CFP.EXE eats my CPU

This is getting irritating, because it started again- 3rd time I think.

I’ve been using Comodo Firewall with Avast Antivirus for 3 years without problems. Some bad things started happening this autumn(2010) and I don’t know what that is and why it’s happening.

The problem is simple(in theory): whenever I open a program that’s related to the internet, like Firefox for example, cfp.exe goes to 40%-50%. For what reason it’s doing this?

I had to reinstall my windows 3 times for some reasons, and every time it seemed to be a “calm” period when cfp.exe wouldn’t react like this.
In 31 december- what a luck- I had a system crash and windows would not boot up anymore, only in safe mode. Well, that’s how I spent my last day of 2010… reinstalling windows. 2 days ago cfp.exe started again to annoy me with this 50% cpu consumption.

What’s wrong with it?

Hey and warm welcome to comodo forums Karst!

You can first try to add the complete folder in exclusion of Execution Control Settings (CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…) and in Application rules (CIS —> Firewall —> Network Security Policy —> Application Rules Add —> Select —> Browse…)

This problem that you are having is nothing new and it’s something that avast has to fix.

Tell me if this helps.

Regards,
Valentin N

Do the Defense + logs give us a clue here? Can you post a screenshot of them?

Thanks Valentin N, but that didn’t work. And it seems that cfp.exe does this even when I’m not in Firefox :\ .

Where do I access the Defense+ logs?

[EDIT] And btw, what does the cfp.exe do anyway? I tried killing it in the task manager but it won’t let me. I then tried to at least set the affinity or change the priority but that is not allowed too :frowning: .

Where do I access the Defense+ logs?

CIS → Defense+ → View defense+ events.

what does the cfp.exe do anyway

This the GUI of CIS (Graphical User Interface).

  1. CIS → Defense+ → Computer Security Policy → Protected Files and Folders → Groups → Add → New Group…(give this group a name, for instance Avast). Now click once on “add files here” and Add then Add → Select Fromand → Browse… and add find the wanted folder

  2. CIS → firewall → Network Security Policy → Add → Application Path → Select —> Files Group —> Avast( if the group is called for avast)

  3. CIS → Defense+ → Computer Security Policy → Add → Select → File Groups and make mark “Use a Predefined Policy” and select “Trusted program”

  4. CIS → Defense+ → Computer Security Policy → select Comodo Internet Securiy and press edit → Customize → Interprocess Memory Accesses → Modify → Add → File Groups → select the wanted group.

Regards,
Valentin N

I changed the security policy of avast to a “trusted application” in the Firewall and Defense categories and it seems to work, although cfp.exe still appears sometimes, but it doesn’t get over 10-20%, usually 2-5% as I observed until now.

Before I read your last reply I also shut down all avast shields, and cfp.exe stopped too. So it seems it’s some kind of interference with Avast.

Also, I don’t know why you suggested me

1) CIS --> Defense+ --> Computer Security Policy --> Protected Files and Folders --> Groups --> Add --> New Group...(give this group a name, for instance Avast). Now click once on "add files here" and Add then Add --> Select Fromand --> Browse... and add find the wanted folder
That crashed the firewall and after that I read what that option is usefeul for. Why should I add an antivirus folder to protected files and folders? It's an antivirus anyway ! ;D

Also, the log appears to be empty.

[EDIT] Nah, it came back. CFP.exe still randomly starts using 40-50% of my cpu. Even with the disabled shields.

Assuming you are using Avast AV v5 the problem is with one of the components of Avast trying to access CIS files in memory. That triggers CIS self defence which then makes it eat up a lot of CPU cycles. That is something that would have showed up in the D+ logs; hence that’s why I asked about them.

There are two solutions for this. One is Valentin’s; allow the memory access by Avast. There is a possible downside to that in that it makes CIS vulnerable to attack.

The second one in this case is to add the CIS installation folders to the exclusions of Avast AV. That is the one I prefer as it does not compromise the self protection of CIS.

I have added to the exclusion lists in avast the comodo firewall( wherever I could find one I added the folder there), and did those exclusions too in comodo, and even with the avast shields shut off cfp.exe still eats up 40-50% of my cpu when I open firefox.

Actually, it doesn’t matter if it’s firefox or not. It’s just more probable to do this when I open firefox, but it does it randomly too. So I’m thinking this is more than a simple conflict with avast.

Be sure you’re not in Training Mode - I had same problem with cfp.exe ‘eating’ CPU until realized I was in Training Mode & switched to Safe Mode for both the Firewall and Defense+. cfp.exe has been very well-behaved ever since.

Avast and Comodo can be configured to work well to check for malware, instead of checking each other all the time and creating high CPU and memory usage (not to mention a “hot” computer).

To reduce CPU usage in Cfp.exe, do this in Comodo:

CIS → Defense+ → Computer Security Policy → Defense+ Rules → Right click on “AvastSvc.exe” → Edit → Customize → Access Rights tab → click “Allow” boxes for all → OK → Apply → OK

To reduce high CPU usage in AvastSvc.exe, do this in Avast:

Avast → Real time shields → Expert settings → Exclusions → browse → add this “C:\Program Files\COMODO*” → OK