There was a known issue with older version of SEP client and it was with File system autoprotect that used to cause this issue and should have been fixed with Mr4MP1.Would suggest calling Symantec Technical Support to know the root cause.

High Explorer.exe CPU usage when touching exported Symantec Endpoint Protection client package.
Fix ID: 1470577
Symptom: Explorer.exe has high CPU usage in Task Manager.
Solution: Fixed in an update to the Auto-Protect component.

The Client from where you are accessing this share are they MR4 or older ?

Mixed.  MR5, MR4, MR4MP1A, MR3 

Thanks for pointing that fix out.  At least I have something to report to Symantec.

Most would have been updated from older versions.  I just installed Win 7 on a clean VM and put MR5 on it, problem is still there even when a older version was never installed.

 As you are facing this issue only on the newer OS's can you try turning off User Account Control ( UAC ) and see if there is any improvement.

Only on newer OS's.  Vista, Server 2008 Server 2008 R2, and Win 7.  Turning off UAC has no affect

The problem doesn't exist anymore on XP or 2003.

I have submitted a case to symantec to try to see if they can figure out why it is still happening just on the newer operating systems.

Case: 320-230-457

 Whatever may be the Solution/WorkAround do update us..

We have a very similar problem with RU5. Explorer appears to totally freeze up when Windows Search searchfilterhost.exe is indexing. The Windows Search executable is not indicating excessive CPU or resource use, however the machine completely freezes up - eventually the task manager cannot even be run.

The solution in this case was to remove the Application and Device Control element of Symantec Endpoint Protection client. Control Panel -> Add & Remove Programs. Select Symantec Endpoint Protection. Choose Change. Choose Modify. Select the drop-down menu beside Application and Device Control and choose This Feature Will Not Be Available (X). Restart.

It may be worth attempting this. We have experienced the Application and Device Control component of SEP 11 RU5 causing similar problems with other processes. Nothing is logged by SEP during these instances.

Disable Network Drive Scanning:

1. Click the Policies Tab.
2. Click Antivirus and Antispyware.
3. Click the policy you would like to modify and then click Edit the Policy.
4. Click File System Auto-Protect.
5. Under Network Settings, uncheck Network.
6. Click OK.
7. Assign the policy by clicking Assign the Policy, then check each group to which the policy should apply.
8. Click Assign, then click Yes.

Noticed same problem with Win7+SEP RU5, NTP and Application and Device control installed, Network scanning disabled and package created with that policy used.

Double-clicked setup.exe, explorer freezes but everything else works. Killed explorer from task manager and started again, setup.exe successfully copied to client's desktop and installation was successfull.

SEP RU5 was allready installed with problematic computers, just needed to run it again to change some settings.

We are not using application and device control at all, and it happens even with the package isn't on a network drive.   I have logged my case, and they haven't made much progess with it.  All they keep updating the case with is the following info:

ISSUE:Known issue
STATUS:researching
ACTION:Research solution

If I get a solution, I will surely post it for everybody, but I think this will just have to be included in an update to the client in the next version from what I can tell.

Symantec has updated me stating that this will need to be addressed at the code level.  Fix will be in an upcoming release it looks like.

 Would it be in MR5Mp1 or MR5MP2 ?

I've seen the same problem few week's ago one of the network administrator changed the ip and name of the SEPM manager after that all the users stopped to communication with the SEPM, and i've tried many ways to restore the communication but didn't work at all, so i decide to create the packages with the functions to remove the old polices and reset the communication and I exported the packages to a network share and I went on some machines to try install the client and I faced the same problem with the explore, and it used to happen only on the folder that the packages was on it. Something I noticed on this machines was if I remove and if I stop the service I could open the Network Share quick again.

So guys if u get a easy solution for that please put on the forum, I would like to know!!!

Thank's

 The work around would be temporarity turn off File-System AutoProtect

I am still waiting from Symantec on what version the fix wil be in. They reported to me just today that they are seeing it on Windows XP clients as well in internally testing.  I can't find one XP client, or 2003 Server client in my enviroment having this problem.  Only Vista, Sever 2008, Windows 7, and 2008 R2.

Finally got the final response from the Symantec report team, very very dissapointed in their answer:

"After extensive testing and review of the information on our case the team has determined that the behavior you are seeing appears to be normal functioning of the SEP software."

NORMAL!?  no way.  Guess we won't be seeing this fixed in a future release after all, removing this as solved.

I agree with you. This is NOT something normal... There is a catch .... By the way, apart from UAC, one thing which is common to the mentioned OS is the bitlocker driver encryption... Any possibilites of that coming in the picture?

Visu, Bit Locker drive encryption is not coming into play here.  Some people are using it here, but hardly any really to be honest.  I myself am not using it and the problem is still there.  Simply disabling Auto-Protect temporary should not be the solution they are trying to push.  I have gave my disapproval to the front line support tech and hopefully it will motivate them to look at actually getting it fixed in the future.

OK, I have been working with Symantec since October on this issue, and they FINALLY are giving up.

They tell me this is simply "normal" behavior of their client due to "the agressive nature of the scanning engine."  What?  Once again, I have been dissapointed by their efforts to fix simple performance issues.

They even posted a article about it:
Computer performance slow when right-clicking on packed file with an unmanaged Symantec Endpoint Protection client installed
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009030210091848

However, I pointed out to them I have running a manged client, and a newer version of what the article says is the problem (11.0.4).  I am running the latest (11.0.5002)