Announcement

Collapse
No announcement yet.

Dashlane false positive

Collapse
This topic is closed.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dashlane false positive

    IObit Malware Fighter

    OS: Windows 7
    Version: 3.1.0.18
    Database Version: 1440
    Scan Mode:Manual
    Time Elapsed: 00:00:24
    Objects Scanned: 54820
    Threats Found: 1
    Save Time: 02/05/2015 03:31:31

    |Name|Type|Description|ID|
    Malware GUID, GUID, HKEY_CLASSES_ROOT\Typelib\{3277cd27-4001-4ef8-9d96-c6ca745ac2f9}, 402319


    -----

    File in registry is "%AppData%\Roaming\Dashlane\ie\KWIEBar.dll"

    This is clearly NOT malware. In addition this addon is digitally signed by Dashlane. And VirusTotal does not report ANY alarm from ANY antivirus suite.

    VirusTotal report (100% clean):
    https://www.virustotal.com/fr/file/5...b242/analysis/

    It is the required addon that allows Dashlane (a SAFE and SECURED password manager) to fill in forms to enter login/passwords that it will send to the visited site.
    Without it, the password manager is no longer functional at all, and we need to enter them manually, and update them manually in Dashlane!

    Dashlane is not an obscure company, it has an official street address, true phone contact, true fiscal number. The website is also clearly identified, as well as its billings, and there's never been any issue about payments and subscriptions for its cloud storage service (optional).

    This report is about the last updated version of Dashlane (see https://www.dashlane.com/)

    Here is what is installed in "%APPDATA%\Roaming\Dashlane\ie" (zipped and encrypted with password "infected", as instructed by you):

    http://www.wikisend.com/download/843...e-ie-addon.zip

    Note: the zipped file above has a 90 days lifetime on "wikisend" (the maximum allowed) starting today.
    Last edited by verdy_p; May. 2nd, 2015, 03:16.

  • #2
    May be some users have experienced problem only because this GUID was harnessed (in the registry of their own Windows installation) by another uynrelated malware trying to steal passwords stored in Dashlane, and installing another unsafe addon on this key.

    Clearly it is not enough to just check the GUID without looking at the software that is pointed by this TypeLib registry key.
    So the ioBit analysis is clearly unsafe if it just considers GUID's that are NEEDED by safe softwares (for example a malware may attempt to infect a GUID of Microsoft Office or Windows itself, this does not mean that the GUID itself is "malware", when it is needed by core functionality.)

    Comment


    • #3
      Most probably a Malware as well. I think I have worked on dashlane once.

      Comment


      • #4
        Hi verdy_p,

        Thanks for your feedback.

        After deep analysis, it is not a false positive. If you do not want to scan it our again, please right click it and add it in our Ignore list.

        If you met any other issues, please feel free to tell us.

        Thanks for choosing IObit to care your PC.
        IObit Support Team --
        If you're happy with our products, please tell your friends, families and colleagues about IObit and IObit products! We'd be very grateful!

        Comment


        • #5
          Dashlane is not a malware, the file I submitted was the original version downloaded secrely from their website. But ioBit is known to install various adwares (that turn to be real malwares) in its "free" products without asking permission to the user.
          Seriously, this is not the first time (all your "free" products have been regularly affected by multiple different versions of your malwares). Ten when you fix them, you just try to use another trick to avoid the detection and blocking by serious antivirus solutions.
          May be your "paid" versions are safe, but this is certianly not the case of your "free" versions which are constantly infected and extremely intrusive.

          Comment


          • #6
            Hello,

            Sorry for my late reply.

            What do you mean by " But ioBit is known to install various adwares (that turn to be real malwares) in its "free" products without asking permission to the user." Please describe the issue more clearly. There should be some misunderstandings.

            IObit does install adwares for users. All users have rights to deny any unwanted programs.


            IObit Support Team --
            If you're happy with our products, please tell your friends, families and colleagues about IObit and IObit products! We'd be very grateful!

            Comment

            Working...
            X