Troubleshooting High CPU & RAM Usage and Functionality Issues in Timus Connect Application on Windows

Overview:

This article provides troubleshooting steps to resolve common issues related to high CPU and RAM usage, as well as functionality disruptions in the Timus Connect application. It aims to assist in identifying and addressing problems that may arise due to antivirus or endpoint protection software blocking key executables or interfering with the application's native operations. By following these guidelines, users can ensure smooth performance and prevent potential conflicts that could lead to prolonged processes or system slowdowns.

To ensure full compatibility and performance of the Timus Connect application, it is critical that all related executable files are properly whitelisted in both Antivirus (AV) and Endpoint Protection Platform (EPP) tools.

Failing to whitelist these files may cause:

• High CPU and memory usage
• Stuck or unresponsive processes
• VPN connection failures
• Performance degradation due to blocked native API calls or memory hooks

Modern AV/EPP solutions may block more than just the executable file. They often inspect runtime behavior, command-line parameters and system-level API calls. Therefore, it is essential to allow not only the executables but also their full runtime behavior.

✅ Required Executables for Whitelisting

The following files must be excluded from scanning, behavioral analysis, and execution restrictions:

C:\Program Files\Timus Connect\Timus Connect.exe
C:\Program Files\Timus Connect\Uninstall Timus Connect.exe
C:\Program Files\Timus Connect\resources\elevate.exe
C:\Program Files\Timus Connect\resources\service\timus-connect-service.exe
C:\Program Files\Timus Connect\resources\service\timus-helper-service.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\certutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\modutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\pk12util.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\shlibsign.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\certutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\modutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\pk12util.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\shlibsign.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openssl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openvpn.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openvpn_2.4.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tapctl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tuntap_win\tapctl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tuntap_win\tapinstall.exe
C:\Program Files\Timus Connect\resources\service\lib\win\telemetry\timus-telemetry.exe
C:\Program Files\Timus Connect\resources\service\lib\win\wireguard\amd64\timus-wireguard-tunnel-service.exe
C:\Program Files\Timus Connect\resources\service\lib\win\wireguard\amd64\wg.exe

🔐 General Whitelisting Guidelines

To ensure full functionality, perform whitelisting at two levels:

1. Client-Side Agent – Exclude paths directly on the endpoint
2. Central Console – Apply policy-wide exclusions for consistency and scale

For maximum compatibility:

• Exclude by exact file path
• Exclude entire Timus Connect folder to cover future updates

🔧 Configuration by Vendor (Antivirus + EPP)

1. Windows Defender (Microsoft Defender for Endpoint)

Client UI:

• Go to Windows Security → Virus & threat protection → Manage settings → Add exclusions
• Add both individual .exe files and the full folder path

PowerShell (for bulk deployment):

Add-MpPreference -ExclusionPath "C:\Program Files\Timus Connect"

Microsoft Defender for Endpoint (MDE Console):

• Go to Device Configuration → Endpoint Security → Antivirus → Policy
• Add exclusions under Microsoft Defender Antivirus settings

2. BitDefender GravityZone

Control Center:

• Navigate to Policies → Antimalware → Settings → Exclusions
• Add file paths for all relevant executables and their subfolders
• If “Advanced Threat Control” flags the app, add a Process Exception

Client:

• Open local agent settings → Go to Protection → Manage Exclusions
• Add relevant paths manually

3. SentinelOne

Management Console:

• Navigate to Threat Protection → Exclusions
• Add executables by path
• Create Behavioral AI exclusions to allow elevated processes and tunneling apps (OpenVPN/WireGuard)

Note: SentinelOne client does not support local UI configuration—central management only.

4. CrowdStrike Falcon

Cloud Console:

• Go to Configuration → Prevention Policies
• Add to “Allow List” using exact path
• Confirm that the process is excluded from behavioral blocking policies (e.g., “Process Injection” or “Credential Access” rules)

5. Trend Micro Apex One

Control Manager:

• Navigate to Policy Management → Agent Settings → Exceptions
• Add both file and folder exclusions
• Include all child .exe under Timus Connect path

Client:

• Right-click agent icon → Go to Settings → Scan Exceptions

6. Symantec Endpoint Protection

SEPM Console:

• Go to Policies → Exception Policies → Windows Exceptions
• Add by File, Folder, and optionally by File Type (.exe)

Client:

• Open SEP UI → Settings → Configure Exceptions

7. McAfee Trellix Endpoint Security

ePolicy Orchestrator (ePO):

• Go to Policy Catalog → Endpoint Security Threat Prevention → Access Protection → Exclusions
• Add by path and allow for:
  • Read/Write Access
  • Memory Access

Client Console:

• Open ENS client → Go to Threat Prevention → Show Advanced Settings → Exclusions

8. ESET Endpoint Security

ESET PROTECT Console:

• Go to Policies → Detection Engine → Exclusions
• Add all Timus .exe files and folders

Client Interface:

• Open ESET UI → Setup → Detection Engine → Manage Exclusions

9. ThreatLocker

Portal:

• Navigate to Application Control → Policies → Add Policy
• Create a custom group for Timus Connect
• Approve each executable manually
• Ensure compatibility with Ring0 operations (driver/low-level calls)

⚠️ Additional Notes on Runtime Behavior

• Some Timus components use privilege elevation (elevate.exe), create or manage services, and perform tunneling operations using OpenVPN and WireGuard.
• EPPs with behavioral engines may falsely classify this behavior as malicious.
• We strongly recommend creating behavioral exclusions where applicable to allow full functionality.
• Monitor the application’s performance post-deployment and check for flagged events in your EPP logs.

⚠️Additional Step: Run System File Checker (SFC) and DISM

If you continue to experience high CPU, RAM usage, or functionality issues after whitelisting the executables, it may be helpful to run the System File Checker (SFC) and DISM commands to repair potential system file corruption. Follow these steps:

1. Open Command Prompt as Administrator.
2. Run the following command to check for and repair corrupted system files:

   sfc /scannow

3. Once SFC completes, run the following DISM command to repair the Windows image:

   DISM /Online /Cleanup-Image /RestoreHealth

These steps can help resolve underlying system issues that might be contributing to performance problems or functionality disruptions.

Summary of Actions