Disabling the smefs file protection smesys driver

Article:TECH108157  |  Created: 2002-01-31  |  Updated: 2006-01-18  |  Article URL http://www.symantec.com/docs/TECH108157
Article Type
Technical Solution


Script execution may fail and the error message "Error 53: Can not create C:\_integra\empty" is logged in the common.log file. Under certain conditions the ON Command CCM file protection may not unlock the _integra folder for the smeclnt during script execution.


For compatibility reasons you may want to disable the CCM file protection. The CCM file protection protects the _integra directory including all subdirectories from write access and is part of the smefs.sys driver programs. This may cause conflicts with some Anti Virus real time protection drivers.


This situation can be caused by a timing issue or by memory intensive real-time protection antivirus engines executing threads in the _integra folder.

To fix this, disable the CCM File protection by creating a new DWORD registry key, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\smefs\NoSmeSec, with a value of 1.

To create a new registry key
  1. Download the file disable_CCM_file_protection.reg and save it to your desktop.
  2. Double-click the file to run it and add the registry key to your registry.
  3. Restart the computer (the computer must be restarted in order for the changes to take effect).

Disable the CCM file protection by default on new installations
To disable file protection by default for all new clients, change the agent da_conf.par configuration file, which is part of the each agent package. Append the following registry key settings to the [update] section:


You may combine this with an administration parameter in the config.swp file allowing you to toggle between both options.

Note: Disabling the driver enables write access to this directory. This can be avoided by applying specific NTFS access rights.

You may also use the cacls script in the file right01m.012.zip to set the registry key NoSmeSec as in the above steps.

Technical Information
As an additional possible workaround, try excluding the _integra folder and \Windows\Smefs.sys file from being scanned by your antivirus software.

Legacy ID


Article URL http://www.symantec.com/docs/TECH108157

Terms of use for this information are found in Legal Notices