InoculateIT and eTrust Antivirus

The LiveVault Online Backup and Recovery Service has been tested with InoculateIT Deluxe and LiveVault Online Backup and Recovery Service is known to run successfully with this product on a computer. The tested InoculateIT versions include 4.5, 5.1.1, and 6.0. Also, LiveVault Online Backup and Recovery Service has been run with eTrust Antivirus v6.0 and v7.0. If you are using another version and require assistance, contact Customer Service.

There are additional configuration steps that you need to perform to run InoculateIT software and LiveVault Online Backup and Recovery Service on the same Agent computer.

Exclude LiveVault Online Backup and Recovery Service directories from the anti-virus scan

When configuring these antivirus software programs, you need to exclude the following LiveVault Online Backup and Recovery Service directories from the virus scanning; otherwise, the computer could hang:

  • Journal files (default is \LiveVault\Journals\)

  • Database files directories, both protected and unprotected (default is \LiveVault\Databases\ containing both subfolders \Protected and \Unprotected)

To identify the LiveVault Online Backup and Recovery Service directories paths

To identify the full path of the directories to exclude on your computer:

  1. Using REGEDT32.EXE, open the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\LiveVault Corporation\LiveVault\2.0

  2. Locate the JournalRoot value (for example, this is usually similar to E:\LiveVault\Journals)

  3. Locate the ProtectedDatasetDirectory value (for example, this is usually similar to E:\LiveVault\Databases\Protected)

  4. Locate the UnprotectedDatasetDirectory value (for example, this is usually similar to E:\LiveVault\Databases\Unprotected)

Exclude the anti-virus temporary files/directories from backup

Anti-virus software products generate temporary files or use temporary directories, for example, to unpack archives such as zipped files.

We identified the following InoculateIT/eTrust Antivirus temporary files/directories to exclude:

  • C:\Inoculan\Tmp

    The temporary path is specified in the registry key:

    HKLM\Software\Computer Associates\InoculanIT\Current Version\Path value TMP

    You need to manually exclude this temporary directory from LiveVault Online Backup and Recovery Service backup.

  • C:\Program Files\CA\Etrust\InoculateIT\ARCTEMP\* (plus subdirectories)

    For InoculateIT version 6.0, the temporary files are stored in the ARCTEMP subdirectory of the InoculateIT home directory. The home directory is specified in the registry key:

    HKLM\SOFTWARE\ComputerAssociates\InoculateIT\6.0\Path value HOME

    LiveVault Online Backup and Recovery Service Agent version 4.0 and later automatically excludes this temporary directory and its subdirectories (as specified above). If you are running an earlier Agent version, you must manually create this exclusion.

    In the tree view on the Files to Backup tab, you will see the icon for the automatically excluded directory and subdirectories. Parent directories of the automatically excluded directory are marked in MyLiveVault with one of the "partially excluded" icons, either (if a parent directory is selected), or (if a parent directory is not selected).

Check the InoculateIT/eTrust Antivirus vendor documentation for whether the product uses other temporary files and directories.

Exclude additional anti-virus files/directories from backup

You also need to exclude the InoculateIT/eTrust Antivirus 6.0 scan engine logs, incoming directory, outgoing directory, and move "quarantine" directory from LiveVault Online Backup and Recovery Service backup.

LiveVault Online Backup and Recovery Service Agent version 4.0 and later automatically excludes these directories and their subdirectories. If you are running an earlier Agent version, you must manually create these exclusions.

In the tree view on the Files to Backup tab, you will see the icon for the automatically excluded directories and subdirectories. Parent directories of the automatically excluded directories are marked in MyLiveVault with one of the "partially excluded" icons, either (if a parent directory is selected), or (if a parent directory is not selected).

