Jump to content

Error Console Errors Due to Anti-Virus Software


Recommended Posts

Certain brands of Anti-Virus software installed on your Passwordstate web server can cause issues with sessions in IIS (Internet Information Services). These AV products can kill sessions in IIS, causing the general error screen to appear in Passwordstate, and the following types of errors in the Error Console screen:


  • It appears the user's session in IIS has been prematurely ended, causing the following error
  • Object variable or With block variable not set
  • Error Code = Incorrect syntax near the keyword 'DEFAULT'
  • Error Code = Thread was being aborted
  • ApplyScreenCustomisations
  • Invalid Viewstate
  • There was an issue validating both the AuthToken session variable and cookie
  • The parameterized query

  • Specified argument was out of the range of valid values in conjunction with ApplyScreenCustomisations()


If you see any errors like this, please temporarily exclude the Passwordstate folder from any active scanning, as well as the w3wp.exe process, which is IIS.  Generally the Passwordstate install folder is c:\inetpub\passwordstate.  If this resolves the issue then remove the exclusion and contact your AV vendor for a permanent solution.


Some of these errors can also be caused by using multiple instances of Passwordstate open in different browsers, or different tabs, and upgrading to the latest version will fix these errors.


**EDIT** We have also been made aware that reverse proxies, or even web load balances can cause some of these errors.  To rule out these solutions are causing these errors, please bypass them an monitor the error console. 


If you can determine that a Load Balancer or Reverse Proxy is causing the issue, please log a support call with that vendor to ask for advice on how to configure their solution to prevent this from happening.  


**EDIT 14th August 2023**

Another customer has given us information when using Blackberry’s Cylance ENDPOINT (aka Cylance PROTECT and Cylance OPTICS).  Information about this can be seen below:


Memory protection policy needs to have these exclusions added:

  1. “\inetpub\Passwordstate\Bin\Passwordstate.exe” – for all violation types (build 9700 or below)
  2. “\inetpub\Passwordstate\WindowsService\Passwordstate.exe” – for all violation types (build 9708 or above)
  3. “\Program Files (x86)\Passwordstate Agent\PasswordstateAgent.exe” – ignore Malicious payload violation type
  4. “\Program Files (x86)\Passwordstate Agent\PasswordstateAgentUpgradeService.exe” – ignore Malicious payload violation type




Click Studios

Link to comment
Share on other sites

  • 2 months later...
  • 3 weeks later...
  • 4 years later...

These errors "It appears the user's session in IIS has been prematurely ended, causing the following error" also occur during the Out of Box setup wizard as you click "Next" to apply the "System Settings" if you've got the STIG for Windows Server 2019 applied.

We're still trying to find exactly what setting within the STIG is causing the issue. @support is there any guidance you can provide of what is occurring after clicking Next on the System Settings setup wizard screen? 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...