What is the Avast DRep (Domain reputation) threat warning when downloading a (software) file?
You are here probably because you were hit by an Avast DRep warning.
Avast is a popular antivirus program for Windows, Mac, and smartphones. It offers free editions that are quite efficient in protecting your computer or smartphone.
When downloading files from the internet, Avast might block the downloads marking them as infected by DRep. The message is a bit misleading because DRep is not a virus infection but rather a preventive downloading blockage.
Avast DRep explanation
Avast DRep (DomainRep, aka Domain reputation) is a preventive detection of Avast antivirus that blocks EXE file (Windows executables) downloads if all these conditions are met:
- The file is not prevalent enough, ie. not enough Avast users launched the file yet,
- The domain is not prevalent enough, ie. not enough Avast users downloaded (any) EXE files from the domain yet,
- The file is not digitally signed or Avast does not trust the signature.
Once one of these conditions are not met anymore, Avast will stop flagging the download.
Other antivirus software may also use DRep as a nickname for this type of threat. For example, AVG also uses "DRep" as the nickname for low "domain reputation" and blocks the download as a preventive measure.
What to do if you see an Avast/AVG DRer threat warning
- For end-users who download a software and run into this warning:
- This is a preventive error that does not depend on the contents of the file. Avast does not examine if the file is infected by a virus or not. It gives the warning based only on external "reputation" factors.
- Choose another download server or even better contact the maker of the software for further instructions.
- Before opening the downloaded file, always scan it with the online antivirus scanner, virustotal.com
- For software developers that see their files are falsely classified as "threat" while they are perfectly clean and safe:
- Try to remove any of the three reasons that trigger this preventive measure. E.g.
- Get more Avast users to download the file from your server.
- Use a different (more known) download server.
- Getting a digital certificate. This is a bit expensive for independent software developers and it also reveals their personal data (name, etc) since they do not operate behind a company.