How to remove $R7A9CA3.dll

$R7A9CA3.dll

The module $R7A9CA3.dll has been detected as Risk.RemoteAdmin

$R7A9CA3.dll
Remove $R7A9CA3.dll

File Details

Product Name:

WebM VP8 Decoder Filter
Company Name:

Google
MD5: d43fa82fab5337ce20ad14650085c5d9
Size: 378 KB
First Published: 2017-05-21 08:10:11 (6 years ago)
Latest Published: 2021-05-05 20:15:10 (2 years ago)
Status: Risk.RemoteAdmin (on last analysis)
Analysis Date: 2021-05-05 20:15:10 (2 years ago)

Overview

Signed By: Aleksei Ter-Osipov
Status: Valid

Common Places:

%desktop%\rms - viewer 6.5.0.8 [reverse] (cyber industries)
%programfiles%\install
%programfiles%\utorent
%sysdrive%\$recycle.bin\s-1-5-21-3118798610-2729874070-2900721389-1000
%commonappdata%\windowsvolume
%programfiles%\instal
%sysdrive%\windows.old\users\ренат\desktop\rms - viewer 6.5.0.8 [reverse] (cyber industries)
%commonappdata%\windowswork
%desktop%\rdp\vnc scanner gui v 1.2\h_serv 18.12.16\файлы сервера
%desktop%\rdp\vnc scanner gui v 1.2\h_serv 18.12.16\viewer

File Names:

vp8decoder.dll
$R7A9CA3.dll
$RDPHT1S.dll
hi6bletnst.dll

Geography:

60.8%
10.4%
6.9%
2.7%
1.9%
1.9%
1.6%
1.3%
1.3%
1.3%
0.8%
0.8%
0.8%
0.8%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows 10 62.0%
Windows 7 31.4%
Windows 8.1 5.9%
Windows 8 0.5%
Windows Server 2012 0.3%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x10000000
Entry Address: 0x0003320c

PE Sections:

Name Size of data MD5
.text 270336 e5a867bedf0ec791af216c1392bae397
.rdata 84992 437b7f90762e8b53fa14b7270af06243
.data 7168 1edb88555b6c6d63b5977a89e3cd0d97
.rodata 3072 e602283784f586b905a5f5840fbd8de0
.rsrc 4096 dad0060b082647a0fcad18a06d31a074
.reloc 10752 7906904817fe5a27fcb831624deb6316

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $R7A9CA3.dll
copyright for information about $R7A9CA3.dll