This computer is routinely sweeped for viruses and malware, and is also
running Symantec's Endpoint Protection suite. Malware and virus checks
always come up clean.

CL

"Questor" wrote in message
...
I'd start with a good malware checker. Malwarebytes is a very good one
and it is free. Have you checked to see if any zero-length files are
lying around on your HD? That would indicate something running that
shouldn't be.

Q

---
Hi --

I have a Windows XP Pro SP3 box that's been giving me a headache for some
time now. Every so often, programs will fail to load and Windows (or an
app) will complain about being out of memory or system resources. Or
windows won't open. Etc., etc.

I've been looking high and low for the reason for this, with little luck.
One thing I have noticed is that when the PC starts to get cantankerous,
the System process has an elevated handle count (18,500 this last time I
started having problems). When I check the System process through Process
Explorer, I see thousands of handles open to what looks like an empty
key, and a lesser but still large number of handles open to what looks
like a file with no name:

--------------------
DETAILS

Basic Information
Name:
Type: Key
Description: A Registry key

References
References: 1
Handles: 1

Quota Charges
Paged: 0
Non-Paged: 0

SECURITY

Unable to display security information.
--------------------
DETAILS

Basic Information
Name:
Type: File
Description: A disk file, communications endpoint, or driver interface.

References
References: 2
Handles: 1

Quota Charges
Paged: 0
Non-Paged: 0

SECURITY

Everyone: Delete, Synchronize, Query State, Modify State, (Special
Permissions)

Advanced:
Permissions: empty
Auditing: empty
Owner: Everyone
--------------------

The Handles list shows all of these empty Key handles with an Access code
of 0x000F003F, and the empty File handles with an access code of
0x0012091F.

I have checked just about every other process listed in Process Explorer.
No other process that has handles open to Registry keys has any open to
blank or empty keys. Process Explorer shows valid key names for every
other key every other process has open. No other process that has handles
open to files has any open to files with no name.

Rebooting the PC solves the problem -- temporarily. The System process
returns to a manageable handle count. But even after rebooting, Process
Explorer shows a collection of "empty" keys and "no-name" files open to
the System process. And even with the PC just sitting there at a desktop
with no other windows open, that count steadily increases over time.

At the risk of sounding stupid: This is _not_ normal, right? How do I
find whatever is triggering this, if I don't even know what to look for?
Any help would be appreciated.

Thanks
CL