Ntvdm.exe
Ntvdm.exe is a system process.
When you start a 16-bit program on a computer running Windows NT, the
Ntvdm.exe and Wowexec.exe processes start. After you quit the 16-bit
program, the Ntvdm.exe and Wowexec.exe processes remain in memory. This
behavior is a design feature of Windows NT. The Ntvdm.exe and Wowexec.exe
processes remain in memory in case you start another 16-bit program. Leaving
the Windows-On-Windows (WOW) environment (which consists of the Ntvdm.exe
and Wowexec.exe processes) in memory improves performance. The WOW
environment is not loaded when you start Windows NT. It is loaded when you
first start a 16-bit program.
File ntvdm.exe is related to Findwhatever.
Findwhatever is a browser hijacker that periodically changes Internet
Explorer default home page to various advertising web sites. Findwhatever
doesn't have any harmful payload. It can silently get into the system while
visiting certain web pages. The parasite runs on every Windows startup.
http://www.2-spyware.com/remove-findwhatever.html
peter
--
DISCLAIMER: If you find a posting or message from me
offensive, inappropriate, or disruptive, please ignore it.
If you don't know how to ignore a posting, complain to
me and I will be only too happy to demonstrate... ;-)
"baffled" <baffled@discussions.microsoft.com> wrote in message
news:E8B9191A-B592-41E7-B25F-8EC513A6AF18@microsoft.com...
> Hi, after windows XP has been running for an hour or so, ntvdm.exe starts
> up
> and consumes 99% of CPU load. I kill it but it starts up again later. I
> have
> run virus scanners and spybot but found nothing untoward. Only reloaded XP
> a
> month ago so not much gear on the machine yet. I've even tried deleting
> ntvdm.exe from \system32\ but it comes back (must be from a WinXP setup
> file
> somewhere on the PC).
>
> Can anyone help me trace what is starting ntvdm, with Process Explorer or
> other tools.
>
> Thnks.
Linear Mode
