File copy issues with Symantec Endpoint Protection on Windows 7

Posted on By Mark Wilson
This content is 12 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I’ve been trying to copy some files from my work PC to my home PC. That should be straightforward enough – after all they are both running Windows 7 (x64) with all current updates installed – but I frequently found that Windows Explorer would hang in the middle of a file copy.  I found anecdotal evidence that disabling anti-virus software may help as the file filters can get in the way but my attempts to disable Symantec Endpoint Protection (SEP) were thwarted by the policies that my admins have, understandably, put in place.

It seems that certain versions of Symantec Endpoint Prevention (ahem…) Protection 11 have an issue with Server Message Block (SMB) 2.0 file copies. Disabling SMB 2.0 is one option, using the following commands on the client machine:

sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= disabled

(I’m not sure if a reboot is required, but I rebooted anyway.)

Whilst this could potentially reduce performance of the file copy operation, I could that it did at least allow it to work. (There’s also an unofficial Symantec tool that can be used to disable/enable SMB 2.0 on Windows 7.)

Unfortunately, the copy process was still not flawless and several times a dialog box appeared warning about Error 0x8007046A: Not enough server storage is available to process this command. Restarting the Server service on the remote PC (net stop server, then net start server answering Y to continue the operation when prompted about existing sessions or dependant services such as Computer Browser or HomeGroup Listener) and then clicking Try Again on the client, let the copy process continue

Once the file copy was completed, I enabled SMB 2.0 again, using:

sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= auto

Sadly, the lost time circumventing issues caused by security software doesn’t seem to be a criteria used by IT departments when considering their approach to desktop service provision, which is another reason I believe that a “dirty” network is not such a bad thing