D
David Deley
I had corruption on my hard drive and couldn't get CHKDSK to run on
reboot. I finally found what was preventing CHKDSK from running on
reboot. It's so hard to diagnose I wanted to document how to
troubleshoot it here in case anyone else has the same problem.
To troubleshoot CHKDSK does not run on reboot:
1. Set a System Restore Point
2. Run msconfig
3. select 'Boot' tab
4. check "Boot log" and "OS boot information"
5. reboot. See what it says during boot.
6. after boot, check log file C:\WINDOWS\ntbtlog.txt
(or something similar to that, such as ntbootlog.txt)
7. One (or more) of these drivers being loaded is causing CHKDSK to say,
"Cannot open volume for direct access."
Stop these drivers from loading until CHKDSK works again.
Figure out which one (or ones) is causing the problem.
8. Pick a driver to disable (e.g. elrawdsk.sys)
9. Run Regedit
10. Search for that driver (elrawdsk.sys) under key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
11. Under that driver's registry entry, set 'Start' to 4
The service start methods & values are:
1. (unknown)
2. Automatic
3. Manual
4. Disabled
12. Set CHKDSK to run on reboot:
a. Right-click on the C: drive
b. Properties
c. Tools (tab)
d. "Error checking. This option will check the volume for errors."
click 'Check Now..."
e. select "Automatically fix file system errors" (checkbox)
f. 'Start'
g. "Windows can't check the disk while it's in use. Do you want to
check for hard disk errors the next time you start your computer?"
select 'Schedule disk check'
13. Reboot. See if CHKDSK runs during the reboot.
14. Repeat until you find the offending service(s).
In my case there were two drivers causing the problem:
1. elrawdsk.sys
"The process RawDisk Driver. Allows write-access to raw disk sectors for
user mode applications in Windows 2000, belongs to the software
ElRawDisk by EldoS Corporation."
(I probably installed a trial version of Crypto4, and the uninstaller
didn't remove this file.)
2. HMFAxCore826fcf267a04f6fadfb619829081c960.sys
Digitally signed by Eltima Software, and used by another 3rd party
virtual volume encryption program I was trying out.
References:
http://support.microsoft.com/kb/555484 (Unable to run CHKDSK)
http://www.file.net/process/elrawdsk.sys.html
Since there are well over 100 drivers that get loaded on boot, and most
are fine, I'll append here a list of drivers which are not the problem
and do not prevent CHKDSK from running. This will narrow down what
drivers to test disable. These drivers load on my Vista Home Premium and
CHKDSK runs OK on reboot. This list may be useful to someone
troubleshooting CHKDSK, as these are drivers they don't need to try
disabling:
Loaded driver \SystemRoot\system32\drivers\acpi.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys
Loaded driver \SystemRoot\system32\drivers\amdk8.sys
Loaded driver \SystemRoot\system32\drivers\atapi.sys
Loaded driver \SystemRoot\system32\drivers\ataport.sys
Loaded driver \SystemRoot\system32\drivers\battc.sys
Loaded driver \SystemRoot\system32\drivers\bcmwl6.sys
Loaded driver \SystemRoot\system32\drivers\beep.sys
Loaded driver \SystemRoot\system32\drivers\bowser.sys
Loaded driver \SystemRoot\system32\drivers\cdrom.sys
Loaded driver \SystemRoot\system32\drivers\chdart.sys
Loaded driver \SystemRoot\system32\drivers\chdrt32.sys
Loaded driver \SystemRoot\system32\drivers\classpnp.sys
Loaded driver \SystemRoot\system32\drivers\cmbatt.sys
Loaded driver \SystemRoot\system32\drivers\compbatt.sys
Loaded driver \SystemRoot\system32\drivers\cpqbttn.sys
Loaded driver \SystemRoot\system32\drivers\crcdisk.sys
Loaded driver \SystemRoot\system32\drivers\dfsc.sys
