ggdllhost.exe

RUNDLL32 by Garena Online Pte Ltd (Signed)

Remove ggdllhost.exe
Version:   1, 0, 0, 1
MD5:   2d31dbd23c198bc2a9f356daa07d42ac
SHA1:   e7c5a4aa3dbf760461081a409f290bcea1af030e

Overview

ggdllhost.exe executes as a process with the local user's privileges. It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. It is installed with a couple of know programs including Garena Plus published by Garena Online Pte Ltd. and Garena - League of Legends published by Garena Online Pte Ltd..

DetailsDetails

File name:ggdllhost.exe
Product name:RUNDLL32
Description:Windows host process (Rundll32)
Typical file path:C:\Program Files\garena plus\ggdllhost.exe
Original name:RUNDLL32.EXE
File version:1, 0, 0, 1
Size:48.3 KB (49,456 bytes)
Build date:7/17/2013 4:27 PM
Certificate
Issued to:Garena Online Pte Ltd
Authority (CA):VeriSign
Effective date:Monday, October 17, 2011
Expiration date:Sunday, November 2, 2014
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Garena Online Pte Ltd.
2% remove
The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements. The Garena Plus game platform can be downloaded for free and it has an interface similar to instant messaging platforms. Gamers are also able to form groups or clans, and chat with multiple gamers simultaneously through public or private channels t...
Garena Online Pte Ltd.
1% remove
League of Legends is a multiplayer online battle arena video game where players are formed into two teams of five Champions. League of Legends is a session-based game. Matchmaking creates teams with even average MMR (Matchmaking Rating) of the constituent players. Each player begins at opposing sides of a map near a building called a Nexus. A match is won when either team's Nexus is destroyed.

BehaviorsBehaviors

Scheduled tasks
  • The task 'gg_uac_daemon_son' runs on logon in the path '\gg_uac_daemon_son'
  • The job 'gg_uac_daemon_Visson' runs on logon in the path '\gg_uac_daemon_Visson'
  • The job 'gg_uac_daemon_Ray' runs on logon in the path '\gg_uac_daemon_Ray'
  • The task 'gg_uac_daemon_SIMON' runs on logon in the path '\gg_uac_daemon_SIMON'
  • The job 'gg_uac_daemon_user' runs on logon in the path '\gg_uac_daemon_user'
  • The task 'gg_uac_daemon_Administrator' runs on logon in the path '\gg_uac_daemon_Administrator'
  • The task 'gg_uac_daemon_NOVA' runs on logon in the path '\gg_uac_daemon_NOVA'
  • The job 'gg_uac_daemon_Rojo' runs on logon in the path '\gg_uac_daemon_Rojo'
  • The task 'gg_uac_daemon_Marites' runs on logon in the path '\gg_uac_daemon_Marites'
  • The job 'gg_uac_daemon_Chinchan' runs on logon in the path '\gg_uac_daemon_Chinchan'
  • The task 'gg_uac_daemon_nguyenhiep' runs on logon in the path '\gg_uac_daemon_nguyenhiep'
  • The job 'gg_uac_daemon_hero2588' runs on logon in the path '\gg_uac_daemon_hero2588'
  • The job 'gg_uac_daemon_icheng' runs on logon in the path '\gg_uac_daemon_icheng'
  • The job 'gg_uac_daemon_john' runs on logon in the path '\gg_uac_daemon_john'
  • The job 'gg_uac_daemon_Paolo' runs on logon in the path '\gg_uac_daemon_Paolo'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Program Files\Garena Plus\ggdllhost.exe'
  • Firewall exception for 'C:\hon\GarenaHoN\GameData\ggdllhost.exe'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\gg_uac_daemon_son'
  • Login entry path '\gg_uac_daemon_user'
  • Login entry path '\gg_uac_daemon_NOVA'
  • Login entry path '\gg_uac_daemon_Rojo'
  • Login entry path '\gg_uac_daemon_Marites'
  • Login entry path '\gg_uac_daemon_Chinchan'
  • Login entry path '\gg_uac_daemon_nguyenhiep'
  • Login entry path '\gg_uac_daemon_hero2588'
  • Login entry path '\gg_uac_daemon_icheng'
  • Login entry path '\gg_uac_daemon_john'
Network connections
Access through an approved Windows firewall exception
  • [UDP] listens on port 64107

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00013175%
    0.028634%
    Kernel CPU:0.00003670%
    0.013761%
    User CPU:0.00009505%
    0.014873%
    Kernel CPU time:78 ms/min
    100,923,805ms/min
    Memory
    Private memory:3.58 MB
    21.59 MB
    Private (maximum):7.89 MB
    Private (minimum):1.83 MB
    Non-paged memory:3.58 MB
    21.59 MB
    Virtual memory:72.51 MB
    140.96 MB
    Virtual memory (peak):75.51 MB
    169.69 MB
    Working set:2.02 MB
    18.61 MB
    Working set (peak):7.89 MB
    37.95 MB
    Resource allocations
    Threads:14
    12
    Handles:153
    600
    GUI GDI count:9
    103
    GUI GDI peak:9
    142
    GUI USER count:2
    49
    GUI USER peak:2
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:32-bit
    Command line:"C:\Program Files\garena plus\ggdllhost.exe" "C:\Program Files\garena plus\ggspawn.dll",rundll_entry
    Owner:User
    Parent process:taskeng.exe (Task Scheduler Engine by Microsoft)

    ResourcesThreads

    Averages
     
    ggspawn.dll
    Total CPU:0.00023482%
    0.272967%
    Kernel CPU:0.00004403%
    0.107585%
    User CPU:0.00019079%
    0.165382%
    CPU cycles:398,474/sec
    5,741,424/sec
    Context switches:2/sec
    79/sec
    Memory:564 KB
    1.16 MB
    ggdllhost.exe (main module)
    Total CPU:0.00002935%
    Kernel CPU:0.00002935%
    User CPU:0.00000000%
    CPU cycles:536/sec
    Memory:56 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 34.62%
    Windows 7 Ultimate 25.00%
    Windows 8 15.38%
    Microsoft Windows XP 9.62%
    Windows 8.1 Single Language 5.77%
    Windows 8 Enterprise 5.77%
    Windows Vista Home Premium 1.92%
    Windows 8 Single Language 1.92%

    Distribution by countryDistribution by country

    Taiwan installs about 38.46% of RUNDLL32.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 48.57%
    ASUS 20.00%
    Acer 17.14%
    GIGABYTE 8.57%
    Hewlett-Packard 2.86%
    Lenovo 2.86%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE