AVG Free Giving False Positive on ASP IIS Server

AVG Protection
4

Hello Steve,

Sorry for the inconvenience caused.
We request you to provide us the screenshot of the error message that is received when you have AVG active  so that we can confirm whether the message is from AVG or any other source.
To take a screenshot please follow the instructions mentioned in this link: http://avgread.me/1aZxsAV and attach the image to this thread and do let us know.
Thank you.

3

Rex,
You have provided the screenshot of your AVG free antivirus program information and this link: http://support.avg.com/SupportArticleView?urlname=How-to-exclude-file-folder-or-website-from-AVG-scanning  which has the instructions to add exceptions to AVG.

1

Strating around 8 March 2016 users have been getting the following error on the web pages hosted on
my web server protected by AVG Free. The error is caused when the IIS/ASP server attempts to execute a JSCRIPT Eval command in the code associated with a specific web page.

Thos seems to be triggered first by a windows security update, KB3140768 , I get the following error from the web server:

  

Active Server Pages error 'ASP 0115'

Unexpected error

A trappable error (C0000005) occurred in an external object. The script cannot continue running.

Active Server Pages error 'ASP 0240'

Script Engine Exception

A ScriptEngine threw exception 'C0000005' in 'IActiveScript::Close()' from 'CActiveScriptEngine::FinalRelease()'.

If I Temporarilyy Disable AVG Protection, I do not get this error at all. Turning AVG Protection back on, causes the error to be flagged.

Here are the details on my AVG installation:

Turning off any or all the various protection options does not make the error go away - only disabling the entire protection.

This is similar top the problem described by Rex in:

Update does not allow IIS vbscript to eval or evaluate


AVG recommends excluding the folder from being scanned: http://support.avg.com/SupportArticleView?urlname=How-to-exclude-file-folder-or-website-from-AVG-scanning )

but as the error seems to be comming from IIS, it is unclear if it is the scanner that is reporting the error.

The websites that cause the error are critical, so the only alternative is to disable AVG which is a very risky alternative.

Anyone have any suggestions?
2

If I go into ADVANCED settings —> Computer Protection –> AntiVirus and DISABLE "Enable Windows Antimalware Scan Interface (AMSI) for deeper software scans" the error is NOT flagged.

5

If I go into ADVANCED settings —> Computer Protection –> AntiVirus and DISABLE "Enable Windows Antimalware Scan Interface (AMSI) for deeper software scans" the error is NOT flagged.