect and reinitialise the NTFRS from a DC that is still working. If you do this on all your DCs (eg: both) the only supported way to get back to a working system is a complete domain reinstall (or backups).
So while it is normally safe to delete this file there is a ball buster waiting for you.
The source of that post is located here, just so you can see the post in context.
Sadly, I will say that a year or so ago I learned this lesson the hard way when I followed instructions from someone that sounded very competent and deleted the file from a DC.
i have same issue $UsnJrnl:$J gets so big before i had to reinstall my system my $UsnJrnl:$J size was massive i had not reinstalled my system for yrs the size at last time i checked was 6 or 7 GB of a 40GB drive i had more files on system then
but i reinstalled xp pro and check like day later or so on sept 24 2013
it was around 55,313Kb
now on nov 14 2013 it's around
in app 399,279KB
in log 408861280KB
i do not know if $UsnJrnl:$J gets created right away when installing os
becuase first time i looked it was not there
im pretty sure it was not there untill 1 day or 2 after installing OS
can someone confirm this for me if $UsnJrnl:$J gets created right away or not when installing os
i do not know if $UsnJrnl:$J gets created right away when installing os
On a normal XP install I don't think it does. Like I eluded to a few posts up from 2 years ago in 2011 certain software will enable it, mostly I've seen antivirus software that enables it.
I don't however think the newest versions for the past few months of Microsoft Security Essentials enables it anymore on XP systems.
The only time I've ever deleted it with confidence and knew I probably wasn't going to break something was after I had uninstalled software I knew enabled it.
Using deletejournal Deleting or disabling an active journal is very time consuming, because the system must access all the records in the master file table (MFT) and set the last USN attribute to zero. This process can take several minutes, and can continue after the system restarts, if necessary. During this process, the change journal is not considered active, nor is it disabled. While the system is disabling the journal, it cannot be accessed, and all journal operations return errors. You should use extreme care when disabling an active journal, because it adversely affects other applications using the journal