Norton Internet Security 11 and 12 causing massive slowdown with Network Program

I have a client that runs a program called Dentrix. This is a specialized management program for dental practices. They have been complaining that the Dentrix program is running very slowly and I found that when I tried to utilize the program that it took over 120 seconds to start, was having regular "not responding" errors while changing screens in the program that took 30 to 60 seconds before the program started responding again, and program lockups.  I did what most computer guys do:

 

- I checked the resources, os, etc. (Windows 7 Pro, 4GB RAM (over 1 GB free), plenty of HD space)

- I disabled the firewall (no joy)

- I disabled the anti-virus portion of the program, and it became blazingly fast:

  >10 to 20 to start program

  > No "not responding" messages

  > No program lockups

 

These are decent machines with enough memory, processing power, and disk space. The program database lives on a server.  I can leave everything enabled except anti-virus and the Dentrix program runs well.  I'm not that familiar with NIS as most of my clients are running SEP.  Where would I start troubleshooting the problem?  There is obviously something wrong.  The AV should not introduce that amount of lag into the system. Any ideas will be appreciated. Also, I updated one of the 2011 clients to 2012 and it did not make a noticeable difference.

 

Thanks,

 

Jeff

 


Jeffesmi wrote:

" ....  I can leave everything enabled except anti-virus and the Dentrix program runs well. ..."


Hi Jeff,

 

You might want to add an exclusion for this one program.

 

If you are completely certain that this program is safe:

 

    • Open the main NIS 2012 Interface and click Settings at the top. 
    • This should open to the Computer tab > Antivirus and SONAR Exclusions

    • Select Items to Exclude from Auto-Protect, SONAR and Download Intelligence Detection  Configure[+]
    • In the Real Time Exclusions window, click Add
    • In the Add Item window, click the small square to browse to the specific program folder on your computer.  
    • Select the program folder or just the .exe file, click OK > Apply and then OK your way out.

Dentrix is at the newest version.

We are running Windows 7 32-bit SP1.

All updates are applied.

I've already trimmed the fat with MSCONFIG & cleaned with ccleaner.

Since it's Windows 7, defragler is a waste of time since an auto defrag already runs.

 

I tried this.  At first, I excluded the local program file on C:.  Then I excluded the program directory on c:.  Then I excluded the entire network drive. . . Yes, I know this isn't good practice, but like disabling your firewall, it sometimes helps point you in the right direction or eliminate a lot of wasted steps.  None of this worked.  Under Real Time Protection, there are several items:

 

Antispyware

Auto-protect

Caching

Early Load

Removable Media Scan

SONAR Protection

 

When I disable JUST auto-protect, everything runs great again.  Any other ideas?  I'm at wits end, and I'm afraid that I'm going to have to recommend a different anti-virus program if I can't resolve this which would be a shame since they have 160 days left on the protection.

 

Thanks,

 

Jeff

I'm not at my NIS system right now, but I will assume the server has a fixed IP address.

Go into the Network security map

Click once on the server to highlight it then down below where it says "Trust Level" click "edit".  I'm sure it is already set for either shared or full trust, but you will find a box that can be checked if the server has a fixed IP.  It's called something like

"Exclude from IPS Scanning"  (or something like that).

That option was added a couple years ago to resolve slow file transfers problems across networks on some systems.

 

Dave

 

I'm on one of the PCs, and I went to Network Security Map.  The server was listed as a generic device.  I changed it to a server.  There is nowhere that I can find that says anything about static IP, but it does have the correct IP address in there.  Under the Network Details area, I pulled down the drop-down box and selected Trust Control.  I added the server, but again there doesn't seem to be anything like the box you mentioned.  The category is locked as user defined, and I can't change it.  Our version on this machine is 17.9.0.12.  I appreciate all your help.  I'm back at this client on Friday. I really hope to have a solution by then.


Thanks,

 

Jeff

Hi Jeffesmi,

 

The following article more fully explains how to do what DaveH is suggesting, and I think he is giving you the correct thing to try.  You need to assign a permanent IP address for the server in your router settings.

