Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

1, 2, 43, 0 2.50%
1, 2, 42, 1 7.50%
1, 2, 38, 2 2.50%
1, 2, 32, 1 5.00%
1, 2, 31, 4 15.00%
1, 2, 31, 3 2.50%
1, 2, 31, 1 2.50%
1, 2, 30, 0 7.50%
1, 2, 28, 0 2.50%
1, 2, 25, 2 2.50%
1, 2, 24, 0 2.50%
1, 2, 23, 7 12.50%
1, 2, 20, 3 7.50%
1, 2, 19, 6 2.50%
1, 2, 19, 4 7.50%
1, 2, 19, 3 2.50%
1, 2, 17, 6 2.50%
1, 2, 16, 7 10.00%
1, 2, 15, 3 2.50%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegOpenKeyExW, RegSetValueExW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegQueryValueExW, GetNamedSecurityInfoW, SetEntriesInAclW, SetNamedSecurityInfoW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, CreateWellKnownSid, RegQueryInfoKeyW, RegEnumKeyExW
comctl32.dll
InitCommonControlsEx
gdi32.dll
GetStockObject, DeleteObject, CreateDIBitmap, CreateFontIndirectW, GetObjectW, EnumFontFamiliesW
kernel32.dll
DllMain, GetFileSize, HeapFree, GetProcessHeap, ReadFile, CopyFileW, FindClose, FindNextFileW, FindFirstFileW, LocalFree, LocalAlloc, SetErrorMode, GetSystemInfo, ResetEvent, GetDriveTypeW, GetLogicalDrives, FindFirstFileExW, GetFileAttributesW, HeapAlloc, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, WritePrivateProfileStringW, WritePrivateProfileSectionW, GetPrivateProfileStringW, WritePrivateProfileStringA, SetFilePointer, GetVersionExW, FlushInstructionCache, GlobalUnlock, GlobalLock, GlobalAlloc, InterlockedCompareExchange, HeapReAlloc, WinExec, ExpandEnvironmentStringsW, lstrcatW, lstrcpyW, SetLastError, DuplicateHandle, ResumeThread, ReleaseSemaphore, WriteFile, FindResourceExW, LockResource, CreateThread, WaitForMultipleObjects, TerminateThread, CreateDirectoryW, CreateSemaphoreA, Sleep, lstrcpynW, WaitForSingleObject, GetTickCount, TlsFree, TlsAlloc, InterlockedExchangeAdd, GetFileTime, SetEvent, PostQueuedCompletionStatus, GetExitCodeThread, CreateEventW, GlobalAddAtomW, GlobalFindAtomW, GlobalDeleteAtom, InterlockedExchange, RemoveVectoredExceptionHandler, lstrcmpiW, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, lstrlenW, InterlockedDecrement, InterlockedIncrement, MultiByteToWideChar, WideCharToMultiByte, IsBadCodePtr, GetLocalTime, IsBadReadPtr, MapViewOfFileEx, FlushViewOfFile, OpenFileMappingW, QueryPerformanceCounter, UnhandledExceptionFilter, GetStartupInfoW, AreFileApisANSI, GetModuleHandleA, SetFileTime, GetFileAttributesExW, GetFileInformationByHandle, SetCurrentDirectoryW, GetCurrentDirectoryW, CreateDirectoryExW, DeviceIoControl, SetFilePointerEx, SetEndOfFile, GetFullPathNameW, RemoveDirectoryW, CreateWaitableTimerA, SetWaitableTimer, SystemTimeToFileTime, TlsSetValue, OpenEventA, TlsGetValue, LCMapStringW, LCMapStringA, GetStringTypeExW, GetStringTypeExA, GetUserDefaultLCID, FormatMessageA, HeapSize, HeapDestroy, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, LoadLibraryA, lstrcmpA, CreateMutexW, OpenMutexW, ReleaseMutex, MoveFileExW, DeleteFileW, CreateEventA, GetSystemTimeAsFileTime, CreateFileW, IsDebuggerPresent, DebugBreak, InitializeCriticalSection, RaiseException, DeleteCriticalSection, EnterCriticalSection, AddVectoredExceptionHandler, LeaveCriticalSection, SetUnhandledExceptionFilter, TerminateProcess, GetModuleFileNameW, FreeLibrary, LoadLibraryW, GetCurrentProcess, GetCurrentThread, SetThreadPriority, GetTempPathW, GetModuleHandleW, GetProcAddress, UnmapViewOfFile, CreateFileMappingW, GetLastError, MapViewOfFile, CloseHandle, GetCurrentProcessId, GetCurrentThreadId
msvcp90.dll
DllMain
msvcr90.dll
DllMain
ole32.dll
CoTaskMemRealloc, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize
shlwapi.dll
StrCmpW, PathRemoveFileSpecW, PathRemoveBackslashW, PathFindFileNameW
user32.dll
DefWindowProcW, SendMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, DestroyWindow, CharNextW, GetCursorPos, DestroyIcon, LoadIconW, CallWindowProcW, SetWindowLongW, GetWindowLongW, SetTimer, KillTimer, RegisterWindowMessageW, GetLastInputInfo, CreateWindowExW, IsWindow, SendNotifyMessageW, wsprintfW, RegisterHotKey, UnregisterHotKey, PostQuitMessage, UnregisterClassW, UnhookWindowsHookEx, CallNextHookEx, GetKeyState, SetWindowsHookExW, GetDC, ReleaseDC, MessageBoxA, MoveWindow, LoadStringW, LoadStringA, UnregisterClassA, GetWindowRect, PostMessageW, MessageBoxW, IsWindowVisible, SystemParametersInfoW, PtInRect, IsIconic, ShowWindow, SetWindowPos, SetForegroundWindow, RegisterClassExW, GetActiveWindow, GetClientRect, SetClipboardData, CloseClipboard, EmptyClipboard, OpenClipboard, SetClassLongW, RedrawWindow, IsZoomed, GetClassInfoExW, GetWindowPlacement, SetFocus, MonitorFromPoint, IsRectEmpty, IsClipboardFormatAvailable, GetParent, GetSystemMetrics, ClientToScreen, FlashWindow, GetForegroundWindow, keybd_event, BringWindowToTop, LoadCursorW, SetCursor, EnableWindow, IsDialogMessageW, WaitMessage, GetLastActivePopup, GetClassLongW, GetDesktopWindow

