Is it wise to shut down NOD32, Spysweeper and Online Armor when making new snapshots? And if so, if I reboot to that new snapshot, will those programs be on or shut down?

The recommended course of action may probably be to shut them down.

In reality I do not shut my security software down, the only thing I do is go offline, empty any sandboxes, and close any open or minimized windows

When you boot to that snapshot all will be as it was then (including virus definitions so they will have to be updated)

1. I get that I'd have to update the av definitions, but will the security software I have shut down prior to making the snapshot be shut down upon rebooting to that new snapshot?

2. Just ran the copy of primary. The main log shows lots of errors:
6/15/2008 22:40 4510 Snapshot "6-15-08 Snapshot w/Webcam" created
6/15/2008 22:40 1000 CMD> COPY "Primary Snapshot" "6-15-08 Snapshot w/Webcam" EXCLUDE *.tmp
6/15/2008 22:40 1032 Copying snapshot "Primary Snapshot" to "6-15-08 Snapshot w/Webcam"
6/15/2008 23:28 1035 Copied 14.01 Gb (81606 files, 9791 dirs); Errors 42306; 47 minutes

What am I doing wrong?

{QUOTE-> 1. I get that I'd have to update the av definitions, but will the security software I have shut down prior to making the snapshot be shut down upon rebooting to that new snapshot?

2. Just ran the copy of primary. The main log shows lots of errors:
6/15/2008 22:40 4510 Snapshot "6-15-08 Snapshot w/Webcam" created
6/15/2008 22:40 1000 CMD> COPY "Primary Snapshot" "6-15-08 Snapshot w/Webcam" EXCLUDE *.tmp
6/15/2008 22:40 1032 Copying snapshot "Primary Snapshot" to "6-15-08 Snapshot w/Webcam"
6/15/2008 23:28 1035 Copied 14.01 Gb (81606 files, 9791 dirs); Errors 42306; 47 minutes

What am I doing wrong? <-QUOTE}
WOW. Alot of errors. Are you running an automatic defragger ?

Only security stuff I run is Sandboxie,OA paid, and SSM. Obviously I don't browse when updating, but I don't do anything to OA or SSM. If they were shutdown, they would start up on reboot so that shouldn't matter.

All those errors. What are the actual errors. I had a situation that did that, and it caused FDISR to delete all the files in the target. Just can't remember the cause at the moment.


Pete

Excerpts:

6/15/2008 22:51:41 Adding "Documents and Settings\Our\Desktop\ritePenSetup.v.3.0.15.rs.trial.exe" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:51:41 Error - AAR::GetFileSecurity: The system cannot find the file specified.
6/15/2008 22:51:41 Windows error number 2
6/15/2008 22:51:41 Error - Adding "Documents and Settings\Settings\Our\Desktop\ritePenSetup.v.3.0.15.rs.trial.exe" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Creating folder "Documents and Settings\Settings\Our\Local Settings\Temp\26CB7BBD-700B-414F-B486-277FF06E3952" in "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Finalizing folder "Documents and Settings\Settings\Our\Local Settings\Temp\26CB7BBD-700B-414F-B486-277FF06E3952" in "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Adding "Documents and Settings\Settings\Our\Local Settings\Temp\26d8_appcompat.txt" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Creating folder "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52" in "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Adding "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52\fox.dll" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Error - AAR::GetFileSecurity: The system cannot find the file specified.
6/15/2008 22:54:12 Windows error number 2
6/15/2008 22:54:12 Error - Adding "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52\fox.dll" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Adding "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52\icu34.dll" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Error - AAR::GetFileSecurity: The system cannot find the file specified.
6/15/2008 22:54:12 Windows error number 2
6/15/2008 22:54:12 Error - Adding "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52\icu34.dll" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Adding "Documents and Settings\Settings\Our\Local Settings\Temp\30E12B95E592480F8E20708C63C39A52\icudt34.dll" to "6-15-08 Snapshot w/Webcam"
6/15/2008 22:54:12 Error - AAR::GetFileSecurity: The system cannot find the file specified.
6/15/2008 22:54:12 Windows error number 2

You've got something protecting or locking out those files. What security software are your running.

nod 32
online armour
spysweeper

above were turned off

trueimage

You may have a program trying to protect it's files, as written about here with the same error message as you have.

http://www.pctools.com/forum/archive/index.php/t-49292.html

Yes, I saw that. Question is...what program? If I Quit Spysweeper, NOD32, and Online Armour, what could be operating?

Acronis true image?
Mozy online backup?

I don't think it would be Acronis. Not familiar with Mozy Online backup, but if it is a continous backup maybe.

Pete

Got it working. I used task manager to close a bunch of things and FDISR had no problems with the snapshots. Hassle, yes, but mission accomplished.

Thanks for the assistance!

So what was the actual culprit? I am just curious.

{QUOTE-> So what was the actual culprit? I am just curious. <-QUOTE}
Not sure since I pretty much turned off all I could. I think their was some part of either NOD32 or Online Armor still running that got in the way.

Next time I'll do it systematically, but I didn't have time for that as I needed the snapshot done asap to protect the system.

I run OA full non av and don't shut it down by the way.

{QUOTE-> I run OA full non av and don't shut it down by the way. <-QUOTE}
You leave Online Armor on and FDISR works fine? Hmmm. I'll try it.

What do you mean non av?

{QUOTE-> You leave Online Armor on and FDISR works fine? Hmmm. I'll try it.

What do you mean non av? <-QUOTE}


I also leave OA on when I update FDISR. There is an AV version of Online Armor. Note I don't run any AV here.

I'll give it a shot with OA on and kill NOD32 next time.

I leave on OA AV+ and have not had any problems creating/updating snapshots or archives.
Pat

The only program that I turn off when updating something on ISR is Anti-Executable; I leave NOD and Comodo firewall version 2 turned on. Actually, I have accidentally left AE enabled a couple of times and ISR still updated just fine.

Acadia

{QUOTE-> The only program that I turn off when updating something on ISR is Anti-Executable; I leave NOD and Comodo firewall version 2 turned on. Actually, I have accidentally left AE enabled a couple of times and ISR still updated just fine.

Acadia <-QUOTE}

Makes sense. It's probably copy protection, so once copied, AE doesn't affect it.

I don't turn anything OFF : not my firewall, not DefenseWall, not Anti-Executable and that's all I have as security.
It's impossible for me to turn anything OFF, because I work with a frozen snapshot. You can only freeze the current snapshot and freeze is nothing but a copy/update from current snapshot to archive (Freeze Storage.arx).
If I turn everything OFF and I reboot, then I boot each time in an unprotected online snapshot and I'm not going to activate my security after each reboot, too inconvenient and not necessary either.
AE was a big problem in the past, not anymore after configuring AE properly.

The only error I get sometimes in FDISR is a known bug in FDISR, that has never been solved and will never be solved, since FDISR is dead. The bug was not important enough.
The bug only appears sometimes when snapshots are VERIFIED, an option that is OFF by default, which means that most users don't get these errors. :)