Initialization cfp.exe during start - Firewall ignores rules for System/ 445port

Excuse for the bad English.
Periodically during system CIS start produces the message that System tries to accept incoming connection or it will be connected to the Internet on port 445. Rules for System and 445 ports are accurately defined. These notifications have incidental character and are watched by me since version 3.0. I long couldn’t understand in what the reason as messages fell out irrespective of the created rules for System and 445 ports (locking or resolving). In the fifth version CIS hasn’ted that at start of system the state tag in a primary window shows some short time initialization of the program and burns yellow, then lights up the green. Thus experimentally it was possible to clarify the following: Firewall CIS can produce requests about entering and proceeding TCP connections System on port 445 irrespective of network rules if the given connections happen in a short space of time initialization of the program during start
(During start cfp.exe).
Firewall doesn’t pass connection, but produces request. Certainly it isn’t critical for security of the computer but as a result starts to irritate a little as CIS has been selected by me as well provisionable product. This situation is watched often if the computer is connected to a dedicated line the Internet and has real IP (for example the largest provider in Kharkov - Triolan). At connection VPN or NAT it is watched rarely.
It is checked up on Windiws XP SP3 x86, Windiws 7 x64/86 and more than 30 computers with different hardware. As the given situation doesn’t depend on the applications installed in system and operation mode Windows Firewall and rules most CIS. That is during system start there is a loading on HDD and the processor that in turn increases start and initialization time cfp.exe and if at this time there is an incoming connection on port 445 the question is asked even if there is a rule. I watch within two years, thought that developers will correct in new versions but with an output of the fourth and fifth version has changed nothing.
All adjustments CIS, and as any standard configurations - without result have been tested and checked up. As you have understood, I have tested a considerable quantity of variants of adjustments and configurations in three versions CIS (3, 4, 5), in various systems. On it I do not see sense and I have no possibility (for prior versions) to apply official reports and damp files.

Above red line connections the systems registered right after start and the program (as some seconds happened program initialization) are shown.
As we see from six incoming connections on port 445 two it has been blocked and designated as “Windows Operation System”. On remaining four the question has been asked and they are designated in a broad gull as “System”. In global network rules is specified to lock any connections on port 445.
I will remind that the given situation is watched only at start. Further Firewall locks all connections on 445 port without request, as well as it is necessary.
Topic in Russian forum

Initialization cfp.exe during start - Firewall ignores rules for System / 445port

The bug/issue

  1. What you did: start your computer, start Windows, the initialization cfp.exe
  2. What actually happened or you actually saw:Alert System is trying to take an incoming connection port 445 during the initialization cfp.exe, after starting in the further work of the connection is blocked or permitted (depending on rules) and the notification does not appear
  3. What you expected to happen or see: No notification
  4. How you tried to fix it & what happened: all sorts of manipulations with the settings to create different block and allow rules for the System and port 445
  5. If its an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (execpt CIS) involved with download link:
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: to observe the situation should have the following conditions are connected to leased line Internet with a real IP, Firewall CIS to create a block or allow a rule, turn on the computer and load Windows. If during the start-up and initialization will cfp.exe incoming connections on port 445, the CIS will popup notification of incoming connection port 445 System
  8. Any other information (eg your guess regarding the cause, with reasons):
    That is during system start there is a loading on HDD and the processor that in turn increases start and initialization time cfp.exe and if at this time there is an incoming connection on port 445 the question is asked even if there is a rule.The situation is episodic in nature, as a prerequisite must be fulfilled - an incoming connection on port 445 during the initialization cfp.exe. On this happens more often when the computer is connected to a leased line network with a lot of running and correspondingly more packets on port 445 (Network debris). If your computer is connected to a router or VPN alert appears very rarely.
    In my case, an alert may appear in five cases out of ten.

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug: not required
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List: Appended
  3. A CIS config report or file. Not applicable
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: However version after 3.0, AV database version - any, configuration used - any
  2. a) Have you updated (without uninstall) from CIS 3 or 4: Not applicable
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: Not applicable
  3. a) Have you imported a config from a previous version of CIS: Not applicable
    b) if so, have U tried a standard config (without losing settings - if not please do)?:Not applicable
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): block or allow connections on port 445
  5. Defense+, Sandbox, Firewall & AV security levels: D+=any , Sandbox=any , Firewall =custom , AV =any
  6. OS version, service pack, number of bits, UAC setting, & account type: Windiws XP SP3 x86, Windiws 7 x64/x86, UAC setting - enabled / disabled, account type - administrator
  7. Other security and utility software installed: not
  8. Virtual machine used (Please do NOT use Virtual box): not

[attachment deleted by admin]

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation


Tried to draw correctly. But with the English I course tight …

Thank you for your Issue report.

Moved to verified.

Thank you


In the CIS version 6 has been corrected, thanks to the developers.