Hi there!
One of our users reported that his Avast! blocked the last update of our application.
How could we prevent this from happening?
It can be downloaded right here:
http://www.dashlane.com/
Please keep me updated.
Kind regards,
Only ClamAv makes such clai,s; unfortunately the claims in ClamAv offers no appeal, and it is only supported by general public opinion without serious inspection of risks. Now that people see "Dashlane" somewhere they urgently rate it "bad" in ClamAV, without looking at it. Most contributors to ClamAv reutation system have absolutely no technicla skills, they just continue to repeat the opinion found elsewhere. And they cannot make the difference between a legitimate (and useful tool) that is clean of any infection (even if the tool has some usability problems in its UI and using it could be risky if you're not experienced with it).
If you see a report in ClamAv only, against a software that is very common, and you find no bad claim in serious antivirus tools, ignore this alert. If Dasjlane was seriously a virus, it would have been blocked by almost all antivirus tools.
However Avast uses a separate "community cloud" based only on generic "reputation" on the web. The "WebRep" tool of Avast makes many false positive detections. Too many in fact. Unfortunately what it proposes to do is not helpful to try investigating the issue, as Avast only proposes to eradicate the software immediately without any supporting link (at least to an updated thread in this forum).
I hate the way WepRep works, and the fact that it constantly wants to erase a tool that I constantly need in order to login securely on sites (including this one!) with my strong passwords (that I cannot remember).
Please Avast, make a special attention to wellknown password managers that are known to be safe: your tool should check only check that this is an official installation.
Avast can detect digitally signed versions that are effectively coming from Dashlane.com (and that are not random "cracks" frequently posted on the web or proposed on P2P and crack sites: on those sites you'll find "cracked" versions of Windows, or Acrobat, or many famous commercial applications, but all of them are infected, these cracks are effectively troyans, but should not be confused with the official versions supported by their legitimate producers).
So please before proposing to delete a software that has "bad reputation on Webrep", first lookup in your database of signatures to see if this is an officially supported version and not a crack: you can have an online database to check digital signatures detected by your antivirus. Use the embedded digital certificate already in the Dashlane application and browser addon and whitelist this certificate as long as there's no real issue after your investigations.
And then discard the bad reports coming from your WebRep users : don't show the dialog to uninstall it without providing a link explaining why and showing the effective status of the software.
Thanks.
