How to remove $R4CN112.dll

$R4CN112.dll

The module $R4CN112.dll has been detected as Adware.SweetIM

$R4CN112.dll
Remove $R4CN112.dll

File Details

Product Name:

ANGLE libGLESv2 Dynamic Link Library
MD5: a8d02e83422aa4d2b43ad9d18b546f17
Size: 715 KB
First Published: 2017-05-28 11:08:39 (7 years ago)
Latest Published: 2025-04-03 23:06:49 (2 days ago)
Status: Adware.SweetIM (on last analysis)
Analysis Date: 2025-04-03 23:06:49 (2 days ago)

Overview

Signed By: SweetLabs Inc.
Status: Valid

Common Places:

%localappdata%\host app service\engine
%sysdrive%\windows.old\users\default\appdata\local\host app service\engine
%localappdata%\host app service
%sysdrive%\adwcleaner\quarantine\1xvpfvjcrg
%sysdrive%\adwcleaner\quarantine\3solbph71y
%sysdrive%\adwcleaner\quarantine\x3cf3ednhm
%sysdrive%\adwcleaner\quarantine\rywtiizs2t
%sysdrive%\adwcleaner\quarantine\rqf69azbla
%sysdrive%\adwcleaner\quarantine\files\cguzbtliuktxooqdbhbypdnylltxfpcg
%windir%\serviceprofiles\networkservice\appdata\local\host app service

File Names:

libGLESv2.dll
libGLESv2 (1).dll
$R4CN112.dll

Geography:

11.5%
7.3%
6.3%
5.9%
5.2%
4.2%
4.0%
3.4%
3.3%
3.1%
2.9%
2.7%
2.5%
2.3%
2.3%
2.1%
1.9%
1.9%
1.7%
1.5%
1.3%
1.3%
1.3%
1.3%
1.1%
1.1%
1.1%
1.0%
1.0%
1.0%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x10000000
Entry Address: 0x00071975

PE Sections:

Name Size of data MD5
.text 550912 5ac550ed421c7164a1dd46c887243315
.rdata 127488 4be9fc51cdb26bc99db1d4296d1e8192
.data 6656 58c350391502252dee507725c9d2b297
.rsrc 1536 a61bc93a39e0d72b2cb57476fd7b098a
.reloc 28672 061b565240459fd49450402c1d05f596

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $R4CN112.dll
copyright for information about $R4CN112.dll