Loaded driver \SystemRoot\system32\drivers\disk.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\system32\drivers\dxgkrnl.sys
Loaded driver \SystemRoot\system32\drivers\eabfiltr.sys
Loaded driver \SystemRoot\system32\drivers\ecache.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fs_rec.sys
Loaded driver \SystemRoot\system32\drivers\fwpkclnt.sys
Loaded driver \SystemRoot\system32\drivers\hdaudbus.sys
Loaded driver \SystemRoot\system32\drivers\hidusb.sys
Loaded driver \SystemRoot\system32\drivers\hpqkbfiltr.sys
Loaded driver \SystemRoot\system32\drivers\hpqremhid.sys
Loaded driver \SystemRoot\system32\drivers\hsx_cnxt.sys
Loaded driver \SystemRoot\system32\drivers\hsx_dpv.sys
Loaded driver \SystemRoot\system32\drivers\hsxhwazl.sys
Loaded driver \SystemRoot\system32\drivers\http.sys
Loaded driver \SystemRoot\system32\drivers\i8042prt.sys
Loaded driver \SystemRoot\system32\drivers\kbdclass.sys
Loaded driver \SystemRoot\system32\drivers\kbdhid.sys
Loaded driver \SystemRoot\system32\drivers\ksecdd.sys
Loaded driver \SystemRoot\system32\drivers\lltdio.sys
Loaded driver \SystemRoot\system32\drivers\luafv.sys
Loaded driver \SystemRoot\system32\drivers\mdmxsdk.sys
Loaded driver \SystemRoot\system32\drivers\modem.sys
Loaded driver \SystemRoot\system32\drivers\monitor.sys
Loaded driver \SystemRoot\system32\drivers\mouclass.sys
Loaded driver \SystemRoot\system32\drivers\mouhid.sys
Loaded driver \SystemRoot\system32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\drivers\mpsdrv.sys
Loaded driver \SystemRoot\system32\drivers\mrxdav.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb10.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb20.sys
Loaded driver \SystemRoot\system32\drivers\msfs.sys
Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
Loaded driver \SystemRoot\system32\drivers\msiscsi.sys
Loaded driver \SystemRoot\system32\drivers\mspqm.sys
Loaded driver \SystemRoot\system32\drivers\msrpc.sys
Loaded driver \SystemRoot\system32\drivers\mssmbios.sys
Loaded driver \SystemRoot\system32\drivers\mup.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\ndistapi.sys
Loaded driver \SystemRoot\system32\drivers\ndisuio.sys
Loaded driver \SystemRoot\system32\drivers\ndiswan.sys
Loaded driver \SystemRoot\system32\drivers\ndproxy.sys
Loaded driver \SystemRoot\system32\drivers\netbios.sys
Loaded driver \SystemRoot\system32\drivers\netbt.sys
Loaded driver \SystemRoot\system32\drivers\netio.sys
Loaded driver \SystemRoot\system32\drivers\npfs.sys
Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
Loaded driver \SystemRoot\system32\drivers\ntfs.sys
Loaded driver \SystemRoot\system32\drivers\null.sys
Loaded driver \SystemRoot\system32\drivers\nvlddmkm.sys
Loaded driver \SystemRoot\system32\drivers\nvmfdx32.sys
Loaded driver \SystemRoot\system32\drivers\nvsmu.sys
Loaded driver \SystemRoot\system32\drivers\nvstor32.sys
Loaded driver \SystemRoot\system32\drivers\nwifi.sys
Loaded driver \SystemRoot\system32\drivers\ohci1394.sys
Loaded driver \SystemRoot\system32\drivers\pacer.sys
Loaded driver \SystemRoot\system32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\drivers\pci.sys
Loaded driver \SystemRoot\system32\drivers\pciide.sys
Loaded driver \SystemRoot\system32\drivers\pciidex.sys
Loaded driver \SystemRoot\system32\drivers\peauth.sys
Loaded driver \SystemRoot\system32\drivers\pxhelp20.sys
Loaded driver \SystemRoot\system32\drivers\rasacd.sys
Loaded driver \SystemRoot\system32\drivers\rasl2tp.sys
Loaded driver \SystemRoot\system32\drivers\raspppoe.sys
Loaded driver \SystemRoot\system32\drivers\raspptp.sys
Loaded driver \SystemRoot\system32\drivers\rassstp.sys
Loaded driver \SystemRoot\system32\drivers\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\rdpcdd.sys
Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
Loaded driver \SystemRoot\system32\drivers\rimmptsk.sys
Loaded driver \SystemRoot\system32\drivers\rimsptsk.sys
Loaded driver \SystemRoot\system32\drivers\rixdptsk.sys
Loaded driver \SystemRoot\system32\drivers\rspndr.sys
Loaded driver \SystemRoot\system32\drivers\sdbus.sys
Loaded driver \SystemRoot\system32\drivers\secdrv.sys
Loaded driver \SystemRoot\system32\drivers\smb.sys
Loaded driver \SystemRoot\system32\drivers\spldr.sys
Loaded driver \SystemRoot\system32\drivers\srtsp.sys
Loaded driver \SystemRoot\system32\drivers\srtspx.sys
Loaded driver \SystemRoot\system32\drivers\srv.sys
Loaded driver \SystemRoot\system32\drivers\srv2.sys
Loaded driver \SystemRoot\system32\drivers\srvnet.sys
Loaded driver \SystemRoot\system32\drivers\storport.sys
Loaded driver \SystemRoot\system32\drivers\swenum.sys
Loaded driver \SystemRoot\system32\drivers\symdns.sys
Loaded driver \SystemRoot\system32\drivers\symfw.sys
Loaded driver \SystemRoot\system32\drivers\symids.sys
Loaded driver \SystemRoot\system32\drivers\symim.sys
Loaded driver \SystemRoot\system32\drivers\symndisv.sys
Loaded driver \SystemRoot\system32\drivers\symredrv.sys
Loaded driver \SystemRoot\system32\drivers\symtdi.sys
Loaded driver \SystemRoot\system32\drivers\syntp.sys
Loaded driver \SystemRoot\system32\drivers\tcpip.sys
Loaded driver \SystemRoot\system32\drivers\tcpipreg.sys
Loaded driver \SystemRoot\system32\drivers\tdx.sys
Loaded driver \SystemRoot\system32\drivers\termdd.sys
Loaded driver \SystemRoot\system32\drivers\tunmp.sys
Loaded driver \SystemRoot\system32\drivers\tunnel.sys
Loaded driver \SystemRoot\system32\drivers\udfs.sys
Loaded driver \SystemRoot\system32\drivers\umbus.sys
Loaded driver \SystemRoot\system32\drivers\usbccgp.sys
Loaded driver \SystemRoot\system32\drivers\usbehci.sys
Loaded driver \SystemRoot\system32\drivers\usbhub.sys
Loaded driver \SystemRoot\system32\drivers\usbohci.sys
Loaded driver \SystemRoot\system32\drivers\usbvideo.sys
Loaded driver \SystemRoot\system32\drivers\vga.sys
Loaded driver \SystemRoot\system32\drivers\volmgr.sys
Loaded driver \SystemRoot\system32\drivers\volmgrx.sys
Loaded driver \SystemRoot\system32\drivers\volsnap.sys
Loaded driver \SystemRoot\system32\drivers\wanarp.sys
Loaded driver \SystemRoot\system32\drivers\wd.sys
Loaded driver \SystemRoot\system32\drivers\wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\wdfldr.sys
Loaded driver \SystemRoot\system32\drivers\wmiacpi.sys
Loaded driver \SystemRoot\system32\drivers\wmilib.sys
Loaded driver \SystemRoot\system32\drivers\xaudio.sys
Loaded driver \SystemRoot\system32\hal.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\ntkrnlpa.exe
Loaded driver \SystemRoot\system32\BOOTVID.dll
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \??\C:\Windows\system32\drivers\CO_Mon.sys
Loaded driver \??\C:\Windows\system32\drivers\SYMEVENT.SYS
Loaded driver \??\C:\Windows\system32\drivers\lxdisk.sys
Loaded driver \??\C:\Windows\system32\drivers\lxfs.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080429.001\IDSvix86.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080429.001\IDSvix86.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080507.024\NAVENG.SYS
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080507.024\NAVEX15.SYS
Loaded driver \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\EraserUtilRebootDrv.sys
Loaded driver \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\eeCtrl.sys
reboot. I finally found what was preventing CHKDSK from running on
reboot. It's so hard to diagnose I wanted to document how to
troubleshoot it here in case anyone else has the same problem.
