WSA AntiVirus and Trusteer Rapport

[sturgess]

Just sent this to Trusteer Rapport.......
"Just installed trial version of Webroot SecureAnywhere Antivirus which results in Trusteer Rapport reporting that an "Attempt to alter function BitBit has been blocked" any thoughts ?"
Some weeks back I contacted Webroot support with the same problem and asked if the replacement for Prevx SOL could be at fault, and they posted the following.. "Yes the 'Safe Online' portion of Prevx 3.0 is called the 'Identity and Privacy Shield' in Webroot SecureAnywhere.
You can disable this shield by clicking on 'Identity & Privacy' in the navigation pane and then clicking on the main green switch." .......problem is I am unable find this 'Identity and Privacy Shield' in the WSA AntiVirus version ?
Ideas welcomed and appreciated as I want to make the jump from Prevx if possible, removing Trusteer Rapport is however not an option.

[Sir Percy]

Quote:

Originally Posted by sturgess

Just sent this to Trusteer Rapport.......
"Just installed trial version of Webroot SecureAnywhere Antivirus which results in Trusteer Rapport reporting that an "Attempt to alter function BitBit has been blocked" any thoughts ?"
Some weeks back I contacted Webroot support with the same problem and asked if the replacement for Prevx SOL could be at fault, and they posted the following.. "Yes the 'Safe Online' portion of Prevx 3.0 is called the 'Identity and Privacy Shield' in Webroot SecureAnywhere.
You can disable this shield by clicking on 'Identity & Privacy' in the navigation pane and then clicking on the main green switch." .......problem is I am unable find this 'Identity and Privacy Shield' in the WSA AntiVirus version ?
Ideas welcomed and appreciated as I want to make the jump from Prevx if possible, removing Trusteer Rapport is however not an option.

That's because it is not present in WSA, only WSAE & WSAC includes Identity & Privacy.

[sturgess]

Thanks, thought as much but it's a bloomin' shame as that could have been the fix. Rapport has responded with "Rapport blocks suspicious attempts to alter browser functions regardless of their origin. " So it would appear that WSA unlike Prevx with SOL disabled is messing with the browser. I need to disable that function somehow ? I want WSA to be a Prevx 4, but not a Prevx 4 + SOL. Rapport also responded with "If the activity report presents hundreds of these events, please report a problem from the Rapport console and let us know about this, so we can check if this is malicious software or legitimate software that may need to be approved by Rapport." So it looks like if I report back when the log gets too big they may be able to offer a solution

[PrevxHelp]

The only modifications WSA makes when the IdShield is not installed are for monitoring and blocking malicious domains. If Rapport is flagging this, they'll likely need to add an exception or you may be forced to significantly reduce malicious website protection.

[sturgess]

Thanks PrevxHelp, I'll report back and see what they have to say.

[Victek123]

Quote:

Originally Posted by sturgess

Ideas welcomed and appreciated as I want to make the jump from Prevx if possible, removing Trusteer Rapport is however not an option.

Just curious as to why removing Rapport is not an option?

[sturgess]

"Just curious as to why removing Rapport is not an option?"
I like it, my bank likes it. I believe it is the best at what it does, and so does my bank.

[fax]

Quote:

Originally Posted by sturgess

"Just curious as to why removing Rapport is not an option?" I like it, my bank likes it. I believe it is the best at what it does, and so does my bank.

Btw, normally you get stronger antikeylogging, antiscreen grabber protection, man-in-middle and better antitampering with WSA IDshield than trusteer.

So I would think twice when selecting trusteer as compared to WSA. The fact that it is recommended by banks does not mean is as solid as you may expect. One past example is here: http://www.wilderssecurity.com/showthread.php?t=313878

Fax

[sturgess]

Hi fax, I've managed my own security successfully for the last 15 years and Rapport has been a part of that security for the last 3 years. I do indeed take notice of what my bank thinks, certainly more notice than a link to post on these forums. These forums are full of folk knocking every bit of software ever written, I do even believe your own recommendation has a few detractors ? You say "Btw, normally you get stronger antikeylogging, antiscreen grabber protection, man-in-middle and better antitampering with WSA IDshield than trusteer." You know this how ? Supplying me with a link to an independent and trustworthy report where I would be able verify your claims would be much appreciated.

[Amit]

Quote:

Originally Posted by fax

Btw, normally you get stronger antikeylogging, antiscreen grabber protection, man-in-middle and better antitampering with WSA IDshield than trusteer.

So I would think twice when selecting trusteer as compared to WSA. The fact that it is recommended by banks does not mean is as solid as you may expect. One past example is here: http://www.wilderssecurity.com/showthread.php?t=313878

Fax

I agree completely.

[fax]

Quote:

Originally Posted by sturgess

Supplying me with a link to an independent and trustworthy report where I would be able verify your claims would be much appreciated.

Tested myself... just my experience, if you browse here (paste threads) you will hear more examples. You don't beleive it? Then its fine... You are indeed entitled to do whatever, I was trying to give an honest unbiased suggestion. Financial transations / banking / shopping online needs the best protection possible as its a matter of your money. I would not just rely on trusteer for that, moreover if you run WSA on the system.

[sturgess]

fax "I would not just rely on trusteer for that,"
I don't

[sturgess]

Iron Man "I agree completely."
Good to know, a link to a well respected figure in the security industry who agrees would add weight to your post

[fax]

... and if I may ask what tools are you using for jamming keyloggers or screengrabbers? What trusteer and IDshield are doing is rarely covered by security suite. i.e. Manly focusing on protecting data before infection not after.

[sturgess]

fax "and if I may ask what tools are you using ...."
You may indeed ask, Webroot SecureAnywhere Antivirus, Trusteer Rapport, Malwarebytes Pro, Secunia PSI, Windows 8, IE10, and Windows very own firewall

[fax]

Thanks! Indeed Trusteer is somehow the only one tool covering you on ex-post infections as Webroot SecureAnywhere Antivirus lacks of the IDShield component (+ outbound firewall barrier). Well, to close the discussion: better Trusteer than nothing!

Good luck and cheers,
Fax