ggdllhost.exe

RUNDLL32 by Garena Online Pte Ltd (Signed)

Remove ggdllhost.exe
Version:   1, 0, 0, 1
MD5:   925175a0ec575566cd2c0b585a5fbc22
SHA1:   acfa391fcfe52a465f2eded09f3225fcf7e8acc4

Overview

ggdllhost.exe executes as a process with the local user's privileges. It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. This is typically installed with the program Garena+ published by Garena Online Pte Ltd.. The file is digitally signed by Garena Online Pte Ltd which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:ggdllhost.exe
Product name:RUNDLL32
Description:Windows host process (Rundll32)
Typical file path:C:\Program Files\garena plus\ggdllhost.exe
Original name:RUNDLL32.EXE
File version:1, 0, 0, 1
Size:45.63 KB (46,728 bytes)
Build date:8/22/2013 4:30 PM
Certificate
Issued to:Garena Online Pte Ltd
Authority (CA):VeriSign
Effective date:Monday, October 17, 2011
Expiration date:Sunday, November 2, 2014
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Garena Online Pte Ltd.
20% remove
Garena+ is an online social gaming platform which you can download for free and use to connect with millions of other gamers around the world. Using the Garena+, you can play various titles such as BlackShot, Heroes of Newerth, League of Legends and many other great titles. In addition to providing an esports playground for popular classics such as DotA and Age of Empire, Garena also introduced latest premium online games on Garena+...

BehaviorsBehaviors

Scheduled tasks
  • The task 'gg_uac_daemon_son' runs on logon in the path '\gg_uac_daemon_son'
  • The job 'gg_uac_daemon_Visson' runs on logon in the path '\gg_uac_daemon_Visson'
  • The job 'gg_uac_daemon_Ray' runs on logon in the path '\gg_uac_daemon_Ray'
  • The task 'gg_uac_daemon_SIMON' runs on logon in the path '\gg_uac_daemon_SIMON'
  • The job 'gg_uac_daemon_user' runs on logon in the path '\gg_uac_daemon_user'
  • The task 'gg_uac_daemon_Administrator' runs on logon in the path '\gg_uac_daemon_Administrator'
  • The task 'gg_uac_daemon_NOVA' runs on logon in the path '\gg_uac_daemon_NOVA'
  • The job 'gg_uac_daemon_Rojo' runs on logon in the path '\gg_uac_daemon_Rojo'
  • The task 'gg_uac_daemon_Marites' runs on logon in the path '\gg_uac_daemon_Marites'
  • The job 'gg_uac_daemon_Chinchan' runs on logon in the path '\gg_uac_daemon_Chinchan'
  • The task 'gg_uac_daemon_nguyenhiep' runs on logon in the path '\gg_uac_daemon_nguyenhiep'
  • The job 'gg_uac_daemon_hero2588' runs on logon in the path '\gg_uac_daemon_hero2588'
  • The job 'gg_uac_daemon_icheng' runs on logon in the path '\gg_uac_daemon_icheng'
  • The job 'gg_uac_daemon_john' runs on logon in the path '\gg_uac_daemon_john'
  • The job 'gg_uac_daemon_Paolo' runs on logon in the path '\gg_uac_daemon_Paolo'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Program Files\Garena Plus\ggdllhost.exe'
  • Firewall exception for 'C:\hon\GarenaHoN\GameData\ggdllhost.exe'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\gg_uac_daemon_son'
  • Login entry path '\gg_uac_daemon_user'
  • Login entry path '\gg_uac_daemon_NOVA'
  • Login entry path '\gg_uac_daemon_Rojo'
  • Login entry path '\gg_uac_daemon_Marites'
  • Login entry path '\gg_uac_daemon_Chinchan'
  • Login entry path '\gg_uac_daemon_nguyenhiep'
  • Login entry path '\gg_uac_daemon_hero2588'
  • Login entry path '\gg_uac_daemon_icheng'
  • Login entry path '\gg_uac_daemon_john'
Network connections
Access through an approved Windows firewall exception
  • [UDP] listens on port 49747
  • [UDP] listens on port 60829

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00108332%
    0.028634%
    Kernel CPU:0.00024733%
    0.013761%
    User CPU:0.00083599%
    0.014873%
    Kernel CPU time:1,794 ms/min
    100,923,805ms/min
    CPU cycles:745,131/sec
    17,470,203/sec
    Context switches:3/sec
    284/sec
    Memory
    Private memory:4.61 MB
    21.59 MB
    Private (maximum):6.03 MB
    Private (minimum):1.9 MB
    Non-paged memory:4.61 MB
    21.59 MB
    Virtual memory:77.31 MB
    140.96 MB
    Virtual memory (peak):88.7 MB
    169.69 MB
    Working set:2.06 MB
    18.61 MB
    Working set (peak):8.13 MB
    37.95 MB
    Page faults:90,950/min
    2,039/min
    I/O
    I/O read transfer:4 Bytes/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O other transfer:2.27 KB/sec
    448.09 KB/min
    I/O other operations:95/sec
    1,671/min
    Resource allocations
    Threads:18
    12
    Handles:172
    600
    GUI GDI count:9
    103
    GUI GDI peak:9
    142
    GUI USER count:2
    49
    GUI USER peak:2
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:64-bit
    Command lines:
    • "C:\garena plus\ggdllhost.exe" "C:\garena plus\ggspawn.dll",rundll_entry
    • "C:\Program Files\garena plus\ggdllhost.exe" "C:\Program Files\garena plus\ggspawn.dll",rundll_entry
    Owner:User
    Parent processes:

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 34.62%
    Windows 7 Ultimate 25.00%
    Windows 8 15.38%
    Microsoft Windows XP 9.62%
    Windows 8.1 Single Language 5.77%
    Windows 8 Enterprise 5.77%
    Windows Vista Home Premium 1.92%
    Windows 8 Single Language 1.92%

    Distribution by countryDistribution by country

    Taiwan installs about 38.46% of RUNDLL32.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 48.57%
    ASUS 20.00%
    Acer 17.14%
    GIGABYTE 8.57%
    Hewlett-Packard 2.86%
    Lenovo 2.86%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE