I am currently using CommVault v11.19 together with Kaspersky Security 10.1.2 for windows server & Kaspersky Security Center 11 Network Agent. During our weekly Kaspersky scan we've used procmon to determine that process is changing both the timestamps and attributes on scanned files. Unfortunately, this results in CommVault's File Activity Anomaly Alert triggering as it detects Ransomware like activities plus the subsequent backup takes considerably longer as more changed files are obviously detected. Is there any way of preventing the Kaspersky scan from changing both the timestamps and attributes of the files?
Thanks in anticipation
Best answer by Oleg Bykov
To instruct KSWS to not mess with file times when doing the On-Demand scanning, add this value to the registry: