"WS.Reputation.1" virus notification?

[h656032 0]

New user here.  Just tried installing Windows 7, 64-bit client and Norton is giving a virus warning: WS.Reputation.1. 

 

Why is this?  Go with any alternatives?

[zhang888 1066]

Norton? 1998 called, they want their popular AV back

Try whitelisting it manually or use another AV solution. Even the free MS Essentials seem to score better on recent AV-test.org results.

[h656032 0]

Norton? 1998 called, they want their popular AV back

Try whitelisting it manually or use another AV solution. Even the free MS Essentials seem to score better on recent AV-test.org results.

Thanks for the reply. 

 

Have you checked out NIS recently?  At least Norton of the last few years is nowhere near the same as it was in 1998.  I've been pretty satisfied with the performance.

 

I was able to easily whitelist it but thought it odd that I'd get any warning.  But it seems this particular "virus" notice is classifed by Norton users, who I guess don't use AirVPN much   As I've already lost a day in my 3-day trial period, I will go ahead and check it out.

[zhang888 1066]

Performance should be a second priority when choosing an AV solution for endpoints.

If the mis-detection and false positives rate is very high, like it seems to be the case with Norton, what is your final benefit from using such product?

You can install ClamAV as well, it will take only about 100MB of your memory. As long as you don't complain about the low detection

 

Any alert with the words HEUR,BehavesLike,Reputation,Riskware is simply a term for all those old generation AV software to say

"I don't know what that software is, and just to be on the safe side, let's assume it's bad".

[OpenSourcerer 1435]

http://virustotal.com

When in doubt, upload suspicious files there. Uninstall Norton and don't install free antivirus software to replace it. I recommend Kaspersky, F-Secure or BitDefender, though the last one went down in ratings everywhere.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)

[zhang888 1066]

F-Secure? OK Giganerd, come back to this thread when Oktoberfest is over. Are you serious? Except Mikko that is retweeting useless shite, this

vendor is long out of the game. BitDefender are somewhat OK, but their engine is an OEM of KAV 15. You can confirm by downloading the same

samples from malwr.com (or VirusTotal if you are affiliated with security vendors) and check the signatures yourself

 

However, no AV is a silver bullet, and the best AV is still "Common Sense 2015".

[OpenSourcerer 1435]

I take that as an insult.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)

[eyes878 43]

WS.Reputation.1 is what it uses when very few Norton users have used a program, and that seems to be the case with the version of the AirVPN Client "Eddie" you are using.

 

And quoting from another post in this thread by zhang888:

 

"Any alert with the words HEUR,BehavesLike,Reputation,Riskware is simply a term for all those old generation AV software to say

"I don't know what that software is, and just to be on the safe side, let's assume it's bad"."

 

If I had to recommend a security suite/antivirus, then I would recommend Kaspersky or Malwarebytes Pro - but be aware that Kaspersky can sometimes be resource intensive, in turn for very good protection. I have personally used them both.

[me.moo@posteo.me 80]

For my pennies worth I don't agree that you need to pay for AV. I use Comodo and Malwarebytes.

[OpenSourcerer 1435]

Tests show that paid AVs are in most cases superior to the free ones. Kaspersky for Windows received an extremely good reputation over the years, so it's one of those AVs I always recommend, though you need to pay for it. I also use Malwarebytes as a companion.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)

[me.moo@posteo.me 80]

Yeah I Know, I do not believe the tests necessarily. The need for really high AV security is needed by who? Is it more to do with the secret habits of internet users or those who just use it to buy things, or simply for those who buy stuff. My partner plays games all the time lol. The whole thing is geared so that we feel the need to pay loads.for stuff we do not need. Not one company, 'expert', or anyone else has convinced me that any paid for service is really needed.

[InactiveUser 188]

You can argue all day about which piece of AV software boasts the best detection rate, but that's beside the point. Detection rates and test results don't tell you anything about the software's code quality. Kaspersky was mentioned in this thread, so let's ask Google's security team how they feel about Kaspersky:

 

Sep 4, 2015:
"A remotely exploitable stack buffer overflow in ThinApp container parsing"

 

Sep 7, 2015:
"remote, zero-interaction code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus. I've tested Windows, Linux, Mac and a product using the Kaspersky SDK (ZoneAlarm Pro), all were exploitable."

Sep 9, 2015:
"arbitrary stack-relative write, remotely exploitable for remote code execution as NT AUTHORITY\SYSTEM"

Sep 10, 2015:
"unpacking remote memory corruption, exploitable for remote code execution as NT AUTHORITY\SYSTEM on all systems using Kaspersky Antivirus."
 

 

Fun fact: There's a compiler flag /GS (Buffer Security Check), which would prevent a lot of these exploits. Visual Studio even enables this by default. Kaspersky however opts to disable this flag for performance or coding convenience reasons.

 

 

Time and time again you see AV "security" products do more harm than good, introducing new security issues rather than preventing them.

[me.moo@posteo.me 80]

is a very low programmer link that few people would know much about!

[OpenSourcerer 1435]

I am not going to repeat myself as this thread now overlaps with another thread that ended in the same way.

 

Post 29112 in thread 10293 "Kaspersky: We detect and remediate any malware attack"

 

Last post relevant to the topic thread

[me.moo@posteo.me 80]

Please yourself