Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

1, 2, 43, 0 2.50%
1, 2, 42, 1 7.50%
1, 2, 38, 2 2.50%
1, 2, 32, 1 5.00%
1, 2, 31, 4 15.00%
1, 2, 31, 3 2.50%
1, 2, 31, 1 2.50%
1, 2, 30, 0 7.50%
1, 2, 28, 0 2.50%
1, 2, 25, 2 2.50%
1, 2, 24, 0 2.50%
1, 2, 23, 7 12.50%
1, 2, 20, 3 7.50%
1, 2, 19, 6 2.50%
1, 2, 19, 4 7.50%
1, 2, 19, 3 2.50%
1, 2, 17, 6 2.50%
1, 2, 16, 7 10.00%
1, 2, 15, 3 2.50%

Relationships

Child process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegOpenKeyExW, RegSetValueExW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegQueryValueExW, GetNamedSecurityInfoW, SetEntriesInAclW, SetNamedSecurityInfoW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, CreateWellKnownSid, RegQueryInfoKeyW, RegEnumKeyExW
comctl32.dll
InitCommonControlsEx
gdi32.dll
GetStockObject, DeleteObject, CreateDIBitmap, CreateFontIndirectW, GetObjectW, EnumFontFamiliesW
kernel32.dll
DllMain, GetFileSize, HeapFree, GetProcessHeap, ReadFile, CopyFileW, FindClose, FindNextFileW, FindFirstFileW, LocalFree, LocalAlloc, SetErrorMode, GetSystemInfo, ResetEvent, GetDriveTypeW, GetLogicalDrives, FindFirstFileExW, GetFileAttributesW, HeapAlloc, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, WritePrivateProfileStringW, WritePrivateProfileSectionW, GetPrivateProfileStringW, WritePrivateProfileStringA, SetFilePointer, GetVersionExW, FlushInstructionCache, GlobalUnlock, GlobalLock, GlobalAlloc, InterlockedCompareExchange, HeapReAlloc, WinExec, ExpandEnvironmentStringsW, lstrcatW, lstrcpyW, SetLastError, DuplicateHandle, ResumeThread, ReleaseSemaphore, WriteFile, FindResourceExW, LockResource, CreateThread, WaitForMultipleObjects, TerminateThread, CreateDirectoryW, CreateSemaphoreA, Sleep, lstrcpynW, WaitForSingleObject, GetTickCount, TlsFree, TlsAlloc, InterlockedExchangeAdd, GetFileTime, SetEvent, PostQueuedCompletionStatus, GetExitCodeThread, CreateEventW, GlobalAddAtomW, GlobalFindAtomW, GlobalDeleteAtom, InterlockedExchange, RemoveVectoredExceptionHandler, lstrcmpiW, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, lstrlenW, InterlockedDecrement, InterlockedIncrement, MultiByteToWideChar, WideCharToMultiByte, IsBadCodePtr, GetLocalTime, IsBadReadPtr, MapViewOfFileEx, FlushViewOfFile, OpenFileMappingW, QueryPerformanceCounter, UnhandledExceptionFilter, GetStartupInfoW, AreFileApisANSI, GetModuleHandleA, SetFileTime, GetFileAttributesExW, GetFileInformationByHandle, SetCurrentDirectoryW, GetCurrentDirectoryW, CreateDirectoryExW, DeviceIoControl, SetFilePointerEx, SetEndOfFile, GetFullPathNameW, RemoveDirectoryW, CreateWaitableTimerA, SetWaitableTimer, SystemTimeToFileTime, TlsSetValue, OpenEventA, TlsGetValue, LCMapStringW, LCMapStringA, GetStringTypeExW, GetStringTypeExA, GetUserDefaultLCID, FormatMessageA, HeapSize, HeapDestroy, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, LoadLibraryA, lstrcmpA, CreateMutexW, OpenMutexW, ReleaseMutex, MoveFileExW, DeleteFileW, CreateEventA, GetSystemTimeAsFileTime, CreateFileW, IsDebuggerPresent, DebugBreak, InitializeCriticalSection, RaiseException, DeleteCriticalSection, EnterCriticalSection, AddVectoredExceptionHandler, LeaveCriticalSection, SetUnhandledExceptionFilter, TerminateProcess, GetModuleFileNameW, FreeLibrary, LoadLibraryW, GetCurrentProcess, GetCurrentThread, SetThreadPriority, GetTempPathW, GetModuleHandleW, GetProcAddress, UnmapViewOfFile, CreateFileMappingW, GetLastError, MapViewOfFile, CloseHandle, GetCurrentProcessId, GetCurrentThreadId
msvcp90.dll
DllMain
msvcr90.dll
DllMain
ole32.dll
CoTaskMemRealloc, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize
shlwapi.dll
StrCmpW, PathRemoveFileSpecW, PathRemoveBackslashW, PathFindFileNameW
user32.dll
DefWindowProcW, SendMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, DestroyWindow, CharNextW, GetCursorPos, DestroyIcon, LoadIconW, CallWindowProcW, SetWindowLongW, GetWindowLongW, SetTimer, KillTimer, RegisterWindowMessageW, GetLastInputInfo, CreateWindowExW, IsWindow, SendNotifyMessageW, wsprintfW, RegisterHotKey, UnregisterHotKey, PostQuitMessage, UnregisterClassW, UnhookWindowsHookEx, CallNextHookEx, GetKeyState, SetWindowsHookExW, GetDC, ReleaseDC, MessageBoxA, MoveWindow, LoadStringW, LoadStringA, UnregisterClassA, GetWindowRect, PostMessageW, MessageBoxW, IsWindowVisible, SystemParametersInfoW, PtInRect, IsIconic, ShowWindow, SetWindowPos, SetForegroundWindow, RegisterClassExW, GetActiveWindow, GetClientRect, SetClipboardData, CloseClipboard, EmptyClipboard, OpenClipboard, SetClassLongW, RedrawWindow, IsZoomed, GetClassInfoExW, GetWindowPlacement, SetFocus, MonitorFromPoint, IsRectEmpty, IsClipboardFormatAvailable, GetParent, GetSystemMetrics, ClientToScreen, FlashWindow, GetForegroundWindow, keybd_event, BringWindowToTop, LoadCursorW, SetCursor, EnableWindow, IsDialogMessageW, WaitMessage, GetLastActivePopup, GetClassLongW, GetDesktopWindow

