What is the Avast DRep (Domain reputation) threat warning when downloading a (software) file?

avast drep thread image
This Avast "Drep Infection" warning you might see, is not actually
an infection but rather a worry for "the unknown".

You are here probably because you were hit by an Avast DRep warning.

Avast is a popular antivirus program for Windows, Mac, and smartphones. It offers free editions that are quite efficient in protecting your computer or smartphone.

When downloading files from the internet, Avast might block the downloads marking them as infected by DRep. The message is a bit misleading because DRep is not a virus infection but rather a preventive downloading blockage.

Avast DRep explanation

Avast DRep (DomainRep, aka Domain reputation) is a preventive detection of Avast antivirus that blocks EXE file (Windows executables) downloads if all these conditions are met:

  1. The file is not prevalent enough, ie. not enough Avast users launched the file yet,
  2. The domain is not prevalent enough, ie. not enough Avast users downloaded (any) EXE files from the domain yet,
  3. The file is not digitally signed or Avast does not trust the signature.

Once one of these conditions are not met anymore, Avast will stop flagging the download.

Other antivirus software may also use DRep as a nickname for this type of threat. For example, AVG also uses "DRep" as the nickname for low "domain reputation" and blocks the download as a preventive measure.

When you download the Windows version of our StarMessage screensaver, from the alternative server that does not receive many downloads, you might get this error message and the download gets blocked by Avast's web shield.
You can download the screensaver from our primary server to avoid this.

What to do if you see an Avast/AVG DPer threat warning

For end-users who download a software and run into this warning: 
This is a preventive error that does not depend on the contents of the file. Avast does not examine if the file is infected by a virus or not. It gives the warning based only on external "reputation" factors.
Choose another download server or even better contact the maker of the software for further instructions.
Before opening the downloaded file, always scan it with the online antivirus scanner, virustotal.com
For software developers that see their files are falsely classified as "threat" while they are perfectly clean and safe:
Try to remove any of the three reasons that trigger this preventive measure. E.g.
- Get more Avast users to download the file from your server.
- Use a different (more known) download server.
- Getting a digital certificate. This is a bit expensive for independent software developers and it also reveals their personal data (name, etc) since they do not operate behind a company.
Rating: 
5
Average: 5 (1 vote)

Comments

Thanks. VirusTotal says it is fine.
Rating: 
5

The fastest solution is to uninstall Avast!
Rating: 
0

Add new comment