Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

2, 164, 0, 0 5.26%
2, 152, 0, 0 10.53%
2, 148, 0, 0 5.26%
2, 148, 0, 0 5.26%
2, 139, 0, 0 15.79%
2, 139, 0, 0 5.26%
2, 139, 0, 0 5.26%
2, 139, 0, 0 5.26%
2, 132, 0, 0 5.26%
2, 118, 0, 0 21.05%
2, 116, 0, 0 5.26%
2, 98, 0, 0 5.26%
2, 96, 0, 0 5.26%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegCreateKeyExW, RegSetValueExW, RegOpenKeyExW, EqualSid, CryptEncrypt, CryptAcquireContextW, CryptGenKey, CryptReleaseContext, CryptImportKey, CryptExportKey, CryptDestroyKey, RegOpenKeyExA, RegQueryValueExA, RegQueryValueExW, RegEnumKeyW, RegCloseKey, RegDeleteKeyW, DeleteService, CreateServiceW, ControlService, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, QueryServiceStatus, ChangeServiceConfigW, StartServiceW, AdjustTokenPrivileges, LookupPrivilegeValueW, GetTokenInformation, OpenProcessToken, GetKernelObjectSecurity, FreeSid, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, AllocateAndInitializeSid, GetLengthSid, CloseServiceHandle, ConvertSidToStringSidA, ConvertStringSidToSidA
kernel32.dll
CompareFileTime, GetSystemTime, SetEvent, RaiseException, UnhandledExceptionFilter, IsDebuggerPresent, ResetEvent, GetSystemTimeAsFileTime, GetProcAddress, GetModuleHandleA, WideCharToMultiByte, lstrlenW, EnterCriticalSection, LeaveCriticalSection, InterlockedIncrement, InterlockedDecrement, GetLastError, PostQueuedCompletionStatus, CreateFileW, ConnectNamedPipe, DeleteCriticalSection, InitializeCriticalSection, CreateIoCompletionPort, GetQueuedCompletionStatus, CreateThread, ReadFile, WriteFile, CloseHandle, CancelIo, LoadLibraryW, GetCurrentProcessId, VirtualProtect, VirtualFree, GetModuleHandleW, UnmapViewOfFile, MapViewOfFileEx, CreateFileMappingW, GetCurrentProcess, SetUnhandledExceptionFilter, InterlockedExchange, InterlockedCompareExchange, SetLastError, Sleep, MultiByteToWideChar, TlsAlloc, TlsFree, TlsSetValue, TlsGetValue, VirtualQuery, MapViewOfFile, FlushInstructionCache, IsBadReadPtr, CreateFileMappingA, GetVersion, LocalFree, LocalAlloc, VirtualAllocEx, VirtualQueryEx, VirtualFreeEx, GetCurrentThreadId, DuplicateHandle, GetCurrentThread, OpenProcess, VirtualProtectEx, WriteProcessMemory, HeapAlloc, GetProcessHeap, HeapFree, CreateRemoteThread, ReadProcessMemory, IsBadWritePtr, GetExitCodeThread, WaitForSingleObject, VerifyVersionInfoW, VerSetConditionMask, GetTickCount, lstrcpyW, TerminateProcess, ResumeThread, CreateProcessW, CreateProcessA, GetVersionExW, GetSystemDirectoryW, GetCurrentDirectoryW, GetModuleFileNameW, GetFileAttributesW, GetModuleFileNameA, ReleaseMutex, CreateMutexW, lstrcatA, GetThreadContext, OpenThread, OpenMutexW, OpenFileMappingW, CreateEventW, OpenEventW, lstrcpyA, GetWindowsDirectoryW, DeviceIoControl, QueryPerformanceCounter, QueryPerformanceFrequency, OutputDebugStringA, LoadLibraryA, SearchPathW, ProcessIdToSessionId, FreeLibrary, RtlCaptureContext, GetSystemInfo, GetVersionExA, InterlockedExchangeAdd, DeleteFileW, MoveFileW, CreateDirectoryW, FindClose, FindNextFileW, FindFirstFileW, GetProcessId, InitializeCriticalSectionAndSpinCount, CreateSemaphoreW, ReleaseSemaphore
msvcp80.dll
DllMain
msvcr80.dll
DllMain
psapi.dll
GetDeviceDriverBaseNameA, EnumDeviceDrivers, GetModuleFileNameExA, GetModuleInformation, GetMappedFileNameA
shell32.dll
SHGetFolderPathW, SHGetFolderPathA, CommandLineToArgvW
shlwapi.dll
PathAppendA
user32.dll
OpenInputDesktop, GetUserObjectInformationA, GetThreadDesktop, SetWindowLongW, EnumChildWindows, RegisterWindowMessageW, GetClassInfoExW, GetWindowLongW, SendMessageTimeoutW, GetWindowThreadProcessId, SendMessageW, FindWindowExA, GetClassNameW, GetParent, GetClassNameA, GetDesktopWindow, GetClassLongW, CallWindowProcW, CloseDesktop
version.dll
GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
Export table
begin_fnhook_chelper_hooking
end_fnhook_chelper_hooking
on_construct_sink
on_resolve_sink
rooks_ext_get_rooks_extension
rooksdol_fnhook_chelper_hook
rooksdol_fnhook_chelper_phook
rooksdol_fnhook_chelper_unhook

rooksdol.dll

Rapport by Trusteer (Signed)

Remove rooksdol.dll
Version:   2, 98, 0, 0
MD5:   1f3c82ffb42bc2c7219392fb71a9f1ec
SHA1:   671769bff3907cf6dda99c6c769264251a91f26b
SHA256:   d39b959c3633c89e3be155a86daa9fe64b262c6ef298e930d253a7f67c15a642

What is rooksdol.dll?

Trusteer Rapport is lightweight security software designed to protect confidential data, such as account credentials, from being stolen by malicious software (malware) and via phishing. To achieve this goal, the software first includes anti-phishing measures to protect against misdirection and attempts to prevent malicious screen scraping.

Overview

rooksdol.dll is loaded as dynamic link library that runs in the context of a process. The file is digitally signed by Trusteer which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:rooksdol.dll
Publisher:Trusteer Ltd.
Product name:Rapport
Description:Rooks/Dolomite
Typical file path:C:\Program Files\trusteer\rapport\bin\rooksdol.dll
File version:2, 98, 0, 0
Size:485.8 KB (497,464 bytes)
Certificate
Issued to:Trusteer
Authority (CA):VeriSign
Effective date:Friday, February 12, 2010
Expiration date:Thursday, May 1, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 63.16%
Windows 7 Professional 10.53%
Microsoft Windows XP 10.53%
Windows 7 Ultimate 5.26%
Windows Vista Home Premium 5.26%
Windows 8 Pro 5.26%

Distribution by countryDistribution by country

United States installs about 44.44% of Rapport.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 54.55%
Sony 18.18%
Hewlett-Packard 18.18%
GIGABYTE 9.09%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE