Execcesive Disk write activity [NBZ]

CIS writes execcesive data to disk even when computer is left idle

The bug/issue

  1. What you did: Nothing
  2. What actually happened or you actually saw: Noticed slow computer and large disk write activity
  3. What you expected to happen or see: Not this
  4. How you tried to fix it & what happened: Disabling D+ permanently reduces it and exiting cfp from tray
  5. If its an application compatibility problem have you tried the application fixes here?: No
  6. Details & exact version of any application (execpt CIS) involved with download link: No
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: It happens normaly
  8. Any other information (eg your guess regarding the cause, with reasons):excessive access to msctf.dll

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug: yes from performance monitor as well as procesmon
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List: n/a
  3. A CIS config report or file.n/a
  4. Crash or freeze dump file:n/a

Your set-up

  1. CIS version, AV database version & configuration used:5.3.176757.1236
  2. a) Have you updated (without uninstall) from CIS 3 or 4: no
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:no
  3. a) Have you imported a config from a previous version of CIS:
    b) if so, have U tried a standard config (without losing settings - if not please do)?:no
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): no
  5. Defense+, Sandbox, Firewall & AV security levels: D+= safe mode , Sandbox=Enabled , Firewall =custom , AV = staeful
  6. OS version, service pack, number of bits, UAC setting, & account type:xp sp3 32 bit admin
  7. Other security and utility software installed: nil
  8. Virtual machine used (Please do NOT use Virtual box): N/a

[attachment deleted by admin]

Thank you for your bug report in the required format.

Moved to verified.

Thank you