How to handle with \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy using Exclusion Rule to Avoid warnings on logs\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy using Exclusion Rule to Avoid warnings on logs.

  • KM03767464
  • 10-Dec-2020
  • 10-Dec-2020


Most of OS using shadow copy and encryption software, then creates exclusion rule to avoid messages from log files when backup takes place.


\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy using Exclusion Rule to Avoid warnings on logs

 Why this error needs to be documented and exposed?

This issue is not fully explained and there are many threads talking about it but they are old and confuse about versions and sometimes the way to fix it work and other ones not.

More information about this:  It is where OS set/put the snapshots created by the volume shadow copy service is stored.

 What are the versions being affected?
All versions not in EOL.

 This is a workaround:

Yes, it is, because it could be other ways to fix it, but here we want to share an easy way to exclude files under shadow copy .

 Why is this shadow copy used on machines?
It is related to OS, it is a snapshot where OS can keep a copy in freeze-time, this is the guide OS handle to work on files related data.

This applies to machines using fully encrypted by either PGP or Bitlocker, or similar software, of course having enable snapshot shadow copy.

OS usually set a path very similar to  \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy, you can see log doing references to that path, classification it as ‘warn’ and ‘error’, however, it isn’t usual to have useful files under that path structure, so, this shadow volumes does not affect the backup itself, then, exclusion of that path is good to take, just to avoid that lines from log files.


 What is the workaround using exclusion rule to?
Just to clarify, the rule for each customer environment will be configure according to that environment, I mean, user must to know how to set it up to proper reference in the log making fit with the path.
So next you will find the format and way to set the private exclusion rule, most of the cases it makes fit, but in less ones, you need to modify it.
Please try this next:
Category: Exclusions
Rule Name: encrypt file
Folder: *\GLOBALROOT\Device\HarddiskVolumeShadowCopy*\
Scope:  Include subfolders
File name: PGPWDE*
File types: *
Also creates a new one rule for exclusion like next one:
Category: Exclude
Rule Name: encrypt file
Folder: *
Scope: Include subfolders
File Name: PGPWDE*
File Types: *