To troubleshoot CHKDSK does not run on reboot:
1. Set a System Restore Point
2. Run msconfig
3. select 'Boot' tab
4. check "Boot log" and "OS boot information"
5. reboot. See what it says during boot.
6. after boot, check log file C:\WINDOWS\ntbtlog.txt
(or something similar to that, such as ntbootlog.txt)
7. One (or more) of these drivers being loaded is causing CHKDSK to say,
"Cannot open volume for direct access."
Stop these drivers from loading until CHKDSK works again.
Figure out which one (or ones) is causing the problem.
8. Pick a driver to disable (e.g. elrawdsk.sys)
9. Run Regedit
10. Search for that driver (elrawdsk.sys) under key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
11. Under that driver's registry entry, set 'Start' to 4
The service start methods & values are:
1. (unknown)
2. Automatic
3. Manual
4. Disabled
12. Set CHKDSK to run on reboot:
a. Right-click on the C: drive
b. Properties
c. Tools (tab)
d. "Error checking. This option will check the volume for errors."
click 'Check Now..."
e. select "Automatically fix file system errors" (checkbox)
f. 'Start'
g. "Windows can't check the disk while it's in use. Do you want to
check for hard disk errors the next time you start your computer?"
select 'Schedule disk check'
13. Reboot. See if CHKDSK runs during the reboot.
14. Repeat until you find the offending service(s).
In my case there were two drivers causing the problem:
1. elrawdsk.sys
"The process RawDisk Driver. Allows write-access to raw disk sectors for
user mode applications in Windows 2000, belongs to the software
ElRawDisk by EldoS Corporation."
(I probably installed a trial version of Crypto4, and the uninstaller
didn't remove this file.)
2. HMFAxCore826fcf267a04f6fadfb619829081c960.sys
Digitally signed by Eltima Software, and used by another 3rd party
virtual volume encryption program I was trying out.
References:
http://support.microsoft.com/kb/555484 (Unable to run CHKDSK)
http://www.file.net/process/elrawdsk.sys.html
Since there are well over 100 drivers that get loaded on boot, and most
are fine, I'll append here a list of drivers which are not the problem
and do not prevent CHKDSK from running. This will narrow down what
drivers to test disable. These drivers load on my Vista Home Premium and
CHKDSK runs OK on reboot. This list may be useful to someone
troubleshooting CHKDSK, as these are drivers they don't need to try
disabling:
Loaded driver \SystemRoot\system32\drivers\acpi.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys
Loaded driver \SystemRoot\system32\drivers\amdk8.sys
Loaded driver \SystemRoot\system32\drivers\atapi.sys
Loaded driver \SystemRoot\system32\drivers\ataport.sys
Loaded driver \SystemRoot\system32\drivers\battc.sys
Loaded driver \SystemRoot\system32\drivers\bcmwl6.sys
Loaded driver \SystemRoot\system32\drivers\beep.sys
Loaded driver \SystemRoot\system32\drivers\bowser.sys
Loaded driver \SystemRoot\system32\drivers\cdrom.sys
Loaded driver \SystemRoot\system32\drivers\chdart.sys
Loaded driver \SystemRoot\system32\drivers\chdrt32.sys
Loaded driver \SystemRoot\system32\drivers\classpnp.sys
Loaded driver \SystemRoot\system32\drivers\cmbatt.sys
Loaded driver \SystemRoot\system32\drivers\compbatt.sys
Loaded driver \SystemRoot\system32\drivers\cpqbttn.sys
Loaded driver \SystemRoot\system32\drivers\crcdisk.sys
Loaded driver \SystemRoot\system32\drivers\dfsc.sys
Loaded driver \SystemRoot\system32\drivers\disk.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\system32\drivers\dxgkrnl.sys
