I already sent this into support@immunet.com, but I'm posting it here as well in case anyone else runs into the same problem. I recently purchased Immunet Plus to run on my home PC. As soon as the Immunet installer finished, Event Viewer on
Windows logs the following two errors:
"Log Name: System
Source: Ntfs
Date: 4/28/2014 5:11:20 PM
Event ID: 55
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: adam-pc
Description:
A corruption was discovered in the file system structure on volume
\\?\Volume{5f48968d-ce78-11e3-8250-806e6f6e6963}.
A file on the volume is no longer reachable from its parent directory.
The parent file reference number is 0x2000000000002. The name of the
parent directory is "<unable to determine file name>". The parent index
attribute is ":$I30:$INDEX_ALLOCATION". The file reference number of
the file that needs to be reconnected is 0x100000000b0a2. There may be
additional files on the volume that also need to be reconnected to this
parent directory."
"Log Name: System
Source: Microsoft-Windows-Ntfs
Date: 4/28/2014 5:11:20 PM
Event ID: 98
Task Category: None
Level: Error
Keywords: (2)
User: SYSTEM
Computer: adam-pc
Description:
Volume \\?\Volume{5f48968d-ce78-11e3-8250-806e6f6e6963}
(\Device\HarddiskVolume1) needs to be taken offline to perform a Full
Chkdsk. Please run "CHKDSK /F" locally via the command line, or run
"REPAIR-VOLUME <drive:>" locally or remotely via PowerShell."
This happens IMMEDIATELY after the installation of Immunet. I've
installed and uninstalled the program several times now and it happens
every time I do the installation. Yesterday, thinking I had
uncorrectable hard drive errors I completely reformatted my PC and
reinstalled Windows. The problem went away until the exact moment I
installed Immunet.
Further investigation shows some other, Informational, alerts showing up in Event Viewer at the same time. This seems to be directly related to the "Trufos" file system filter driver that gets loaded during installation. Event viewer reports the following:
Log Name: System
Source: Service Control Manager
Date: 4/28/2014 5:11:20 PM
Event ID: 7045
Task Category: None
Level: Information
Keywords: Classic
User: adam-pc\adam
Computer: adam-pc
Description:
A service was installed in the system.
Service Name: BitDefender Threat Scanner
Service File Name: %SystemRoot%\System32\svchost.exe -k bdx
Service Type: user mode service
Service Start Type: demand start
Service Account: LocalSystem
---
Log Name: System
Source: Service Control Manager
Date: 4/28/2014 5:11:20 PM
Event ID: 7045
Task Category: None
Level: Information
Keywords: Classic
User: adam-pc\adam
Computer: adam-pc
Description:
A service was installed in the system.
Service Name: Trufos
Service File Name: C:\Windows\System32\Drivers\trufos.sys
Service Type: kernel mode driver
Service Start Type: demand start
Service Account:
---
Log Name: System
Source: Microsoft-Windows-FilterManager
Date: 4/28/2014 5:11:20 PM
Event ID: 6
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: adam-pc
Description:
File System Filter 'Trufos' (6.1, 2011-10-19T05:10:43.000000000Z) has successfully loaded and registered with Filter Manager
Note, all of those events, the registering of the BitDefender scanner, and Trufos kernel mode driver, all happen at 4/28/2014 5:11:20 PM. That is the exact same timestamp as the NTFS errors I mentioned above. Presumably the file system errors reported are directly related to the loading of this file system filter.
Additionally, I found a thread over in the Ad-Aware forums from one of their users reporting the same problem.
http://www.lavasofts...rors-important/
It seems Ad-Aware also uses an engine from BitDefender. The user here is also using Windows 8.1, like I am.
A few details about my PC:
1. I'm running Windows 8.1, with all the latest updates installed. This
is a completely fresh install, installed yesterday evening.
2. Rebooting my PC does not correct the errors mentioned above. Running
chkdsk manually does not indicate there are any errors on the file
system. The errors only go away once I uninstall Immunet, which subsequently stops the Trufos kernel driver from being loaded.
Any suggestions would be most appreciated.
Regards,
Adam