 

https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?utm_source=symc&utm_medium=product&product=norton+internet+security&version=19.2.0.10&lg=english&layout=retail&layouttype=esd&buildname=retail&symskucurrent=20032958&symskumedia=21171898&partnername=retail&subremaining=33&sublength=34&substatus=current&psn=hjmhgrcfw8bk&actstat=activated&curdefs=20111206.002&hbguid=3b4aeee0-c162-4523-939e-9b5b0a68e679&osversion=5.1+2600.xpsp_sp3_gdr.101209-1647&spversion=3.0&oslang=en&ct=united+states&defbrowser=firefox&ieversion=8.0.6001.18702&coreservice=startup+type%3aauto+state%3arunning&conntype=100000000&cpu=x86+family+15+model+2+stepping+9&dsfree=42.30&dstotal=60.36&memload=68%25&memtotal=1086&datetime=12-06-2011+18%3a30%3a11+pm+gmt&hcmode=false&helpid=edit_trust_level_device&entsrc=help&ncoap=1&pvid=f-nis-cur&country=united+states&language=english&ncoap=1&docid=v36718715_nis_retail_2012_en_us&ncoap=1&partner=&ispid=&sitename=

The option may not be availible in version 17, that would be NIS 2010.

Please try it on a version 18 system or greater. 2011 or 2012.   I'm positive it is in those versions.

 

I'm again not at my NIS system but I have one here with Norton 360, the network security pages are almost identical to NIS.

The network security map looks like this:

Security Map.JPG

 

 

I'm actually in VPC right now.  "VPC" would be the workstation I'm sitting at and "Dave" would be my server.

Click once on the server to highlight it and then click the edit button I marked.

 

Then this box pops up:

exclude from IPS.JPG

 

 

The bottom box is what I'm talking about.  You will find that it is visible but "greyed out" unless you first select "Full Trust"

Then you can check the box to exclude the server from IPS scanning.

 

Notice that it says the device (the server) must have a static IP address.

Beats my why Norton doesn't use the MAC address like all the other devices in the security map so that they don't need a fixed IP address. 

 

But your not going to be able to change or fix the IP address though NIS on the workstation.

Chances are the server is already setup with a fixed IP, I don't see why someone would setup a server without one.

 

But either way you should be able to test it to see if it resolves your problem.  I think you may need to reboot the workstation for it to take effect.

 

Dave

 

 

 

I upgraded this workstation to the newest version of Norton 2012, but I don't have the same options as you.  

 

NIS-screen1.jpg

 

As you can see, I have no trust level item to edit.  I looked around for places to turn something like this on, but did not see anything. I'll be at this office tomorrow, so this is my last chance to find a solution.  Throw whatever you have at me.

 

Thanks,

 

Jeff

Are you sure that is NIS (Norton Internet Security)?

That looks like Norton Antivirus. 

Dave

I'm pretty sure, but at this point, I wouldn't swear to it.  I'll remote in tonight and take a peak.  What I ended up doing was excluding drive M: from scanning.  I tried excluding all the files that the server showed open, I tried all the data directories, but the only way that made it run reasonably was to exclude drive M: from scanning.  Drive M: is a mapped drive where this industry specific software runs.It's not ideal, but the server has it's virus scanner, the workstations have their virus scanners, and while the overlapping security was a plus, it was just too intrusive and having the constant "not responding" and software crashes would have eventually caused database corruption. 

 

Thanks,

 

Jeff

We had a similar problem and aside making our server trusted, the other culprit was the program control feature in Norton's firewall control. When we turned off the program control feature the performance when accessing files on the server is fixed but Norton proivdes alerts which are just as problematic. Just setting "allow" for individual program control did not fix the performance problem. We're still trying to understand how to fully turn-off the program control to remove the alerts. It's getting to the point that Norton is starting to feel like malware.

I have a client that runs a program called Dentrix. This is a specialized management program for dental practices. They have been complaining that the Dentrix program is running very slowly and I found that when I tried to utilize the program that it took over 120 seconds to start, was having regular "not responding" errors while changing screens in the program that took 30 to 60 seconds before the program started responding again, and program lockups.  I did what most computer guys do:

 

- I checked the resources, os, etc. (Windows 7 Pro, 4GB RAM (over 1 GB free), plenty of HD space)

- I disabled the firewall (no joy)

- I disabled the anti-virus portion of the program, and it became blazingly fast:

  >10 to 20 to start program

  > No "not responding" messages

  > No program lockups

 

These are decent machines with enough memory, processing power, and disk space. The program database lives on a server.  I can leave everything enabled except anti-virus and the Dentrix program runs well.  I'm not that familiar with NIS as most of my clients are running SEP.  Where would I start troubleshooting the problem?  There is obviously something wrong.  The AV should not introduce that amount of lag into the system. Any ideas will be appreciated. Also, I updated one of the 2011 clients to 2012 and it did not make a noticeable difference.

 

Thanks,

 

Jeff