  • Scan engine logs

    The logs path is specified in the registry key:

    HKLM\SOFTWARE\ComputerAssociates\ScanEngine\Path value Logs

    For example, if the specified path is C:\Program Files\CA\common\scanengine\logs, create the exclusion:

    Exclude C:\Program Files\CA\common\scanengine\logs\* (plus subdirectories)

  • Incoming directory

    The incoming directory path is specified in the registry key:

    HKLM\SOFTWARE\ComputerAssociates\ScanEngine\Path value Incoming

    For example, if the specified path is C:\Program Files\CA\common\scanengine\incoming, create the exclusion:

    Exclude C:\Program Files\CA\common\scanengine\incoming\* (plus subdirectories)

  • Outgoing directory

    The outgoing directory is specified in the registry key:

    HKLM\SOFTWARE\ComputerAssociates\InoculateIT\6.0\Path value Outgoing

    For example, if the specified path is C:\Program Files\CA\Etrust\InoculateIT\Outgoing, create the exclusion:

    Exclude C:\Program Files\CA\Etrust\InoculateIT\Outgoing\* (plus subdirectories)

  • Move "quarantine" directory

    The move "quarantine" directory is specified in the registry key:

    HKLM\SOFTWARE\ComputerAssociates\InoculateIT\6.0\Path value Move

    For example, if the specified path is C:\Program Files\CA\Etrust\InoculateIT\MOVE, create the exclusion:

    Exclude C:\Program Files\CA\Etrust\InoculateIT\MOVE\* (plus subdirectories)

Files you may choose to exclude

You may also choose to manually exclude these directories:

  • Common\ScanEngine\ARCTEMP\* (contains temporary files)

  • Common\ScanEngine\Backup\*  (contains old signature files)

  • Etrust\Inoculate\DEBUG (used to debug problems)

Files you must not exclude

Ensure that you do not exclude the following directories and files:

  • Common\Alert\

  • Etrust\InoculateIT\DB\

  • Etrust\InoculateIT\RPCMTDB\

Turn off Incremental Scan option for InoculateIT 6.0 and eTrust Antivirus 6.0

The Incremental Scan option is supposed to enhance scan performance for NTFS partitions, using a secondary NTFS data stream for storing the incremental scan information. This option is available for all scan types. However, the additional data stream causes backup problems.

You must turn off the Incremental Scan option for all scan types. You can find the option settings in the following locations:

  • Realtime Monitoring Options

    • Selection tab

      • Detection box

        • Advanced options

  • Local Scanner Options

    • Scan tab

      • Detection box

        • Advanced options.

Refer to your vendor documentation for additional information.

Note: After turning off the Incremental Scan option, do not remove the additional NTFS streams using delstrm.exe utility. This action will only cause an unnecessary backup synchronization of your data.

This option was removed from eTrust Antivirus 7.0.

Anti-virus processes in LiveVault "suspect process" registry setting

The anti-virus processes inoculan.exe, inocit.exe, inotask.exe, and shellscn.exe modify a file's attributes. When LiveVault Online Backup and Recovery Service recognizes that the file attributes are changed, it would determine that the file was changed and back up the file changes. This would result in unnecessarily high continuous backup activity which will negatively impact your computer operations.

To prevent this problem, these processes must be part of a LiveVault "suspect process" registry setting that enables the LiveVault Online Backup and Recovery Service replication technology to identify the files whose attributes are modified by these processes, and thus avoid replicating the files unnecessarily. LiveVault Online Backup and Recovery Service Agent version 3.3.1 and later automatically includes inoculan.exe in the LiveVault registry setting, Agent version 3.6 and later includes inocit.exe, Agent version 4.0 and later includes inotask.exe, and Agent version 4.2 and later includes shellscn.exe. LiveVault Online Backup and Recovery Service will continue to identify when the file content has actually changed and back it up appropriately.

If you are running an earlier Agent version, contact Customer Service for assistance.

Related Information

Anti-virus Software
Excluding Files from Backup
Automatic and Recommended Backup Exclusions
 
© 2002, 2004 LiveVault Corporation. All rights reserved.