I have enjoyed using Avast for some time now. As a IT Security Professional with 20+ years of experience I have worked with a great number of products. I have supported a great number of products. The Free version of Avast is probably one of the best AV solutions I have encountered thus far. Realizing that AV alone is not and should not be your only solution is key to keeping things secure. Nothing is perfect , nothing has 100% reliability and multilayer solutions are required.
I have to say I am VERY Disappointed and a bit confused when it comes to Avast and the web plugin reputation scoring. Yes there are bad plugin’s and yes many pose a risk. Avast seems to have taken the approach of false hope here. Rely upon users for reports. That can not be the only heuristic utilized. I hope Avast realizes this. For Example there is NOTHING wrong with Video Download Helper for Firefox. NOTHING. The code is stable and it has been updated. Unless I am missing a CERT advisory I have no clue why people would rate this as a problem, with one exception. They are downloading malicious content. That and Avast can not scan those objects. The plugin’s you list are poor are honestly laughable. You may as well blacklist ALL plugins.
What compounds this issue is the fact that your application itself decides to make changes IE your default search engine.
Additionally why are we pointed to an update site like Download.com when it is well known that 98% of the files there are preloaded with their own tracking software?
I realize the product is free, but I really hope your not doing this to paying customers. I have done this long enough to know that a single point is a single point of failure. If you ask users to supply data and that is the only data you use, then your setting yourself up for failure. Users do bad things, not always on purpose but they just do not understand.
I encourage you to rethink this process. This is one reason why I decided to actually purchase malwarebytes before purchasing Avast. I may actually uninstall it if you guys keep adding bloated false features. Please stop. Don’t destroy a good product.
Chris Smith
TPM
CIM
CEH
CPT