FD-R and NIS 2010

[squid13]

I'm using Windows 7Pro 64 bit. I installed FD-R on this computer and it doesn't play well with NIS 2010. When I copy and update to the rescue image the Norton comes out red in the task bar and wants to reinstall to fix it. I unchecked the tamper protection in Norton thinking that was it but still does the same. I have the old rescue from Horizon Data System on my XP machine along with NIS 2010 and I have no problem doing a copy and update on it. Does anyone have the new FD-R and Norton NIS on there machine and are you having problems with it?

[Leapfrog Software]

Greetings squid13,

I'll put this on my list to see what is going on. Some of these AV apps lock down raw sectors and cause issues with MS VSS. If you have my email, please ZIP and email me your log files (PM me if you don't have my email). Sometimes all it takes is to exclude a mischievous file or two.

If you are feeling brave, take a look in the last copy log and search for "Error:" to see what might be going on. We pretty much log everything we can.

[squid13]

Sent you a private message.

[Birdman]

I just purchased FD-Rescue and I also have NIS 2010 installed on my Win 7 x64 system. Seeing this thread, I am hesitant on installing Rescue at this moment if there are compatibility issues with Norton.

Todd, should I wait to install until you address this problem?

[Leapfrog Software]

Unless you have a test system to mess with, let me hit this one. I am going to fire NIS up today.

btw: We also have a user seeing an issue with Comodo Internet Security, where you have to FDR exclude the \Windows\System32\drivers\sfi.dat file. Any open file technology driver, in our case Microsoft's VSS, get access shut out to that driver.

[Leapfrog Software]

Greetings All,

I found the issue. NIS 2009 and NIS 2010, during installation, add a Microsoft VSS registry key for a NIS folder to not be available during a backup.

The NIS folder is C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs.

You can temporary solve this issue one of two ways:

a) Anchor the above location, or
b) Export the key(to save it off) and remove from the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToSnapshot\Norton AntiVirus Defs

I prefer solution (b) since it allows FDR to clone and make a duplicate copy of this data. If you have never played in the Windows registry, just do a) for now.

This is a temporary solution. We have a solution to detect for this situation and adapt to it for the next release of the FDR products.

[Birdman]

Quote:

Originally Posted by Leapfrog Software

b) Export the key(to save it off) and remove from the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToSnapshot\Norton AntiVirus Defs

Thanks Todd. Pardon my 'N00bness' but I just want to make sure that I understand the above correctly so I don't screw anything up in FD-Rescue and/or NIS 2010.

After opening 'regedit' and finding that particular string......do you export the entire "FilesNotToSnapshot" folder or JUST the "Norton AntiVirus Defs" value?

Afterwards, do we delete just the "Norton AntiVirus Defs" value or the folder in which it is contained (ie FilesNotToSnapshot)?

Also should any FD-Rescue files or folde(s) be excluded from Norton scan or auto-protect?

Please advice. Thanks again.

[Leapfrog Software]

Sorry, I should have been a little more detailed in my response. It was a bit brief.

Q:After opening 'regedit' and finding that particular string......do you export the entire "FilesNotToSnapshot" folder or JUST the "Norton AntiVirus Defs" value?
A: Just the "Norton AntiVirus Defs" need to be exported

Note: This value does not affect the NIS operation. It is only when VSS is active that it is not exposed to the VSS snapshot. Since we are not leaving VSS on for extended periods of time, or exporting a backup to a remote computer, or migrating the OS to a virtual system. We want to make a perfect clone of the OS and leave it on the same system, thus these files need to be copied. I am not sure of Symantec's reasoning behind this.

Q: Afterwards, do we delete just the "Norton AntiVirus Defs" value or the folder in which it is contained (ie FilesNotToSnapshot)?
A: You can delete "Norton AntiVirus Defs", or renaming some part of the value (in this case a folder) to a bogus entry. Ex: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\* /s changed to C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefsX\* /s.

If for some reason you don't save off the reg key, it is not the end of the world. Reinstalling NIS adds it back. As mentioned, removing it does not affect NIS normal operation of protecting your system.

Q: Also should any FD-Rescue files or folde(s) be excluded from Norton scan or auto-protect?
A: Not to our knowledge.

I hope this helps.

[Peter2150]

Todd

This is good info. This impact of NIS would also effect imaging software using VSS.

Pete

[Birdman]

Quote:

Originally Posted by Leapfrog Software

A: Just the "Norton AntiVirus Defs" need to be exported

Thanks for the detailed info Todd. One little problem though, when I right-click the 'Norton AntiVirus Defs' string......it does no show an option to EXPORT.

You can export the folder (FilesNotToSnapshot)....but not any strings located inside of it.

Is there a way to manually do this?

[Leapfrog Software]

My bad. Yes, just export the root "FilesNotToSnapshot".

It is only for the purpose of saving it off in case you need to re-enter the key later. You can always just write it down (who does that these days), or copy the field's string and safe in a notepad file.

[mrfargoreed]

Having none of these problems here running NIS2010 and FD-R Lite. Wherever I boot the icon is green. I've updated several times and no problems whatsoever. Haven't adjusted any settings in FD-R. Weird.

[squid13]

I just exported the FilesNotToSnapshot then went back into the registry and deleted in the FilesNotToSnapshot the Norton AntiVirus Defs. Did a Copy and Update then booted to the Rescue Area and Norton came thru OK.