Author Topic: Avast blocks log in of the Lastpass.com website - anyone else seen this?  (Read 6044 times)

0 Members and 1 Guest are viewing this topic.

Charlene_R.

  • Guest

When I go to www.lastpass.com   this is the URL that comes up:  https://lastpass.com/index.php

then I log in to my account by clicking on the button that says to Log In to LastPass and this is the URL that loads:  https://lastpass.com/index.php?&ac=1&fromwebsite=1&newvault=1&nk=1

I put in my information: and click on the sign in button.  Then the lastpass site shows "signing you in" and all of a sudden AVAST alarms with a verbal "Threat has been detected" and says:  Trojan Horse Blocked.  AVAST Script Shield has blocked a threat.   Object:  http:/...index.php?AC-1fromWebsite

JS:SCRiptSH-INF [Trj]
Chrome.exe

this is when trying to log into the site from the Chrome browser where the last time I was able to log in I elected to install the chrome browser extension so that lastpass would work with the chrome browser (keep up with my passwords and sites through chrome).  I can use Firefox and the lastpass programs runs as it should, loads automatically, alerts and keeps track of websites and my passwords.  It has something to do with using the chrome browser - which I was thinking about switching to as Firefox has been getting increasingly more unstable. 

Any insight or help would be greatly appreciated.  Lastpass people don't seem to have any ideas.  They say that the browser extension simply allows lastpass to run as a resident program in the background (as a password manager is supposed to do) and that their site is maintained and scanned automatically.  When I submit the website url to online checkers - it doesn't find anything so I'm at a loss here.

Thanks for asking questions and trying to help me figure this out...   :-\  I am so confused... 

Charlene

The original post is below.  I tried to describe in better detail above but didn't want to just delete what was written below in case there is something important that I did not cover ...  better to be safe than sorry... thanks again for your time, patience, understanding, and willingness to help out.

I use the LastPass software to manage my passwords.  I was trying to load the "chrome" extension for the Google Chrome Browser.  I go to www.lastpass.com website and Log In as usual, when selecting the "chrome" extension to load http://lastpass.com/index.php?ac=1  Avast stops the page loading and says JS: ScriptSH Inf [Trj]  C:\programfiles... chrome.exe

I believe this is a false positive, but I am not sure how to fix it to allow me to continue to run the file.  Any help would be greatly appreciated.  Thanks in advance for any help.

I have no problems when opening this website or running this program on the Firefox browser - just when trying to run it on the Chrome browser.  Mind you the extensions are probably different for the different browsers.
« Last Edit: July 27, 2013, 05:43:56 PM by Charlene_R. »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
You can report a possible FP here: http://www.avast.com/contact-form.php
you may add a link to this topic in case they reply here

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
I am getting no Alerts.

Are you getting any alerts Charlene?
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Charlene_R.

  • Guest
You can report a possible FP here: http://www.avast.com/contact-form.php
you may add a link to this topic in case they reply here

Thanks,  I did send in a notation of the issue and listed this topic url for reference.  thanks for giving me the link to make the report.

Charlene_R.

  • Guest
I am getting no Alerts.

Are you getting any alerts Charlene?

I revised the original post to include everything that I saw:  I duplicated the  situation to doublecheck.  Thanks for trying to help...

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
I get a script alert (not from avast!) for Source: https://lastpass.com/m.php /xss?1361822981
Looks like LastPass messed up it says there with a HTTP/1.0 400 Bad Request
Might be a hick-up in the code, but there had been Key recovery attacks forged on the Lastpass bookmarklet
All green here: http://moonsearch.com/lastpass.com/technology

polonus
« Last Edit: July 27, 2013, 06:08:20 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!