Greger Posted December 22, 2012 Share Posted December 22, 2012 I cannot for the life of me understand what this file is all about, or why it keeps showing up whenever I run Recuva on my external hard drive - and why it won't let itself be deleted. I've done several "wipe free space"-runs on the drive - yet it's still there. And the file says it's from early 2011, even though I've wiped the free space on my external hard drive many times both before and after 2011. The file's only 9kb in size. What's it all about? And why won't it disappear? Link to comment Share on other sites More sharing options...
Moderators Nergal Posted December 22, 2012 Moderators Share Posted December 22, 2012 (edited) does this help ? http://answers.yahoo.com/question/index?qid=20080814205506AAEg5mR Bootex.log is a file created by chkdsk.exe when it is run; its results are rolled into the main log after the system finished booting. If chkdsk.exe is interrupted, bootex.log can become corrupted. Edited December 22, 2012 by Nergal quoted too much ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF. Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark) ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T. Support at https://support.ccleaner.com/s/?language=en_US Pro users file a PRIORITY SUPPORT via email support@ccleaner.com Link to comment Share on other sites More sharing options...
Greger Posted December 22, 2012 Author Share Posted December 22, 2012 does this help ? http://answers.yahoo...14205506AAEg5mR Not really. But thanks anyway. But I'm wondering: When securely deleting a file, or wiping free space (using CCleaner) - as I've done several times on my external hard drive without the bootex.log file disappearing - does it pose a "threat", as in that it still holds information of files that I have just, or on former occasions, securely deleted? Or what's the file for? Link to comment Share on other sites More sharing options...
Moderators Augeas Posted December 22, 2012 Moderators Share Posted December 22, 2012 The entry for bootex.log is held in the reserved part of the MFT In my setup the reserved part of the MFT holds 26 records, and bootex.log is record 17 (I would expect that other NFTS systems are the same, or remarkably similar). So whatever you do you won't be able to delete this entry from the MFT, and Recuva will always show it. When you're overwriting free space the file's data clusters will be overwritten, so only the MFT entry remains, and no secrets are exposed. I think that Nergal explained what it's for. The dates on my bootex are 03/02/2011. I wonder what happened then? Link to comment Share on other sites More sharing options...
Greger Posted December 22, 2012 Author Share Posted December 22, 2012 Alrighty then. Thanks! Link to comment Share on other sites More sharing options...
Greger Posted January 18, 2013 Author Share Posted January 18, 2013 I just securely deleted a couple of files on my external drive again, and upon doing another standard search with Recuva, it now found another few files: RestorePointSize - two of them, each 8kb A00######.ini - three of them change.log Are these nothing to be bothered with either, and why did they suddenly appear now? Link to comment Share on other sites More sharing options...
Moderators Augeas Posted January 18, 2013 Moderators Share Posted January 18, 2013 Restore point and Change log are sys restore files, nothing to worry about. I don't know what the A00 file is, but I wouldn't worry about that either. Link to comment Share on other sites More sharing options...
Alan_B Posted January 18, 2013 Share Posted January 18, 2013 A00######.ini - three of them change.log Under XP absolutely every deleted file that was preserved in a Restore Point was given a new name starting with letter 'A' then an incrementing number such as 000001234, but it retained the original extension, and Change.Log was updated with an entry that indexed A000001234 with the original name before deletion. Never had Vista Never used System Restore on Win 7 because it never helped and mostly damaged my XP experience. Link to comment Share on other sites More sharing options...
Greger Posted January 18, 2013 Author Share Posted January 18, 2013 I use XP, but I'm not sure if that matters since I found these files on my external hard drive. But I reckon the A00#####.ini files are nothing to care about either, then? Thanks again btw! Link to comment Share on other sites More sharing options...
Greger Posted January 31, 2013 Author Share Posted January 31, 2013 Now there are more "A00#####" files, with various file extensions. A huge bunch of A00#####.mst, a few A00#####.msi and some A00#####.exe. I don't know if it's Recuva messing up, but according to Recuva the .mst files are from/were most recently changed 2007, two years before I got my external hard drive. I guess it could've been manufactured around that time or before, but without really understanding Alan_B's answer above - why do these files, as well as the others mentioned before, pop up now all of a sudden? After securely deleting files, that is. And are they anything to be bothered with? On a side note, and now I'm going completely off topic, but when I checked the properties on my personal file folder on my external drive today, it contained 4,81 GB of data. However, checking the properties on the whole drive (E:), it says there's 5,97 GB of data on it. What could that extra amount of 1+ GB be? I made sure hidden files and hidden system files could be seen, then highlighted all the local "system" folders/files, and it only went up to about 1 MB of data. It's an NTFS drive btw. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now