GarenaMessenger.exe

Garena Plus by Garena Online Pte Ltd (Signed)

Remove GarenaMessenger.exe
Version:   1, 2, 17, 6
MD5:   9c7f686094e8bb6dde52991f7c73cfb2
SHA1:   172cc7eb7f0f2421b099b96c8b407ef10145fe93
SHA256:   cf12113e07c356be1d53271c0179b53bc51b88086bac264daf8c4c0bcd775b32

Overview

garenamessenger.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). It is installed with a couple of know programs including Garena Plus published by Garena Online Pte Ltd. and Garena Messenger published by Garena Online Pte Ltd.. The file is digitally signed by Garena Online Pte Ltd which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:garenamessenger.exe
Product name:Garena Plus
Typical file path:C:\game\garena plus\garenamessenger.exe
File version:1, 2, 17, 6
Size:8.96 MB (9,398,576 bytes)
Certificate
Issued to:Garena Online Pte Ltd
Authority (CA):VeriSign
Effective date:Tuesday, October 18, 2011
Expiration date:Monday, November 3, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 9.0
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Garena Plus
 Garena Online Pte Ltd.
2% remove
The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements. The Garena Plus game platform can be downloaded for free and it has an interface similar to instant messaging platforms. Gamers are also able to form groups or clans, and chat with multiple gamers simultaneously through public or private channels t...
Garena Messenger
 Garena Online Pte Ltd.
5% remove
Garena Messenger features many of your favorite games like League of Legends, Heroes of Newerth, BlackShot or GoKart. It auto-updates to give you the newest features to play with as soon as they become available. With Garena Messenger you can chat with your gamer friends, meet up to play together, send them files or add a whole group of friends to a conversation.

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'GarenaPlus' → "C:\game\garena plus\garenamessenger.exe" -autolaunch
Network connections
  • [UDP] listens on port 49313
  • [UDP] listens on port 53901

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00193914%
    0.028634%
    Kernel CPU:0.00078773%
    0.013761%
    User CPU:0.00115141%
    0.014873%
    Kernel CPU time:15,483 ms/min
    100,923,805ms/min
    Context switches:15/sec
    284/sec
    Memory
    Private memory:45.6 MB
    21.59 MB
    Private (maximum):66.88 MB
    Private (minimum):30.11 MB
    Non-paged memory:45.6 MB
    21.59 MB
    Virtual memory:224.68 MB
    140.96 MB
    Virtual memory (peak):248.02 MB
    169.69 MB
    Working set:34.76 MB
    18.61 MB
    Working set (peak):68.94 MB
    37.95 MB
    Resource allocations
    Threads:26
    12
    Handles:740
    600
    GUI GDI count:1141
    103
    GUI GDI peak:1198
    142
    GUI USER count:253
    49
    GUI USER peak:272
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:32-bit
    Command lines:
    • "C:\Program Files\garena plus\garenamessenger.exe" -noautologin
    • "C:\Program Files\garena plus\garenamessenger.exe" -autolaunch
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    GarenaMessenger.exe (main module)
    Total CPU:0.04346545%
    0.272967%
    Kernel CPU:0.00849425%
    0.107585%
    User CPU:0.03497120%
    0.165382%
    CPU cycles:1,325,935/sec
    5,741,424/sec
    Context switches:4/sec
    79/sec
    Memory:9.04 MB
    1.16 MB
    taskmanagerlib.dll
    Total CPU:0.00116379%
    Kernel CPU:0.00036736%
    User CPU:0.00079643%
    CPU cycles:66,004/sec
    Context switches:1/sec
    Memory:232 KB
    WININET.dll
    Total CPU:0.00047363%
    Kernel CPU:0.00044986%
    User CPU:0.00002376%
    CPU cycles:30,217/sec
    Memory:1.11 MB
    MSVCR90.dll
    Total CPU:0.00026976%
    Kernel CPU:0.00012475%
    User CPU:0.00014501%
    CPU cycles:37,242/sec
    Context switches:1/sec
    Memory:652 KB
    ntdll.dll
    Total CPU:0.00012274%
    Kernel CPU:0.00006137%
    User CPU:0.00006137%
    CPU cycles:2,329/sec
    Memory:1.23 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Ultimate 32.50%
    Microsoft Windows XP 30.00%
    Windows 8 12.50%
    Windows 7 Home Premium 12.50%
    Windows 8 Pro 7.50%
    Windows 8 Single Language 2.50%
    Windows 8 Enterprise 2.50%

    Distribution by countryDistribution by country

    Taiwan installs about 25.00% of Garena Plus.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    ASUS 26.32%
    GIGABYTE 21.05%
    Acer 15.79%
    Hewlett-Packard 13.16%
    Toshiba 10.53%
    American Megatrends 7.89%
    Lenovo 5.26%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE