I am running the latest avast4 engine and components, since a few weeks I noticed that there’s a leak in webshield, it does not close handle properly. My computer is always on, after a few days I can see with some utilities like “TaskInfo” that the webshield has thousands of handle count, in a few days it can go up as far as 10000, TaskInfo do a warning popup after 20000 total handles and sometimes it reachs it. I have to stop the webshield and then start it again and all the handles taken by the shield dissapear, for a few days…
I am running XPSP2 with latest windows update, microsoft anti spyware beta, microsoft software firewall integrated with SP2.
Can you check what kind of handles are they, please?
Sysinternals Process Explorer makes it possible to display the handles for given process. It should be possible to guess which ones are leaked - if there is really a lot of them.
Thanks!
I restarted the webshield, browsed a few time, then in the console the webshield said it had scan 640 objects, and with “TaskInfo” (from http://www.iarsn.com/) it said the webshield had more than 700 handles, but nothing is attached to these handles… If I check icq.exe for instance there’s 271 handles and I can clearly see it’s some Section, Port, Events, Key, Semaphore, etc, but for the webshield, absolutly nothing, it’s like handles are created but not used?
Do you mean that when you start Process Explorer and select the Web Shield process (ashWebSv.exe), the lower pane of the window doesn’t show anything??
Are you logged on as Administrator?
I’m sorry but I must confirm this a problem. Thank you very much, Magister, for noticing.
Those are Event handles, they are reused (to save the creation) and apparently they are not closed correctly. Hopefully we will find the problem quickly.