Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

2, 99, 0, 0 4.55%
2, 88, 0, 0 9.09%
2, 87, 0, 0 4.55%
2, 87, 0, 0 9.09%
2, 79, 0, 0 18.18%
2, 79, 0, 0 4.55%
2, 79, 0, 0 4.55%
2, 79, 0, 0 4.55%
2, 70, 0, 0 4.55%
2, 57, 0, 0 13.64%
2, 57, 0, 0 4.55%
2, 57, 0, 0 4.55%
2, 56, 0, 0 4.55%
2, 56, 0, 0 4.55%
2, 56, 0, 0 4.55%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
OpenProcessToken, OpenServiceW, GetKernelObjectSecurity, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, AllocateAndInitializeSid, EqualSid, FreeSid, GetLengthSid, LookupPrivilegeValueW, AdjustTokenPrivileges, OpenSCManagerW, CloseServiceHandle, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, ConvertStringSecurityDescriptorToSecurityDescriptorA, CryptDestroyKey, GetTokenInformation, CryptEncrypt, CryptAcquireContextW, CryptGenKey, CryptReleaseContext, CryptImportKey, CryptExportKey, ConvertSidToStringSidA, ConvertStringSidToSidA, RegOpenKeyExW, RegQueryValueExW, LookupAccountSidW, CreateProcessAsUserA, SetTokenInformation, DuplicateTokenEx, ConvertStringSidToSidW, GetEffectiveRightsFromAclW, SetEntriesInAclW, GetSidSubAuthority, InitiateSystemShutdownW, GetNamedSecurityInfoW, SetNamedSecurityInfoW
crypt32.dll
CertCloseStore, CryptQueryObject, CryptMsgGetParam, CertFindCertificateInStore, CertGetNameStringW, CryptDecodeObject
gdi32.dll
EndDoc, CreateCompatibleBitmap, DeleteDC, CreateCompatibleDC, SelectObject, DeleteObject
kernel32.dll
DllMain
psapi.dll
GetModuleFileNameExA, GetModuleInformation, GetMappedFileNameA, EnumProcessModules, GetDeviceDriverBaseNameA, EnumDeviceDrivers, EnumProcesses, GetModuleBaseNameA, GetProcessMemoryInfo
shell32.dll
SHGetFolderPathW, SHGetFolderPathA, CommandLineToArgvW, ShellExecuteExA
shlwapi.dll
PathAppendA, StrStrIA
user32.dll
FindWindowExA, GetWindowThreadProcessId, GetClassNameW, CallNextHookEx, GetClassInfoExW, GetDesktopWindow, wsprintfW, CloseDesktop, GetUserObjectInformationA, GetThreadDesktop, OpenInputDesktop, PrintWindow, MessageBoxExA, GetWindowTextA, ShowWindow, SetForegroundWindow, GetSystemMenu, DeleteMenu, GetParent, GetClientRect, MonitorFromPoint, EnumDisplayMonitors, MonitorFromWindow, OpenClipboard, EmptyClipboard, SetClipboardData, EnumWindows, GetForegroundWindow, GetWindowRect, GetDC, GetWindowDC, CloseClipboard
version.dll
VerQueryValueA, GetFileVersionInfoW, GetFileVersionInfoSizeW, GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueW
wintrust.dll
CryptCATEnumerateAttr, CryptCATClose, CryptCATGetMemberInfo, CryptCATAdminReleaseContext, WinVerifyTrust, CryptCATOpen, CryptCATCatalogInfoFromContext, CryptCATAdminEnumCatalogFromHash, CryptCATAdminAcquireContext, CryptCATAdminCalcHashFromFileHandle, CryptCATAdminReleaseCatalogContext
wtsapi32.dll
WTSCloseServer
Export table
do_no_call_this_for_link_only
dummy
rooks_callback_dispatcher
rooks_clear_all_sinks
rooks_ctl_process_threadproc
rooks_get_base_version
rooks_get_process_data
rooks_get_registered_processes
rooks_is_initialized
rooksbas_callwnd_hook
rooksbas_init
tso_sb_init

rooksbas.dll

Rapport by Trusteer (Signed)

Remove rooksbas.dll
Version:   2, 79, 0, 0
MD5:   97c8faee3df3d13138a8003c9412ce8c
SHA1:   f46645569a2aaf5bed7518d72589e703a6e139f0
SHA256:   f3834883c4569be530d0bd1125d550e1289be55619abc5597d6404fe5df477bd

What is rooksbas.dll?

Trusteer Rapport is lightweight security software designed to protect confidential data, such as account credentials, from being stolen by malicious software (malware) and via phishing. To achieve this goal, the software first includes anti-phishing measures to protect against misdirection and attempts to prevent malicious screen scraping.

Overview

rooksbas.dll is loaded as dynamic link library that runs in the context of a process. The file is digitally signed by Trusteer which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:rooksbas.dll
Publisher:Trusteer Ltd.
Product name:Rapport
Description:Rooks/Base
Typical file path:C:\Program Files\trusteer\rapport\bin\rooksbas.dll
File version:2, 79, 0, 0
Size:541.84 KB (554,840 bytes)
Build date:3/21/2013 6:26 AM
Certificate
Issued to:Trusteer
Authority (CA):VeriSign
Effective date:Friday, February 12, 2010
Expiration date:Thursday, May 1, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 59.09%
Windows 7 Professional 13.64%
Microsoft Windows XP 13.64%
Windows 7 Ultimate 4.55%
Windows Vista Home Premium 4.55%
Windows 8 Pro 4.55%

Distribution by countryDistribution by country

United States installs about 42.86% of Rapport.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 40.00%
Sony 26.67%
Hewlett-Packard 13.33%
Intel 13.33%
GIGABYTE 6.67%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE