This is still an issue and the thing I see that could finally put this to rest is a simple change that allows a wildcard entry for domains on the secure web scanning preferences (and all the preferences frankly). Right now you HAVE to put in a "valid" link i.e. client.dropbox.com, whereas if you could simply put *.dropbox.com and permit any variation prior to the root domain you should be fine. Trying to enter *.dropbox.com it freaks out and says invalid, it's silly.
And beyond the folks on this thread who's gonna take the time to wireshark their correct dropbox??? I did a netstat and got a www-5b.v.dropbox.com the last connection I had so entered that and now I am blocked again, it's a waste of a neat option for this AV. As for now i have to open Avast, go to preferences and turn off web scan every time I want to use Dropbox (it also blocks crashplan.com data backup secure connections so off it goes for that too), just gonna leave it off at this point.
Rant - The folks on this thread seem techie but a normal customer isnt going to bother and that's the rub. We've got a new mac botnet out, macs are still and will be more targeted as they grow in use, and we have to turn around folks who buy a mac simply to "not get viruses" and work them on getting a decent AV and if they get Avast they are gonna toss it and run without one. /rant