Summary
Question
\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy using Exclusion Rule to Avoid warnings on logs
Why this error needs to be documented and exposed?
This issue is not fully explained and there are many threads talking about it but they are old and confuse about versions and sometimes the way to fix it work and other ones not.
More information about this: It is where OS set/put the snapshots created by the volume shadow copy service is stored.
What are the versions being affected?
All versions not in EOL.
This is a workaround:
Yes, it is, because it could be other ways to fix it, but here we want to share an easy way to exclude files under shadow copy .
Why is this shadow copy used on machines?
It is related to OS, it is a snapshot where OS can keep a copy in freeze-time, this is the guide OS handle to work on files related data.
This applies to machines using fully encrypted by either PGP or Bitlocker, or similar software, of course having enable snapshot shadow copy.
OS usually set a path very similar to \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy, you can see log doing references to that path, classification it as ‘warn’ and ‘error’, however, it isn’t usual to have useful files under that path structure, so, this shadow volumes does not affect the backup itself, then, exclusion of that path is good to take, just to avoid that lines from log files.
Answer
Just to clarify, the rule for each customer environment will be configure according to that environment, I mean, user must to know how to set it up to proper reference in the log making fit with the path.
Category: Exclusions
Rule Name: encrypt file
Folder: *\GLOBALROOT\Device\HarddiskVolumeShadowCopy*\
Scope: Include subfolders
File name: PGPWDE*
File types: *
Category: Exclude
Rule Name: encrypt file
Folder: *
Scope: Include subfolders
File Name: PGPWDE*
File Types: *