Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

5beb7 71.43%
8ddcc 14.29%
64974 14.29%
(Note, Trusteer publishes each variation of this file with the same version, but the hashes are unique.)

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
OpenProcessToken, GetTokenInformation, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, OpenSCManagerW, OpenServiceW, CreateServiceW, QueryServiceConfigW, StartServiceW, QueryServiceStatusEx, ControlService, DeleteService, OpenThreadToken, RegOpenKeyA, GetSecurityDescriptorDacl, InitializeAcl, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertSecurityDescriptorToStringSecurityDescriptorA, AddAce, GetAce, ConvertStringSecurityDescriptorToSecurityDescriptorA, RegSetKeySecurity, RegGetKeySecurity, RegDeleteValueA, RegDeleteKeyA, RegCreateKeyExA, RegSetValueExA, RegQueryMultipleValuesA, LookupPrivilegeValueW, AdjustTokenPrivileges, RegEnumKeyExA, CloseServiceHandle, CryptDestroyKey, CryptExportKey, CryptImportKey, CryptReleaseContext, CryptGenKey, CryptAcquireContextW, CryptEncrypt, FreeSid, EqualSid, AllocateAndInitializeSid, ConvertSidToStringSidA, RegEnumValueA
crypt32.dll
CryptDecodeObject, CertFindCertificateInStore, CryptMsgGetParam, CryptQueryObject, CertGetNameStringW
kernel32.dll
GetFileType, GetStartupInfoA, DeleteCriticalSection, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, WriteFile, LeaveCriticalSection, EnterCriticalSection, VirtualAlloc, HeapReAlloc, CloseHandle, MultiByteToWideChar, ReadFile, HeapSize, FreeLibrary, InterlockedExchange, LoadLibraryA, InitializeCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, GetLocaleInfoA, GetLocaleInfoW, SetFilePointer, GetConsoleCP, GetConsoleMode, SetStdHandle, FlushFileBuffers, CreateFileA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, TlsSetValue, GetConsoleOutputCP, WriteConsoleW, SetEndOfFile, GetTimeZoneInformation, CompareStringA, CompareStringW, SetEnvironmentVariableA, VirtualQuery, GetFileAttributesW, GetSystemTime, OutputDebugStringA, InterlockedExchangeAdd, GetModuleFileNameW, DeleteFileW, MoveFileW, CreateDirectoryW, FindClose, FindNextFileW, FindFirstFileW, FindNextFileA, FindFirstFileA, CompareFileTime, OpenProcess, GetStdHandle, ReadProcessMemory, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, DeleteFileA, RtlCaptureContext, GetSystemInfo, GetModuleHandleW, LocalFree, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, LoadLibraryExA, lstrcmpA, CreateFileW, GetVolumeInformationA, ExpandEnvironmentStringsA, SetFileAttributesA, MoveFileExA, GetFileAttributesExA, ReleaseMutex, CreateMutexA, OpenMutexA, GetVolumeNameForVolumeMountPointA, MoveFileA, QueryPerformanceFrequency, DuplicateHandle, TerminateThread, CreateThread, LocalAlloc, LoadLibraryW, lstrcpynW, FlushInstructionCache, QueryDosDeviceW, DeviceIoControl, TlsAlloc, TlsGetValue, ExitProcess, GetModuleHandleA, RaiseException, GetProcessHeap, HeapAlloc, GetVersionExA, HeapFree, GetCommandLineA, GetCurrentThreadId, GetLastError, InterlockedDecrement, InterlockedIncrement, InterlockedCompareExchange, GetModuleFileNameA, GetProcAddress, GetFullPathNameW, GetCurrentDirectoryA, SetHandleCount, Sleep, GetCurrentThread, SetLastError, TlsFree, GetDriveTypeA, WriteConsoleA, ProcessIdToSessionId, WaitNamedPipeA, MapViewOfFileEx, RtlUnwind, lstrlenA
ntdll.dll
RtlNtStatusToDosError, NtQueryInformationProcess, ZwQuerySystemInformation, RtlUnwind, NtDeviceIoControlFile, RtlDosPathNameToNtPathName_U, RtlFreeUnicodeString
ole32.dll
CoUninitialize, OleRun, CoCreateInstance, CoSetProxyBlanket, CoInitializeEx
psapi.dll
GetModuleFileNameExA, GetModuleFileNameExW, GetModuleInformation, GetDeviceDriverBaseNameA, EnumDeviceDrivers
shell32.dll
SHGetFolderPathA, SHGetFolderPathW
shlwapi.dll
PathAppendA
user32.dll
GetDesktopWindow, MessageBoxA, wsprintfW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
wintrust.dll
CryptCATAdminCalcHashFromFileHandle, CryptCATAdminAcquireContext, CryptCATAdminEnumCatalogFromHash, CryptCATCatalogInfoFromContext, CryptCATAdminReleaseContext, CryptCATAdminReleaseCatalogContext, CryptCATClose, CryptCATEnumerateAttr, CryptCATGetMemberInfo, CryptCATOpen, WinVerifyTrust
wtsapi32.dll
WTSFreeMemory, WTSSendMessageA, WTSEnumerateSessionsW
Export table
execute2
prepare_for_update
register_components

rapportms.dll

By Trusteer (Signed)

Remove rapportms.dll
MD5:   64974cb9410acfd3d22ddf7b84a479f0
SHA1:   401fdca4c5dab821b9687691110c5c91db938126

Overview

rapportms.dll is loaded as dynamic link library that runs in the context of a process. The file is digitally signed by Trusteer which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:rapportms.dll
Typical file path:C:\Documents and Settings\user\Application data\trusteer\rapport\store\exts\rapportms\39624\rapportms.dll
Size:1.07 MB (1,127,152 bytes)
Build date:9/21/2013 5:44 PM
Certificate
Issued to:Trusteer
Authority (CA):VeriSign
Effective date:Friday, February 12, 2010
Expiration date:Thursday, May 1, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 42.86%
Microsoft Windows XP 28.57%
Windows 7 Professional 14.29%
Windows Vista Home Premium 14.29%

Distribution by countryDistribution by country

United States installs about 85.71% of rapportms.dll.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 66.67%
GIGABYTE 33.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE