what is C:\windows\MemAlloc.exe

G

Guest

Logfile of HijackThis v1.97.7
Scan saved at 8:47:54 PM, on 5/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\System32\VetMsgNT.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ
Firewall\ca.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\windows\MemAlloc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Owner\My
Documents\HijackThis.exe
C:\windows\System32\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www1.wowway.com/portal/index.asp?RG=Cl
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program
Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1
\ETRUST~1\VetTray.exe
 
R

Ron Martell

Logfile of HijackThis v1.97.7
Scan saved at 8:47:54 PM, on 5/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\System32\VetMsgNT.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ
Firewall\ca.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\windows\MemAlloc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Owner\My
Documents\HijackThis.exe
C:\windows\System32\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www1.wowway.com/portal/index.asp?RG=Cl
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program
Files\CA\eTrust EZ Armor\eTrust EZ Firewall\ca.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1
\ETRUST~1\VetTray.exe
Click to expand...

I can't find any references to a file of this name in any version of
Windows, except for one other instance of a HiJackThis log that also
listed it.

I would definitely treat it as suspicious.

1. Locate the file in Windows Explorer, right-click on the file name,
select Properties and go to the Version tab. The information there
should tell you who created the file and which application it belongs
to. If it is a legit file, that is.

2. If you cannot satisfy yourself that this a legit file from a
reliable source then I would suggest you try renaming it to
MemAlloc.jnk or similar and then using your computer that way for a
few days and see what, if anything, happens in the way of abnormal
behavior and/or error messages relating to MemAlloc.exe.

Good luck


Ron Martell Duncan B.C. Canada
--
Microsoft MVP
On-Line Help Computer Service
http://onlinehelp.bc.ca

"The reason computer chips are so small is computers don't eat much."
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ACLAN Virus 2
HijackThis Log Analysis Please 1
Delays and freezing with Internet Explorer 1
Computer running sluggish and slow 5
Computer Freezes or Very Slow - Windows Explorer 5
Aboout my HijackThis log 1
over 600 viruses found - computer still sluggish after cleaning 6
Security Warning 3

Top