How to remove $R7A9CA3.dll

» File
File Details
Overview
Analysis

$R7A9CA3.dll

The module $R7A9CA3.dll has been detected as Risk.RemoteAdmin

Remove $R7A9CA3.dll

File Details

Main Info:

Product Name:	WebM VP8 Decoder Filter
Company Name:	Google
MD5:	d43fa82fab5337ce20ad14650085c5d9
Size:	378 KB
First Published:	2017-05-21 08:10:11 (8 years ago)
Latest Published:	2021-05-05 20:15:10 (4 years ago)

Analysis:

Status:	Risk.RemoteAdmin (on last analysis)
Analysis Date:	2021-05-05 20:15:10 (4 years ago)

Overview

Digital Signature

Signed By:	Aleksei Ter-Osipov
Status:	Valid

Common Places:

%desktop%\rms - viewer 6.5.0.8 [reverse] (cyber industries)

%programfiles%\install

%programfiles%\utorent

%sysdrive%\$recycle.bin\s-1-5-21-3118798610-2729874070-2900721389-1000

%commonappdata%\windowsvolume

%programfiles%\instal

%sysdrive%\windows.old\users\ренат\desktop\rms - viewer 6.5.0.8 [reverse] (cyber industries)

%commonappdata%\windowswork

%desktop%\rdp\vnc scanner gui v 1.2\h_serv 18.12.16\файлы сервера

%desktop%\rdp\vnc scanner gui v 1.2\h_serv 18.12.16\viewer

File Names:

vp8decoder.dll

$R7A9CA3.dll

$RDPHT1S.dll

hi6bletnst.dll

Geography:

Russia	60.8%
Ukraine	10.4%
Germany	6.9%
Algeria	2.7%
Kazakhstan	1.9%
Belarus	1.9%
France	1.6%
Thailand	1.3%
Colombia	1.3%
Moldova	1.3%
Brazil	0.8%
United Kingdom	0.8%
Taiwan	0.8%
Poland	0.8%
Czech Republic	0.5%
Kyrgyzstan	0.5%
Italy	0.3%
Slovakia	0.3%
Qatar	0.3%
Croatia	0.3%
Turkey	0.3%
Bulgaria	0.3%
Iran	0.3%
Lithuania	0.3%
Guatemala	0.3%
Israel	0.3%
Latvia	0.3%
Romania	0.3%
Armenia	0.3%
Lebanon	0.3%
Belgium	0.3%
Estonia	0.3%
Azerbaijan	0.3%
Luxembourg	0.3%
Turkmenistan	0.3%
Bolivia	0.3%
India	0.3%

OS Version:

Windows 10	62.0%
Windows 7	31.4%
Windows 8.1	5.9%
Windows 8	0.5%
Windows Server 2012	0.3%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x10000000
Entry Address:	0x0003320c

PE Sections:

Name	Size of data	MD5
.text	270336	e5a867bedf0ec791af216c1392bae397
.rdata	84992	437b7f90762e8b53fa14b7270af06243
.data	7168	1edb88555b6c6d63b5977a89e3cd0d97
.rodata	3072	e602283784f586b905a5f5840fbd8de0
.rsrc	4096	dad0060b082647a0fcad18a06d31a074
.reloc	10752	7906904817fe5a27fcb831624deb6316

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $R7A9CA3.dll

copyright for information about $R7A9CA3.dll

How to remove $R7A9CA3.dll

$R7A9CA3.dll

The module $R7A9CA3.dll has been detected as Risk.RemoteAdmin

File Details

Main Info:

WebM VP8 Decoder Filter

Google

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: