ggdllhost.exe
RUNDLL32 by Garena Online Pte Ltd (Signed)
Overview
There are 6 versions of ggdllhost.exe in the wild, the latest version being 1, 0, 0, 1. ggdllhost.exe is run as a standard windows process with the logged in user's account privileges. The process utilizes the Windows Task Scheduler to automatically launch the file as a process when a user logs into Windows. The average file size is about 47.85 KB. The file is a digitally signed and issued to Garena Online Pte Ltd by VeriSign. The programs Garena Plus, Garena - League of Legends and Garena+ have been observed as installing specific variations of ggdllhost.exe. During the process's lifecycle, the typical CPU resource utilization is about 0.0007% including both foreground and background operations, the average private memory consumption is about 4.44 MB with the maximum memory reaching around 6.51 MB. Addionally, typically read and write I/O disk operations is about 447 Bytes per minute for reads and 0 Bytes per minute for writes.
 Details
|
| File name: | ggdllhost.exe |
| Product name: | RUNDLL32 |
| Description: | Windows host process (Rundll32) |
| Typical file path: | C:\Program Files\garena plus\ggdllhost.exe |
| Original name: | RUNDLL32.EXE |
| Certificate |
| Issued to: | Garena Online Pte Ltd |
| Authority (CA): | VeriSign |
| Effective date: | Monday, October 17, 2011 |
| Expiration date: | Sunday, November 2, 2014 |
Programs installed in
(Note, the programs listed below are for all versions of RUNDLL32.)
The Garena Plus application developed for various games distributed by the comapny allows gamers to develop buddy lists, chat with friends online and check on game progress and achievements. The Garen...
League of Legends is a multiplayer online battle arena video game where players are formed into two teams of five Champions. League of Legends is a session-based game. Matchmaking creates teams with e...
“Garena Messenger features many of your favorite games like League of Legends, Heroes of Newerth, BlackShot or GoKart. It auto-updates to give you the newest features to play with as soon as they becom...”
FIFA ONLINE 3 is a video game distributed through the Garena platform.
Heroes of Newerth is a video game distributed through the Garena platform.
Mstar is a video game distributed through the Garena platform.
“Garena+ is an online social gaming platform which you can download for free and use to connect with millions of other gamers around the world. Using the Garena+, you can play various titles such as Bl...”
Behaviors
(Note, the behaviors below are for all versions of ggdllhost.exe, select a unique version for details.)
Scheduled tasks
- The task 'gg_uac_daemon_son' runs on logon in the path '\gg_uac_daemon_son'
- The job 'gg_uac_daemon_Visson' runs on logon in the path '\gg_uac_daemon_Visson'
- The job 'gg_uac_daemon_Ray' runs on logon in the path '\gg_uac_daemon_Ray'
- The task 'gg_uac_daemon_SIMON' runs on logon in the path '\gg_uac_daemon_SIMON'
- The job 'gg_uac_daemon_user' runs on logon in the path '\gg_uac_daemon_user'
- The task 'gg_uac_daemon_Administrator' runs on logon in the path '\gg_uac_daemon_Administrator'
- The task 'gg_uac_daemon_NOVA' runs on logon in the path '\gg_uac_daemon_NOVA'
- The job 'gg_uac_daemon_Rojo' runs on logon in the path '\gg_uac_daemon_Rojo'
- The task 'gg_uac_daemon_Marites' runs on logon in the path '\gg_uac_daemon_Marites'
- The job 'gg_uac_daemon_Chinchan' runs on logon in the path '\gg_uac_daemon_Chinchan'
- The task 'gg_uac_daemon_nguyenhiep' runs on logon in the path '\gg_uac_daemon_nguyenhiep'
- The job 'gg_uac_daemon_hero2588' runs on logon in the path '\gg_uac_daemon_hero2588'
- The job 'gg_uac_daemon_icheng' runs on logon in the path '\gg_uac_daemon_icheng'
- The job 'gg_uac_daemon_john' runs on logon in the path '\gg_uac_daemon_john'
- The job 'gg_uac_daemon_Paolo' runs on logon in the path '\gg_uac_daemon_Paolo'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\Garena Plus\ggdllhost.exe'
- Firewall exception for 'C:\hon\GarenaHoN\GameData\ggdllhost.exe'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path '\gg_uac_daemon_son'
- Login entry path '\gg_uac_daemon_user'
- Login entry path '\gg_uac_daemon_NOVA'
- Login entry path '\gg_uac_daemon_Rojo'
- Login entry path '\gg_uac_daemon_Marites'
- Login entry path '\gg_uac_daemon_Chinchan'
- Login entry path '\gg_uac_daemon_nguyenhiep'
- Login entry path '\gg_uac_daemon_hero2588'
- Login entry path '\gg_uac_daemon_icheng'
- Login entry path '\gg_uac_daemon_john'
All file variations of ggdllhost.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
34.62% |
|
| Windows 7 Ultimate |
25.00% |
|
| Windows 8 |
15.38% |
|
| Microsoft Windows XP |
9.62% |
|
| Windows 8.1 Single Language |
5.77% |
|
| Windows 8 Enterprise |
5.77% |
|
| Windows Vista Home Premium |
1.92% |
|
| Windows 8 Single Language |
1.92% |
|
Distribution by country
Taiwan installs about 38.46% of RUNDLL32.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Toshiba |
48.57% |
|
| ASUS |
20.00% |
|
| Acer |
17.14% |
|
| GIGABYTE |
8.57% |
|
| Hewlett-Packard |
2.86% |
|
| Lenovo |
2.86% |
|
