Norton AntiVirus Corporate Edition 7.5x/7.6x, or Symantec AntiVirus Corporate Edition 8.0 (collectively referred to as Symantec AntiVirus) changes the last accessed date stamp on files when they are backed up using Arcserv or VERITAS. This causes problems when the backup software attempts to back up only those files that had been modified since the last backup.
When Symevnt detects a disk write, Auto-Protect must issue a file open to Windows to be able to scan the file(s) being created/moved. In the case of a file copy (backup) we must scan both the new file and the parent file thus AP makes a file open call to Windows for the parent file and the Backed up file(s). When a file open is issued, it is Windows that modifies the last access date. In our case here Arcserv is hacking around windows, which is similar to what we do get around this windows feature during a manual scan (stamping on the original accessed time after the file is scanned. QA marking this one reproduced but implementing a last access date hack for AP may be a daunting task.
Before you begin: If you experience the problems that are outlined in this document, upgrade to the latest version of each Symantec and VERITAS product. To learn how to obtain an upgrade, click the link that applies to your software product:
- Classic Symantec Products
- Classic VERITAS Products
Under File System Real Time Protection, an option to ignore files being opened for backup has been added to the Norton AntiVirus Corporate Edition 7.61 inline release, and to Symantec AntiVirus Corporate Edition 8.0. If you have Norton AntiVirus Corporate Edition 7.60 or earlier, you must obtain the 7.61 version to resolve this. See the document How to obtain an update or an upgrade for your Symantec Corporate product for more information.
To disable the scanning of files opened for backup
1. Start Symantec AntiVirus.
2. Click Configure.
3. Click File System Real Time Protection.
4. Click Advanced.
5. Uncheck Opened for backup.
6. Exit Symantec AntiVirus.
This setting causes Symantec AntiVirus to ignore backup open calls, which are the specific APIs that are used by backup software. This enables Symantec AntiVirus to run real-time protection at the same time that real-time backups are taking place.
For additional information, see the document Norton AntiVirus Corporate Edition 7.61 inline Release Notes.