Running a Win XP SP3 desktop and banking with Natwest, I too download Rapport in a moment of carelessness earlier in January 2010, resulting in instability in a hitherto rock-solid desktop. First, IE slowed down over period of days. Secondly, system froze (Windows Explorer unresponsive), followed by BSOD on shutdown, RapportPG.sys appearing as the implicated driver. Attempts to uninstall Rapport via CP A/R Programs robbed IE8 of the ability to connect (occasionally it would do so if all Add-ons were disabled, but the behaviour was random). Also my ZA Firewall lost all its registers and had to be reinstalled. Uninstalling IE8 via a reinstall operation failed twice to restore normality. Eventually succeeded by using the spuninst.exe command as recommended by Microsoft, returning to IE7 (but had then to make two minor registry changes to get IE7 to connect). Also found several Trusteer Rapport entries in registry that I removed manually. All in all, grief and catastrophe!!
Clearly somehow Rapport seriously interferes with IE8. This is defective software, poorly engineered and is a disgrace. The banks have no business recommending it, but since they have no understanding of high technology this is forgiveable - their motives are laudable.
Do not install any Trusteer software until there is solid evidence that these people have acquired the competence to be TRUSTED as a reliable software vendor.

Thanks to the warnings on here, I was able to tell my bank a resounding "NO WAY!" when they strongly recommended I install this software for my own security. The folks I spoke to were not aware of any problem, and tried to reassure me there had been no complaints.

They did imply that I must install it to remain a customer, to which I replied that I had enjoyed being a good customer of theirs for the past 40+ years, but that would end if they insisted. They didn't.

We shall see.

You can add HSBC to the list of 'banks we work with'. They have just asked me to download, so I declined.

As a detached observer on this problem, it surprises me that there have not been more complaints from forum members and also the fact that the quality of the banks in this scheme is impressive so presumably they would have done there own checks on the system? I refer in particular to the Queen's bank, has she downloaded it?

Oh how I wish I'd seen this thread a couple of weeks ago.

On a thread started by me http://www.pprune.org/computer-inter...s-problem.htmlI thought I that was my snag.

HSBC continually nagged me to install this software, and in a moment of madness, I did. I have removed it using Control Panel, but will now follow up with the removal tool.

I'm afraid that if either of my banks, Alliance & Leicester or HSBC insist on using this software, I'll be off to someone else.

Thanks, VB for your detective work. I won't be touching Rapport with a barge pole.

Arkroyal
I hope that you are able to fully remove this software.
I can send you the removal tool that I used to get rid of mine if you have any problems obtaining one. Just PM me.

PLEASE NOTE:
To anyone that has installed this programme and then decided to remove it, even with the removal tool as provided by Trusteer.
Even the Trusteer removal tool DOES NOT remove every trace of the Rapport programme! There remains some encrypted files on your system that will need to be manually removed if you can locate them.
When I challenged Trusteer about this, they stated that these files were left on your sytem so that if ever you decided to re-install their programme, it would already have some information about you!

I wonder if persons that load this programme realise that encrypted information is held on their system and actually automatically communicated back to Trusteer! I am amazed that the banking IT departments are prepared to allow this to happen.

So others do not get caught out like we have, may I suggest that you and any other PPPruNers let as many people know about the potential problems this untried software can possibly cause.

I have also campaigned to some of the banks in question, challenging their responsibility (irresponsibilities?????) in attempting to 'force' their customers into using this software.

What I asked for in writing from my own personal bank was the following: "would they take full financial responsibility in returning my computer to it's pre-installation state if this software corrupted my system once it had been installed". I believe you can imagine their reply! This was because I am still receiving the odd 'nag' screen when logging on.

Arkroyal, if you need any further help please do not hesitate in contacting me and if I can help you then I will.
Volant Brique.

Hi VB

Thanks again for your help. I have used Rapport's removal tool, and all seems ok now.

I may need direction to search out any other files left by them.

I emailed HSBC with my concerns, and got this back:I wonder If that will change if someone interferes with my account?

I start Rapport before communicating with my bank and stop it running afterwards and do not appear to have any problems so long as I adhere to this procedure.
I will now pay close attention to any odd behaviour which may be associated with the Trusteer app.

This software is, at best, a placebo for the user and at worst (as another poster suggested) a crutch for the banks to accuse the user of lax security.

I would also go as far as to say that it is completely useless as a security application. It does not protect your data against the most serious malware infections, such as root-kits or other embedded viri.

The single most effective security precaution any Microsoft Windows user can take, no matter what website you are using, is NOT to use any iteration of Internet Explorer.

Sorry if this amounts to a thread-derailment.

No, I cannot agree that it ranks as the single most effective security measure.

For me, the three key on-line precautions are:

• Properly configured firewall (preferably hardware with NAT & PAT);
• Up-to-date anti-virus set to on-demand scanning;
• Not to run as an admin or equivalent.

SD

As has been said already, one of my concerns is that, should I fail to run Rapport and there are security problems, my bank may wash their hands of responsibility.

Unless the bank make installation of the software a condition of use then I don't believe they could do that.

That'sthe point I was trying to make. I've got an email from HSBC stating it's entirely optional, so if next time I log on,my accoubt's empty, I can't see it being my fault for not running Rapport.

Opening this thread up again following the MITB thread, I see that Rapport is not 'compatible' with Zone Alarm/Avast when run together. I also note that the spelling on Trusteer's site is not 100%. Following violant's concerns,

1) Are we sure the programme is 'squeaky clean' - antyhing that leaves encrypted files on my machine 'in case I want to re-install it' leave me wondering?

2) How does it 'detect' MITB when other programmes supposedly cannot?

Been running rapport for about 10 months now without so much as a hiccup. XP SP2, Avast and Malwarebytes running too. All good.

Rapport monitors your logins and registrations and tells you of any conflicts of usernames and passwords. It means you'll have to remember EVEN more combinations of these. I reckon I must have memorised about 20 combos so far...

So this software, which has the ability to phone home, knows all your login and password details. Gosh - how reassuring.

More and more institutions keep nagging me to download and install - any updates/latest opinions?

Didn't chrome have issues with security when it first came out? Add to that banking software and you have a whole load of issues.

Thank Goodness for my Macbook pro

Now being "recommended" by Santander online banking as well.

WHat does anyone know about the benefits of using the "virtual keyboard" in products like Kapersky where you click on a keyboard on the screen by using your mouse rather than using the keyboard itself. Said to defeat keyloggers.

This virtual on screen keyboard also exists in W7 (someone mentioned it on another thread on Pprune recently). You press the 'Windows' key and the 'U' and it comes up with a menu showing the keyboard, click on that, and there you have it.

If someone inserts a physical dongle between your keyboard plug and the computer directly (ie. an inline connection) such a device would be almost imperceptible and would evade physical and software detection.
However, if you have software running on your computer, it can detect keyboard API events sent by the keyboard driver OR the interface -also detect mouse events and the timing between events.

(Keypress timing data is a key tool in user identification)
Also many programs can take on screen snapshots a pre-programmed intervals with varying frequency -ie tied to how fast you type, activity/inactivity, whole screen or just active window)
With enough data on you, they would be able reduce a million password possibilities to a few probabilities.