After having to forcibly restart the server after it became virtually unresponsive I started to keep an eye on the memory.
At one point I noticed that 90% of the server's RAM (9GB) was being allocated by two instances tagged as LHAN and YHAN in the non-paged area.
Looking through all the system drivers there was one which contained both strings: NNSNAHSL.SYS
More specifically:
Code: Select all
File description: Network Activity Hook Server LWF
File version: 6.0.0.68
Product name: Nano Network Security
Product version: 4.2.0.404
Legal copyright: © Panda 2017
Original filename: NNSNAHSL.SYS
Just an hour ago I logged on to the server through RDP and the non-paged memory started leaking fast to the point that LHAN and YHAN went from less than 1MB to 2GB in under 2 minutes.
I haven't yet figured a way to trigger the memory leaking, it almost seems random. The firewall is not even enabled but somehow that driver is killing the server by leaking all over the memory.
Is this a known issue and if not can this be looked at urgently or get a workaround?
https://i.stack.imgur.com/VnNPs.png
https://i.stack.imgur.com/xgjEA.png