GarenaMessenger.exe

Garena Plus by Garena Online Pte Ltd (Signed)

Remove GarenaMessenger.exe
Version:   1, 2, 16, 7
MD5:   ee892cf15baad3bb3253d46145dc482f
SHA1:   95302515cbe5ecfe82416257593681813522e585
SHA256:   123b01c102524a124effc04b6342c62ce666948aaa5459515ff2adb96f16b4ab

Overview

garenamessenger.exe executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program Garena Plus published by Garena Online Pte Ltd.. The file is digitally signed by Garena Online Pte Ltd which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:garenamessenger.exe
Product name:Garena Plus
Typical file path:C:\game\garena plus\garenamessenger.exe
File version:1, 2, 16, 7
Size:8.73 MB (9,152,968 bytes)
Certificate
Issued to:Garena Online Pte Ltd
Authority (CA):VeriSign
Effective date:Tuesday, October 18, 2011
Expiration date:Monday, November 3, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 9.0
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Garena Plus
 Garena Online Pte Ltd.
2% remove
The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements. The Garena Plus game platform can be downloaded for free and it has an interface similar to instant messaging platforms. Gamers are also able to form groups or clans, and chat with multiple gamers simultaneously through public or private channels t...

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'GarenaPlus' → "C:\game\garena plus\garenamessenger.exe" -autolaunch
Network connections
  • [TCP] 203.117.172.231:80
  • [UDP] listens on port 1176

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.01057424%
    0.028634%
    Kernel CPU:0.00441276%
    0.013761%
    User CPU:0.00616149%
    0.014873%
    Kernel CPU time:5,609 ms/min
    100,923,805ms/min
    Context switches:39/sec
    284/sec
    Memory
    Private memory:66.74 MB
    21.59 MB
    Private (maximum):113.61 MB
    Private (minimum):17.06 MB
    Non-paged memory:66.74 MB
    21.59 MB
    Virtual memory:176.99 MB
    140.96 MB
    Virtual memory (peak):180.67 MB
    169.69 MB
    Working set:113.59 MB
    18.61 MB
    Working set (peak):114.86 MB
    37.95 MB
    Page faults:104,207/min
    2,039/min
    I/O
    I/O read transfer:14.95 KB/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O write transfer:1.96 KB/sec
    274.99 KB/min
    I/O write operations:7/sec
    227/min
    I/O other transfer:13.36 KB/sec
    448.09 KB/min
    I/O other operations:359/sec
    1,671/min
    Resource allocations
    Threads:27
    12
    Handles:614
    600
    GUI GDI count:226
    103
    GUI USER count:49
    49

    BehaviorsProcess properties

    Tray notification:Yes
    Integrety level:Undefined
    Platform:32-bit
    Command line:"C:\game\garena plus\garenamessenger.exe" -autolaunch
    Owner:User
    Parent process:Explorer.EXE (Windows Explorer by Microsoft)

    ResourcesThreads

    Averages
     
    garenamessenger.exe (main module)
    Total CPU:0.08959783%
    0.272967%
    Kernel CPU:0.03040755%
    0.107585%
    User CPU:0.05919028%
    0.165382%
    Context switches:2/sec
    79/sec
    Memory:8.8 MB
    1.16 MB
    npggNT.des
    Total CPU:0.04326195%
    Kernel CPU:0.00000000%
    User CPU:0.04326195%
    Memory:284 KB
    taskmanagerlib.dll
    Total CPU:0.01248319%
    Kernel CPU:0.00384912%
    User CPU:0.00863407%
    Memory:232 KB
    MSVCR90.dll
    Total CPU:0.00243414%
    Kernel CPU:0.00024341%
    User CPU:0.00219073%
    Context switches:9/sec
    Memory:652 KB
    ggspawn.dll
    Total CPU:0.00141675%
    Kernel CPU:0.00023613%
    User CPU:0.00118063%
    Context switches:24/sec
    Memory:200 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Ultimate 32.50%
    Microsoft Windows XP 30.00%
    Windows 8 12.50%
    Windows 7 Home Premium 12.50%
    Windows 8 Pro 7.50%
    Windows 8 Single Language 2.50%
    Windows 8 Enterprise 2.50%

    Distribution by countryDistribution by country

    Taiwan installs about 25.00% of Garena Plus.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    ASUS 26.32%
    GIGABYTE 21.05%
    Acer 15.79%
    Hewlett-Packard 13.16%
    Toshiba 10.53%
    American Megatrends 7.89%
    Lenovo 5.26%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE