Windows server shares VERY slow

Summary: On two clients, server share writes slow to a crawl with NOD32 real-time protection. When file system protection is disabled or the share excluded, speeds resume to normal. NOD32 updated to latest version and definitions updated.

Detail: Beginning on 18th November, a client reported a significant slowdown in their line-of-business application which stores data on a SBS 2003 server using a standard Windows (SMB) share, that is, not using a client-server database. Application software support personnel indicated it was due to "network communications problems." I conducted extensive analysis and found no problems, though I noticed copying a sample folder with large files from a PC-to-Server was noticeably slower than copying Server-to-PC. Application software support was contacted again and they were not able to find much, except that some improvement could be made by running the workstation in Safe Mode w/ Network. I ran another copy test and found even further PC-to-Server slowness (8x slower).
At this point, I experimented with disabling all NOD32 protection. Disabling NOD32 on the PC helped very little, but disabling it on the server made copying almost as fast, that is a 1000% improvement.
I then found I could go into NOD32 setup and configure an exception to File System protection to exclude a sub-folder of the share used for the application data files. This provided the same improvement.
The client reports that the issue appears to be resolved. This of course is just a workaround.
About 10 days later, a different client had performance issues that, short story, were alleviated by excluding the data share.

Data:
Test and time files copy.
J:\a-test folder copied on acctg2 PC, from server share to acctg2 folder 139MB in 168 files, 10 folders
0:11.5 - Copy from server to acctg2
1:32.1 - Copy from acctg2 to server

Turned off ESET on PC
0:05.7 - Copy from server to acctg2
1:31.4 - Copy from acctg2 to server

Turned off ESET on server and PC
0:06.7 - Copy from server to acctg2
0:07.4 - Copy from acctg2 to server

Turned ON ESET on server and PC, with exclusion on File System protection for ACI and ACI32 folders
0:08.4 - Copy from server to acctg2
0:09.2 - Copy from acctg2 to server
92.1 seconds / 9.2 seconds = 10.1 or about 10x speed improvement.

 

Just to make sure, are they using the most current version 4.2.67?

 

Same here. I already had this a few times ago (with a 4.0.x and even before with some 3.x) !

This time :
The share is on XP
Client is XP or Linux (mount.cifs)
nod32 BusEd 4.2.67.10 / db 5672
Enabled => 200/300 kbits/s
Disabled => 150.000/200.000 kbits/s

Valuable data :
If I uninstall current nod32 and I reinstall same version (4.6.27.10) but PREVENT updating virus db (db installed with my package is 5591) => problem solved
If I update virus db, i get v5672 and problem is back.

So something looks wrong between those db versions.

Again, I already experienced this kind of problems several times in less than 2 years : I'm a reseller and from today I'll definitively stop using/distributing it. This is not possible to use/support it in network environnement.

 

Yep, I updated all PCs to 4.2.67.10 yesterday and retested.
When I quit excluding the shares, the slowness immediately returned.

I have an article from an ESET rep that I am following now and will report back if it helps.

 

I assume that the problem does not occur with real-time protection disabled on the server with the share. What type of files are copied there? (executables/dlls, archives, documents, data files, etc.)
Do you use default real-time protection settings? If so, try disabling all options for newly created and modified files and let us know if it makes a difference. You can also try setting real-time protection to scan files with extensions listed in the default extension set (ie. those that are known potentially to carry malware).