CavAUD.exe shows "Suspicious Behaviour" on activity logs

Why is CavAUD.exe show up as “Suspicious Behaviour” on the CPF activity logs. Why does it label an .exe file from its sister program as such? Under the connections tab, it shows the same file as “security risk: safe”. Now this is an approved application set to allow for TCP/UDP in/out. This is pretty confusing. Does anybody have an explanation for this? Another thing that I notice is that under the Summary screen under traffic/application CavAUD.exe has a red bar showing % of activity. Just want to know about these two things and what is causing each? Thanks in advance.

If Security->Advanced->Automatically approve safe applications option is enabled, CPF should not report this issue. It is quite safe to enable this option.


As far as I know it was enabled all along. I checked now and its enabled. There is no “Suspicious Behaviour” log for this application since last night. Now for the other thing, why does that particular file CavAUD.exe show up on the summary screen under traffic/application with a red bar? This is only happening on my wifes laptop and not on my desktop. Any explanations for this?

Thats is strange. Can you post a screenshot?


For some reason the “problem” has not happened again since last night. I think it may be a learning thing for CPF as its getting used to ones computing habits? If it happens again, I will post a screenshot. Thanks for your help either way.

Here is a screenshot of the CavAUD.exe being shown under the traffict tab with a red bar and “%” on my wifes laptop.

This does not show up on my desktop. Can anybody explain this phenomenon?

Oh thats not important. Thats just a random color. CPF shows popups in case of something suspicious.
So feel safe.


Thanks for the explanation.