100% Cpu For About 5 Minutes

This is seriously delaying getting to a fully responsive Win 10 desktop on my rather underpowered Thinkpad E335. The culprits are Antimalware Service Executable (the Windows Defender Service) and two Rapport services (Trusteer Rapport). Once they have settled down the system is reasonably responsive though the Antimalware Service Executable will continue to hog 15-25% of the cpu. I use Rapport because all the banks recommend that you do. Windows Defender I will happily swap for some other AV if it would be beneficial.

Any thoughts gurus?

 

Banks have essentially 'pushed' Rapport for many many years. I've no doubt Rapport pay banks to do that. It is unnecessary. If you choose a decent third party real time AV program WD will be disabled in real time and you don't need Rapport

 

Rapport is often buggy, sometimes to the extent of triggering BSODs. Use a LiveCD Linux Distro to do your banking from and remove Rapport.

 

I could reboot into Puppy but as all my financial records are in Windows spreadsheets (Lotus 1-2-3, don't ask) it really isn't too convenient - a nono actually.

Rapport isn't an AV and can't be substituted by an AV, but I use it because if ever there is a problem with my bank I can demonstrate that I have followed their advice to the letter. I've only used MSE/Defender for years and can just about remember Avast annoying the hell out of me when I tried it. What would you recommend for a modestly powered laptop?

 

I know full well it is not a real-time anti-malware program, and that's the reason you don't need it. Apart from the fact that it's rubbish. Your bank have no legal grounds whatsoever to impede any refund for a problem using their website without Rapport. You can check that fact with your Local Authority's Trading Standards department. I've been with HSBC and its predecessor in the UK for over 40 years, and worked for them for 20. They can make no condition on what security software you use.
By the way, most UK banks now operate online banking via a secure digital key and malware would simply potentially stop you logging on - it wouldn't enable even a hacker to access your accounts generally, let alone malware.

 

I forgot to respond to what AV. My personal choice above all others is Comodo - WD is disabled in real time when installed and you wont have the CPU hogging Rapport either. System resource use would be the same if not less. CIS has much better independent ratings as AV only or the full suite than most others and especially WD and Rapport.

 

I've got this clever Rollback RX. Ideal time to reinstall it if I want to try a few AVs. I'll start with CIS but welcome any other suggestions based on personal experience.

 

Buzz around MalwareTips is to go with Comodo Firewall (HIPS off) and then use auto-sandboxing of unknowns to sandbox malware. It's very lean and efficient and ALMOST 100% effective. Only way around it is to have a signed malware that is from a trusted publisher. You could fish around for settings for CIS on MT if you like.

Comodo Firewall installs standalone in version 10. Using it as above, you can bundle it with and a-v like avast. In hardened mode avast free is ghastly good these days. I'm using CF with 360 TS, which is working well for me. I also have NoVirusTotal Exe Radar Pro (its free now) on the side, which is pretty d$%@ amazing itself.

Oh, CF or CIS have the secure desktop. It's meant for banking, and I'm sure your banks would find that a respectable choice if you are still concerned about that...

 

OK, Defender and Rapport both now removed and CIS up and running. Even with the additional overhead of Rollback RX the system feels as if a load has been taken off its back and boot time to working desktop came down way over a minute. After using the nearly invisible Defender for so long I'm not used to having the array of choices and information that CIS offers so I'll run like this for a while until I start to feel more a bit more at home with it. If that doesn't happen I'll try a different firewall/AV combo as AtlBo suggests. Rollback makes making such changes ridiculously easy.

I'm still puzzled as to why the previous setup was so sluggish and suspect Rapport may have been the culprit. I may roll back to my starting position and just remove Rapport to test that.

 

Seems Rapport was the primary problem, using a lot of cpu itself but also causing MSE to do the same. Back now to seeing how I get on with CIS in place of MSE. Last time I installed it I had to manually turn off the Win 10 firewall - bit surprised at that.

 

You might be able to use Windows Defender with CIS Earthling if you turn off the a-v component of CIS. I would have to ask around. At the end of that you end up from CIS with the same functionality as with Comodo Firewall by itself (nice of Comodo to make possible the installation of the standalone firewall again). This is the reason I went with CF. Comodo's definitions are apparently kind of put bluntly...well, dreadful(?). I think that's the word. To build layered security with good flow, either Defender (if you can turn it on) or Avast side by side with CIS/CF should I think be ideal.

