The Elusive NTCollector.exe

August 7, 2007 4 comments

I experienced one of those few occasions where I drew a complete blank in Google. I was looking for ntcollector.exe, and only found direct 4 hits, none of which were relevant.

The reason I was looking for it: a process by that name was eating up 99% of my CPU cycles on my media center, while using less than 1Mb of RAM. It popped up from nowhere after a random period of time, chewed the CPU until I saw and killed the process, and then sprung up again some time later.

Eventually I tracked it down with the help of Process Explorer – an amazingly useful Microsoft tool you should always use instead of XP Task Manager! It showed that NTCollector was actually a child of a Java process, which was in turn running as part of a system monitoring package I was using: NT Collector takes events from the Windows event log, and passes them to the monitor. It seems one instance normally ran well-behaved, but then seemed to break loose from the Java app and run wild. The Java app sensed the loss of the process, and created a new one – which would also break loose after a while.

Anyway – I’ll probably uninstall the app at some point, but until then, I can de-prioritise and suspend the process easily enough.

