Hello Marcello,
We suggest not to send multiple post for the same issue. In future please refrain from carrying out multiple postings on the same subject! You won't obtain an answer to your query any faster!.
Please click on this link for the answer for your previous post https://support.avg.com/answers?id=906b0000000Dayt
Thank you.
Hello.
We find the following problem with AVG Free Edition, number 16.141.7998, installed on Windows 10 Pro 64-bit platform.
Our software provides an application server installed as a system service, called MxServer.exe and written in C. It has two threads that listen on two different ports with consecutive number.
In presence of AVG, when our service starts, are created additional three listening sockets, the first of which has a random port and the other two consecutive to the first (eg. 51650, 51651, 51652).
At this point, for each socket connection established by one of our client, there are a lots of localhost connections between our servers and himself where the passive port is the first of three generated by AVG. Each try make up to fifteen connections, which become about thirty with the corresponding server endpoint - the number of connections is variable depending on the type of client access. In this specific case, for example, it is an http client.
The final problem, mostly, is that these connections do not close properly. For each connection created above, one endpoint remains in FIN_WAIT2 (the one who finished first, sending the FIN and receiving its ACK), while the other remains in the corresponding CLOSE_WAIT (FIN received, sent the corresponding ACK). These connections do not complete the TCP shutdown and sockets remain allocated.
It is just easy to collect thousands of these connections, after this, obviously, we have a block of any new TCP connect from the system to anywhere and get the WSAGetLastError 10055 (winsock2).
Stopping the service, only sockets in CLOSE_WAIT state really close.
At last, stopping the service, AVG notices this executable like “general behavioural detection”, but it is a false positive because the program does not represent a virus and others anti-virus software do not block it.
Despite we properly managed the "threat", including the executable in the permitted exceptions, applying it to all modules (computer, web, software, email), the behaviour do not change and the localhost connections are not properly closed.
Even if we stop all AVG modules, the problem persists.
The only way to solve is completely uninstalling the AVG software.
We did not test the AVG behaviour on others operating systems.
Sincerely.
We find the following problem with AVG Free Edition, number 16.141.7998, installed on Windows 10 Pro 64-bit platform.
Our software provides an application server installed as a system service, called MxServer.exe and written in C. It has two threads that listen on two different ports with consecutive number.
In presence of AVG, when our service starts, are created additional three listening sockets, the first of which has a random port and the other two consecutive to the first (eg. 51650, 51651, 51652).
At this point, for each socket connection established by one of our client, there are a lots of localhost connections between our servers and himself where the passive port is the first of three generated by AVG. Each try make up to fifteen connections, which become about thirty with the corresponding server endpoint - the number of connections is variable depending on the type of client access. In this specific case, for example, it is an http client.
The final problem, mostly, is that these connections do not close properly. For each connection created above, one endpoint remains in FIN_WAIT2 (the one who finished first, sending the FIN and receiving its ACK), while the other remains in the corresponding CLOSE_WAIT (FIN received, sent the corresponding ACK). These connections do not complete the TCP shutdown and sockets remain allocated.
It is just easy to collect thousands of these connections, after this, obviously, we have a block of any new TCP connect from the system to anywhere and get the WSAGetLastError 10055 (winsock2).
Stopping the service, only sockets in CLOSE_WAIT state really close.
At last, stopping the service, AVG notices this executable like “general behavioural detection”, but it is a false positive because the program does not represent a virus and others anti-virus software do not block it.
Despite we properly managed the "threat", including the executable in the permitted exceptions, applying it to all modules (computer, web, software, email), the behaviour do not change and the localhost connections are not properly closed.
Even if we stop all AVG modules, the problem persists.
The only way to solve is completely uninstalling the AVG software.
We did not test the AVG behaviour on others operating systems.
Sincerely.
Hello Marcello,
We suggest not to send multiple post for the same issue. In future please refrain from carrying out multiple postings on the same subject! You won't obtain an answer to your query any faster!.
Please click on this link for the answer for your previous post https://support.avg.com/answers?id=906b0000000Dayt
Thank you.
We suggest not to send multiple post for the same issue. In future please refrain from carrying out multiple postings on the same subject! You won't obtain an answer to your query any faster!.
Please click on this link for the answer for your previous post https://support.avg.com/answers?id=906b0000000Dayt
Thank you.
Marcello, Also in future please try to keep the whole conversation in one question/thread to speed up any resolution.
AVG Guru