Loaded driver \SystemRoot\system32\drivers\eabfiltr.sys
Loaded driver \SystemRoot\system32\drivers\ecache.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fs_rec.sys
Loaded driver \SystemRoot\system32\drivers\fwpkclnt.sys
Loaded driver \SystemRoot\system32\drivers\hdaudbus.sys
Loaded driver \SystemRoot\system32\drivers\hidusb.sys
Loaded driver \SystemRoot\system32\drivers\hpqkbfiltr.sys
Loaded driver \SystemRoot\system32\drivers\hpqremhid.sys
Loaded driver \SystemRoot\system32\drivers\hsx_cnxt.sys
Loaded driver \SystemRoot\system32\drivers\hsx_dpv.sys
Loaded driver \SystemRoot\system32\drivers\hsxhwazl.sys
Loaded driver \SystemRoot\system32\drivers\http.sys
Loaded driver \SystemRoot\system32\drivers\i8042prt.sys
Loaded driver \SystemRoot\system32\drivers\kbdclass.sys
Loaded driver \SystemRoot\system32\drivers\kbdhid.sys
Loaded driver \SystemRoot\system32\drivers\ksecdd.sys
Loaded driver \SystemRoot\system32\drivers\lltdio.sys
Loaded driver \SystemRoot\system32\drivers\luafv.sys
Loaded driver \SystemRoot\system32\drivers\mdmxsdk.sys
Loaded driver \SystemRoot\system32\drivers\modem.sys
Loaded driver \SystemRoot\system32\drivers\monitor.sys
Loaded driver \SystemRoot\system32\drivers\mouclass.sys
Loaded driver \SystemRoot\system32\drivers\mouhid.sys
Loaded driver \SystemRoot\system32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\drivers\mpsdrv.sys
Loaded driver \SystemRoot\system32\drivers\mrxdav.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb10.sys
Loaded driver \SystemRoot\system32\drivers\mrxsmb20.sys
Loaded driver \SystemRoot\system32\drivers\msfs.sys
Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
Loaded driver \SystemRoot\system32\drivers\msiscsi.sys
Loaded driver \SystemRoot\system32\drivers\mspqm.sys
Loaded driver \SystemRoot\system32\drivers\msrpc.sys
Loaded driver \SystemRoot\system32\drivers\mssmbios.sys
Loaded driver \SystemRoot\system32\drivers\mup.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\ndistapi.sys
Loaded driver \SystemRoot\system32\drivers\ndisuio.sys
Loaded driver \SystemRoot\system32\drivers\ndiswan.sys
Loaded driver \SystemRoot\system32\drivers\ndproxy.sys
Loaded driver \SystemRoot\system32\drivers\netbios.sys
Loaded driver \SystemRoot\system32\drivers\netbt.sys
Loaded driver \SystemRoot\system32\drivers\netio.sys
Loaded driver \SystemRoot\system32\drivers\npfs.sys
Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
Loaded driver \SystemRoot\system32\drivers\ntfs.sys
Loaded driver \SystemRoot\system32\drivers\null.sys
Loaded driver \SystemRoot\system32\drivers\nvlddmkm.sys
Loaded driver \SystemRoot\system32\drivers\nvmfdx32.sys
Loaded driver \SystemRoot\system32\drivers\nvsmu.sys
Loaded driver \SystemRoot\system32\drivers\nvstor32.sys
Loaded driver \SystemRoot\system32\drivers\nwifi.sys
Loaded driver \SystemRoot\system32\drivers\ohci1394.sys
Loaded driver \SystemRoot\system32\drivers\pacer.sys
Loaded driver \SystemRoot\system32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\drivers\pci.sys
Loaded driver \SystemRoot\system32\drivers\pciide.sys
Loaded driver \SystemRoot\system32\drivers\pciidex.sys
Loaded driver \SystemRoot\system32\drivers\peauth.sys
Loaded driver \SystemRoot\system32\drivers\pxhelp20.sys
Loaded driver \SystemRoot\system32\drivers\rasacd.sys
Loaded driver \SystemRoot\system32\drivers\rasl2tp.sys
Loaded driver \SystemRoot\system32\drivers\raspppoe.sys
Loaded driver \SystemRoot\system32\drivers\raspptp.sys
Loaded driver \SystemRoot\system32\drivers\rassstp.sys
Loaded driver \SystemRoot\system32\drivers\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\rdpcdd.sys
Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
Loaded driver \SystemRoot\system32\drivers\rimmptsk.sys
Loaded driver \SystemRoot\system32\drivers\rimsptsk.sys
Loaded driver \SystemRoot\system32\drivers\rixdptsk.sys
Loaded driver \SystemRoot\system32\drivers\rspndr.sys
Loaded driver \SystemRoot\system32\drivers\sdbus.sys
Loaded driver \SystemRoot\system32\drivers\secdrv.sys
Loaded driver \SystemRoot\system32\drivers\smb.sys
Loaded driver \SystemRoot\system32\drivers\spldr.sys
Loaded driver \SystemRoot\system32\drivers\srtsp.sys
Loaded driver \SystemRoot\system32\drivers\srtspx.sys
Loaded driver \SystemRoot\system32\drivers\srv.sys
Loaded driver \SystemRoot\system32\drivers\srv2.sys
Loaded driver \SystemRoot\system32\drivers\srvnet.sys
Loaded driver \SystemRoot\system32\drivers\storport.sys
Loaded driver \SystemRoot\system32\drivers\swenum.sys
Loaded driver \SystemRoot\system32\drivers\symdns.sys
Loaded driver \SystemRoot\system32\drivers\symfw.sys
Loaded driver \SystemRoot\system32\drivers\symids.sys
Loaded driver \SystemRoot\system32\drivers\symim.sys
Loaded driver \SystemRoot\system32\drivers\symndisv.sys
Loaded driver \SystemRoot\system32\drivers\symredrv.sys
Loaded driver \SystemRoot\system32\drivers\symtdi.sys
Loaded driver \SystemRoot\system32\drivers\syntp.sys
Loaded driver \SystemRoot\system32\drivers\tcpip.sys
Loaded driver \SystemRoot\system32\drivers\tcpipreg.sys
Loaded driver \SystemRoot\system32\drivers\tdx.sys
Loaded driver \SystemRoot\system32\drivers\termdd.sys
Loaded driver \SystemRoot\system32\drivers\tunmp.sys
Loaded driver \SystemRoot\system32\drivers\tunnel.sys
Loaded driver \SystemRoot\system32\drivers\udfs.sys
Loaded driver \SystemRoot\system32\drivers\umbus.sys
Loaded driver \SystemRoot\system32\drivers\usbccgp.sys
Loaded driver \SystemRoot\system32\drivers\usbehci.sys
Loaded driver \SystemRoot\system32\drivers\usbhub.sys
Loaded driver \SystemRoot\system32\drivers\usbohci.sys
Loaded driver \SystemRoot\system32\drivers\usbvideo.sys
Loaded driver \SystemRoot\system32\drivers\vga.sys
Loaded driver \SystemRoot\system32\drivers\volmgr.sys
Loaded driver \SystemRoot\system32\drivers\volmgrx.sys
Loaded driver \SystemRoot\system32\drivers\volsnap.sys
Loaded driver \SystemRoot\system32\drivers\wanarp.sys
Loaded driver \SystemRoot\system32\drivers\wd.sys
Loaded driver \SystemRoot\system32\drivers\wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\wdfldr.sys
Loaded driver \SystemRoot\system32\drivers\wmiacpi.sys
Loaded driver \SystemRoot\system32\drivers\wmilib.sys
Loaded driver \SystemRoot\system32\drivers\xaudio.sys
Loaded driver \SystemRoot\system32\hal.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\ntkrnlpa.exe
Loaded driver \SystemRoot\system32\BOOTVID.dll
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \??\C:\Windows\system32\drivers\CO_Mon.sys
Loaded driver \??\C:\Windows\system32\drivers\SYMEVENT.SYS
Loaded driver \??\C:\Windows\system32\drivers\lxdisk.sys
Loaded driver \??\C:\Windows\system32\drivers\lxfs.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080429.001\IDSvix86.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080429.001\IDSvix86.sys
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080507.024\NAVENG.SYS
Loaded driver
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080507.024\NAVEX15.SYS
Loaded driver \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\EraserUtilRebootDrv.sys
Loaded driver \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\eeCtrl.sys