I think the best advice on how to use the HIPS/sandboxing of CIS will put you in the ballpark of extremely tight security with or without an a-v or anti-malware component. The a-vs are amazing these days, though. Avast in hardened is basically an anti-exe that removes the decision making almost, working from its millions of sigs and hashes and so on. It doesn't handle command line blocks like VoodooShield or NoVirusTotal ERP, but it is the extra identification of known bads in the same way as VS...just overall better for sigs in comparison and also free-er .

 

I'm crying into my beer... You have Microsoft Office 2007 Enterprise.

 

Good info AtlBo, if a mite confusing to someone like me to whom the mere mention of 'AV' is enough to send me nodding off . I've got Max asserting that CIS is absolutely the best, and you telling me CIS definitions are a bit of a laugh, and all against the backdrop of my using MSE/WD for donkey's years without so much as a bite, excuse the pun. I just need something that will act if/when there is need to do so but otherwise keeps quiet and out of my way and doesn't hog my system.

TBH, now the system is not being held back by Rapport, I don't have much reason to change what I've used for years, the Windows firewall and Windows Defender, but as it's so easy to what if with Rollback I'll see if I can run WD with CF, and if I can't then I'll try CIS on its own and see how it goes.

@Eldon - I've got some pretty fancy spreadsheets and I ain't wasting any of my life rewriting them for Excel. Anyway I prefer Lotus.

 

My favourite is the Lotus Esprit S4s.

It's the holiday season...

 

I think you'll get hooked on using the sandboxing to the proper degree (it requires a few settings adjustments) if you give it a chance. Otherwise, MaxTurner is correct. You have great security with CIS. Looks like v10 took out alot of nags and little difficulties. Probably fine with Defender and WF. It's not a bad setup.

The wolves over at MT have me gilled up to the googleplex with security now. I just HAD to pass their PC Secure test. Learned a good bit during the process. It is kind of interesting too to be closer and keeping up with what's happening with the security companies.

 

No. You don't have to turn anything off in CIS - windows defender real-time is disabled when it is installed. Manual WD scans are still available but of no worth.

 

I removed Rapport and installed CIS. It updated itself and did a scan with no issues. It also appeared to have a very small footprint in task manager and my laptop was feeling remarkably light of foot. I had to manually stop the Windows firewall but that was the only adjustment needed. It was only when I began poking around in page after page of CIS settings, few if any of which meant anything at all to me, that I began to wonder if this was what I really wanted. After all I have trusted Microsoft to configure my AV for me for years and have never had an unwanted intrusion on any of our systems so why do I need all these choices that I don't understand? That was easy - I don't. Sorry AtlBo, I know you love all this stuff but I most definitely do not. So I'm now back on Defender and Windows firewall and if I want to 'sandbox' anything I can do so very easily with Rollback RX.

 

You don't need to make a plethora of choices. But no one can run through with you how easy it is to configure CIS. You have to run through them yourself in a relaxed way.

 

But that's the point Max - all those choices/options being available makes you feel you should make some effort to understand them and use them, otherwise there isn't any point in having them. With Defender you either accept the defaults or you use something else. I know I'm being lazy but until I get a problem using Defender I'm really not interested in exploring alternatives.

 

Honestly it's more complicated even than it seems when you really make an effort to point or tailor security with CIS. v10 looks better in many ways to me than 8.x.x.x, but I still think Comodo could improve the settings dialog very much.

The biggest problem is that certain settings override others, and it's very difficult to learn which. OOTB Max's way will get you the 98% success of the program. The sandbox technique is very flashy, however, and I am happy I found this way to run the program. It's sort of like RollBack without the disk space usage, because only unknown processes are sandboxed. Works great with a really good detection software like avast or Bitdefender, etc. and then I have added NoVirusThanks EXE Radar Pro, which is a fun add on.

 

I've been using CIS since its inception on many systems. It is simply no where near as complicated as the posts here suggest.
A user can choose whether to enable all features (ie whether to use Sandbox or Viruscope or not). If at the time of install, the user knows the system is clean, then in FW and HiPs - choose SAFE MODE. In AV choose 'stateful'. If a user also then configures FW & HiPs to allow automatically all the programs they have installed the number of permissions windows generated are few and far between.

 

Unexpectedly I found that losing Rapport was unsettling me. OK, it had definitely been a major factor in slowing this laptop down but as Rapport is specifically targeted at protecting connections to banks, which I have to do a lot, I felt a bit naked without it. So I gave Comodo another try and found that I could sandbox Firefox very easily while doing this sort of thing and I'll just have to trust it to properly take care of all the other malware stuff. It certainly doesn't noticeably affect the system, as Rapport did, and I feel a bit more comfortable with it than without it.

 

And you're worried about Rapport?

 

It wasn't meant to be taken too seriously Eldon