A little glitch that I ironed out already, but just in case others can reproduce the same behaviour:
One day a week ago, a full virus scan suddenly began (not doing so was another setting that CIS does not seem to have carried over to the latest version) and took a whopping 12 hours for 4%. I ordered the software to cancel the scan, but CIS did not cancel and merely went into the background. Repeating the “cancel full virus scan” various times to no avail, I noticed the following:
CIS-related components in RAM:
NAME CPU % I/O in kB/sec RAM in MB
--------------------------------------------------------------------------------------------------
wmiprvse.exe 2.52 MB (system component, but invoked by CIS)
cavwp.exe 92.19 % 729.13 kB/s 3.30 MB
cavwp.exe 43.68 MB
cavwp.exe 244.78 MB
cavwp.exe 27.20 MB
cmdupd.exe 177.47 kB/s 17.35 MB
wmiprvse.exe 4.13 MB (system component, but conjured by CIS)
cmdagent.exe 6.76 kB/s 23.14 MB
CisTray.exe 4.34 MB
cis.exe 7.55 MB
cis.exe 42.40 MB
cis.exe 31.56 MB
-------------------------------------------------------------------------------------------------
Total CIS 92.19 % 913.36 kB/s 451.95 MB
Even rebooting did not help, the resource-hogging ‘cavwp.exe’ would always be back. It was necessary to provoke a failed launch of CIS during system startup (the one that provokes a ‘cmdagent could not load’) to be able to eliminate the rogue component in the process manager. Subsequently, it was possible to start CIS manually and from that moment on, with “Full Scan” disbled/unchecked, the problem has not occurred again.
Might just be another weird coincidence, but in case there is really a little bug affecting the “Cancel Scan” button, it cannot hurt to fix it.
Something else: sometimes programs seem to randomly get sandboxed after some time of running unaffected. First it happened with web browsers, later with WinRAR, although WinRAR had been used to pack/unpack files dozens of times before, both starting it from the list of programs and by double-clicking an archive in Windows Explorer. When sitting in front of the computer it is not a big deal, but when things like these happen while one is away, to components of more complex software suites, trouble-shooting it can take a long time, because one focuses on the affected software first, as it had been running fine for a while with CIS not finding anything wrong with it.
For this and other reasons, the return of an improved “Summary” page would be nice, as other people have suggested before. In an ideal case, the programs that CIS blocked/sandboxed would be listed there, together with a comprehensible explanation of the reason. For instance, “ABC in folder ….… has been sandboxed because it tried to connect to website http://… (IP 123.456.789.012). The rules for this software do not allow outgoing HTTP connections.” Yes, there are log files, but nobody has the time or nerve to read cryptic log files each time they come back from a meeting or lunch break.
As for the help: it makes no sense to have help for a security software online, because the first thing that usually does not work any more when something goes wrong is the Internet. Those among us who are used to the perks and pet peeves of the software might have the right idea and check CIS first, but many people whose browser or e-mail program suddenly does not work any more might have a bad day and lose a lot of time trying to figure out what is wrong with their browser. A software that blocks access to the web – sometimes in an erratic/erroneous manner – should not rely on the web to provide the necessary information for troubleshooting.
For those among us who come to this forum it may not be a big deal, but the average user will swear (and call their go-to guy) in desperation.
Just my humble two cents, no response required.