Jump to content
Not connected, Your IP: 3.144.106.207
h656032

"WS.Reputation.1" virus notification?

Recommended Posts

New user here.  Just tried installing Windows 7, 64-bit client and Norton is giving a virus warning: WS.Reputation.1. 

 

Why is this?  Go with any alternatives?

Share this post


Link to post

Norton? 1998 called, they want their popular AV back

Try whitelisting it manually or use another AV solution. Even the free MS Essentials seem to score better on recent AV-test.org results.

Thanks for the reply. 

 

Have you checked out NIS recently?  At least Norton of the last few years is nowhere near the same as it was in 1998.  I've been pretty satisfied with the performance.

 

I was able to easily whitelist it but thought it odd that I'd get any warning.  But it seems this particular "virus" notice is classifed by Norton users, who I guess don't use AirVPN much   As I've already lost a day in my 3-day trial period, I will go ahead and check it out.

Share this post


Link to post

Performance should be a second priority when choosing an AV solution for endpoints.

If the mis-detection and false positives rate is very high, like it seems to be the case with Norton, what is your final benefit from using such product?

You can install ClamAV as well, it will take only about 100MB of your memory. As long as you don't complain about the low detection

 

Any alert with the words HEUR,BehavesLike,Reputation,Riskware is simply a term for all those old generation AV software to say

"I don't know what that software is, and just to be on the safe side, let's assume it's bad".


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

http://virustotal.com

When in doubt, upload suspicious files there. Uninstall Norton and don't install free antivirus software to replace it. I recommend Kaspersky, F-Secure or BitDefender, though the last one went down in ratings everywhere.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

F-Secure? OK Giganerd, come back to this thread when Oktoberfest is over. Are you serious? Except Mikko that is retweeting useless shite, this

vendor is long out of the game. BitDefender are somewhat OK, but their engine is an OEM of KAV 15. You can confirm by downloading the same

samples from malwr.com (or VirusTotal if you are affiliated with security vendors) and check the signatures yourself

 

However, no AV is a silver bullet, and the best AV is still "Common Sense 2015".


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

I take that as an insult.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

WS.Reputation.1 is what it uses when very few Norton users have used a program, and that seems to be the case with the version of the AirVPN Client "Eddie" you are using.

 

And quoting from another post in this thread by zhang888:

 

"Any alert with the words HEUR,BehavesLike,Reputation,Riskware is simply a term for all those old generation AV software to say

"I don't know what that software is, and just to be on the safe side, let's assume it's bad"."

 

If I had to recommend a security suite/antivirus, then I would recommend Kaspersky or Malwarebytes Pro - but be aware that Kaspersky can sometimes be resource intensive, in turn for very good protection. I have personally used them both.

Share this post


Link to post

Tests show that paid AVs are in most cases superior to the free ones. Kaspersky for Windows received an extremely good reputation over the years, so it's one of those AVs I always recommend, though you need to pay for it. I also use Malwarebytes as a companion.

 

(Sent via Tapatalk - this generally means I'm not sitting in front of my PC)


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Yeah I Know, I do not believe the tests necessarily. The need for really high AV security is needed by who? Is it more to do with the secret habits of internet users or those who just use it to buy things, or simply for those who buy stuff. My partner plays games all the time lol. The whole thing is geared so that we feel the need to pay loads.for stuff we do not need. Not one company, 'expert', or anyone else has convinced me that any paid for service is really needed.

Share this post


Link to post

You can argue all day about which piece of AV software boasts the best detection rate, but that's beside the point. Detection rates and test results don't tell you anything about the software's code quality. Kaspersky was mentioned in this thread, so let's ask Google's security team how they feel about Kaspersky:

 

Sep 4, 2015:
"A remotely exploitable stack buffer overflow in ThinApp container parsing"

 

Sep 7, 2015:
"remote, zero-interaction code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus. I've tested Windows, Linux, Mac and a product using the Kaspersky SDK (ZoneAlarm Pro), all were exploitable."

Sep 9, 2015:
"arbitrary stack-relative write, remotely exploitable for remote code execution as NT AUTHORITY\SYSTEM"

Sep 10, 2015:
"unpacking remote memory corruption, exploitable for remote code execution as NT AUTHORITY\SYSTEM on all systems using Kaspersky Antivirus."
 

 

Fun fact: There's a compiler flag /GS (Buffer Security Check), which would prevent a lot of these exploits. Visual Studio even enables this by default. Kaspersky however opts to disable this flag for performance or coding convenience reasons.

 

 

Time and time again you see AV "security" products do more harm than good, introducing new security issues rather than preventing them.


all of my content is released under CC-BY-SA 2.0

Share this post


Link to post

I am not going to repeat myself as this thread now overlaps with another thread that ended in the same way.

 

Post 29112 in thread 10293 "Kaspersky: We detect and remediate any malware attack"

 

Last post relevant to the topic thread


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...