Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows VistaWindows XPWindows MeWindows 98Windows 95Virtual PCInternet ExplorerOutlook ExpressWindows MediaSecurity
Related Topics
MS Server ProductsMS OfficePC HardwareMore Topics ...
Windows Forum / Windows XP / Performance and Maintainance / January 2008

Tip: Looking for answers? Try searching our database.

ntvdm excess CPU usage

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
baffled - 19 Jan 2008 12:05 GMT
Hi, after windows XP has been running for an hour or so, ntvdm.exe starts up
and consumes 99% of CPU load. I kill it but it starts up again later. I have
run virus scanners and spybot but found nothing untoward. Only reloaded XP a
month ago so not much gear on the machine yet. I've even tried deleting
ntvdm.exe from \system32\ but it comes back (must be from a WinXP setup file
somewhere on the PC).

Can anyone help me trace what is starting ntvdm, with Process Explorer or
other tools.

Thnks.
Reply to this Message
peter - 19 Jan 2008 16:22 GMT
Ntvdm.exe

Ntvdm.exe is a system process.
When you start a 16-bit program on a computer running Windows NT, the
Ntvdm.exe and Wowexec.exe processes start. After you quit the 16-bit
program, the Ntvdm.exe and Wowexec.exe processes remain in memory. This
behavior is a design feature of Windows NT. The Ntvdm.exe and Wowexec.exe
processes remain in memory in case you start another 16-bit program. Leaving
the Windows-On-Windows (WOW) environment (which consists of the Ntvdm.exe
and Wowexec.exe processes) in memory improves performance. The WOW
environment is not loaded when you start Windows NT. It is loaded when you
first start a 16-bit program.
File ntvdm.exe is related to Findwhatever.
Findwhatever is a browser hijacker that periodically changes Internet
Explorer default home page to various advertising web sites. Findwhatever
doesn't have any harmful payload. It can silently get into the system while
visiting certain web pages. The parasite runs on every Windows startup.

http://www.2-spyware.com/remove-findwhatever.html

peter

Signature

DISCLAIMER: If you find a posting or message from me
offensive, inappropriate, or disruptive, please ignore it.
If you don't know how to ignore a posting, complain to
me and I will be only too happy to demonstrate... ;-)

> Hi, after windows XP has been running for an hour or so, ntvdm.exe starts
> up
[quoted text clipped - 11 lines]
>
> Thnks.
Reply to this Message
baffled - 31 Jan 2008 03:42 GMT
Thanks for that. I tried this plus many other spy and virus removal
techniques. None of them stopped th eproblem, and none of the tools ever
detected anything malicious on my machine. The only suspicious thing I found
was a lot of extra entires in the hosts file, which is a symptom of some type
of malware getting through.

Eventually I gave up and just re-installed XP, so far so good, will keep my
fingers crossed.

> Ntvdm.exe
>
[quoted text clipped - 33 lines]
> >
> > Thnks.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.