Trusteer Rapport

Just wanted to share, avast! just found a suspicious file with Trusteer Rapport (I've just reinstalled it again for testing), seems like a false-positive.

 

I'd set up my parent's in laws computer on a visit, and had things quick and secure. On a later visit, the computer felt a bit sluggish - didn't take long to find the cause as the only new program installed was Trusteer Rapport (put on by their son).

Uninstalled it, and things were back to normal - and my completely non-techie father in law even volunteered that the computer seemed faster.

 

strange.
i have no issues whatsoever on this 4 years old machine using Trusteer.

 

Trusteer fails Zemana test...
I´ve removed IE9 from EMET protection and added Google manually to "my sensitive websites".
I´ve checked in "Security Policy" that "Block keylogging" and "Block Kernel keylogging" are enabled with the following settings:

"Block keylogging": "On partner & my sensitive websites"
"Block Kernel keylogging": "Always"

I don’t know if the same occurs with Trusteer partner websites, but if it does this is very serious IMO...

Maybe someone else here using Trusteer can confirm this.

 

I would expect a "sensitive website" has to be https rather than http

 

You can manually place any website under Trusteer protection, and those will stay under the category "My sensitive websites":

Check: Dashboard(page 1)>Trusted Websites>Browse Trusted Websites>websites you manually added

and

Dashboard(page 2)>Security policy>Edit policy


In every website i added, Zemana test can capture the keystrokes.

 

If you run the Zemana Keylogger on a "Partner Website" Rapport will scramble both the Login detail keystrokes and the password. If you login to a site that you have added manually as a "My Sensitive Websites" - ie: amazon.com - although it is an https: site Rapport will only scramble the password, the login will show in the Zemana window 'as typed' except numbers and symbols which show as letters.

 

... and so if someone adds an http site to "My Sensitive Websites" won´t be protected at all against keyloggers although might think it is…
Or am I missing something here?

 

It appears on 'my' machine running OA++ that on a "My sensitive website" Rapport protects the password but not the login credentials in both http and https websites. However, if you look in the policy settings it looks as if credit card details may possibly only be protected on Rapport "Trusted Partner Websites". I have asked their support to clarify this but have never yet received a reply