• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos1 Stats

WS.Reputation.1 has destroyed a decade's worth of plugins.

Is there anyway to actually disable WS.Reputation.1?  Disabling it in the AV settings doesn't do anything.  The support chat guy rebooted my computer and then disappeared.  Many of my VST plugins, some of which I have literally been using for a decade, are suddenly getting flagged with WS.Reputation.1.  Restoring them from quarantine and supposedly excluding them from the scan doesn't work.  I am in the middle of a large music project, and Norton is completely screwing me over, suddenly making it impossible to proceed.  

Replies

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Are the VST plugins legitimate? Have you tried disabling the WS.Reputation and restarting your PC? After you added your plugins into to exclusions, did you do a restart? Are your Norton and Windows software up to date?

Kudos1 Stats

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Yes to all of the above.  But, after 3 hours of research, multiple support chats that led to disconnects or being shuffled into a queue to be ignored, and various other unhelpful bits, I found a simple 2-step process that fixed my problem:

1. Uninstall Norton.

2. Install a different security suite.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

It is very unfortunate to hear that you could not find Norton fitting for your use, but it is also perfectly understandable. Good luck!

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

False Positive - usual situation for all products. You should send Ws.Rep.1 files to Symantec and all your clients (and you) will not get this alert. Your problem is not solved. Customers with Norton will run away from you. Cool!

Aah, no. You will persuade them to leave Norton.  But, "False Positive - usual situation for all products" and TrendMicro, F-Secure, McAfee do more FPs, while Microsoft, Emsisoft bit lower and only Kaspersky, BitDefender, ESET rarely wrong.

Detection of your programs - only your problem! You must send your programs to antivirus companies (for adding in white list).

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

I'm having the exact same problem. Over 300 VST plugins, a third of them have been DELETED (not quarantined). When I restoring them, I added the entire folder where my plugins are stored to the exclusion list. It still deletes them again when I start my audio software. I've gone through this 4 times now. Thousands of dollars worth of plugins can't be used because of Norton. Luckily I have the originals backed up on a portable drive. But still, every time I try to reinstall them, they get deleted again regardless of exclusion settings. I am not sending a gig of files to Norton to get them whitelisted. Pretty sure Slate Digital and Waves are very reputable software companies, so why flag them in the first place. Sort it out Norton.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

If they are reputable companies but they haven't evaluated their own software properly, it can easily be a target for Norton. VST plugins work actively with hardware and other software, which has the capabilities to affect each other. You could also send them the names of the products that have issues with Norton.

And as people have mentioned, every single anti-virus and anti-malware will have false positives. No exceptions, simply how it is. Some have a significantly lower chance for that, but overall, it's an ongoing battle. 

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Good point about hardware/software. That's probably why they get flagged. But yes, they are very reputable - Slate and Waves are the biggest VST software companies on the planet. I'm just really surprised that it happens to be their plugins that get flagged and not others.

That said, I found a way around it. I actually thought I had done this already, but obviously didn't do it properly.

Solution: I already had added my VST plugin folder to exceptions on scans, the problem was my portable drive - added the folder on my portable drive to exceptions too (as it was removing the file when trying to copy over to my PC), bam, problem solved. I did originally have WS.Reputation.1 as an exception too, but removed it just in case of a real threat. Still copies over the dll files without any problem now. 

Note: If I had to install the plugin (exe file) it would still remove it. So to get around this, I just disabled autoprotect whilst doing the install, then enable again. All good once the files are installed to my VST folder.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Yeah, it is a very wonky way of doing it, but it works. I am glad you stuck with Norton. And thanks for sharing the solution.

Interesting how companies do not evaluate their software, I don't think it costs money? Maybe it does? Not sure on that front.

And yeah, as I occasionally work with music myself, I noticed that many anti-virus and anti-malware programs flag plugins because they interface themselves and affect the hardware directly. Manipulating it to create different sounds or in software terms, even change the functionality of some matters.

Kudos1 Stats

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Hi @Tymothi & @jasonfisher,

Sorry for the trouble caused. The Norton product scans your files and folders using multiple components, such as Auto-Protect, SONAR, or File Insight. If you exclude a file or folder that is detected by Auto-Protect, the same file or folder is detected again in the next scan by a different component like SONAR or File Insight. This occurs due to the detection of the file's signature. To resolve this, you need to exclude the signature from all scans. Please refer below Norton Support article for more details. 

My Norton product detects a file or program as a threat even after I exclude it from scan

For further investigation, could you please submit files to False Positive to Symantec? 

Report a Suspected Erroneous Detection (False Positive)

Sunil_GA | Norton Forums Administrator | Symantec Corporation
Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

There absolutely needs to be a way to remove ws.reputation.1 as an utterly useless and dangerous feature!  I'm currently transferring backups of inhouse developed code between drives on my PC and with everything turned off from Norton, it's still sitting there, analysing every DLL and quarantining / deleting them! Potentially thousands once it's finished!

It should absolutely be a "feature" that can be disabled as it's the most idiotic thing I've ever seen. If it at least, for that particular "pattern" prompted the user to verify and allow/quarantine the file, or directory once it sees lots of files moving, then fine. But it doesn't and every restore from quarantine (if they're there) is manual & individual.

Truly the most ill conceived piece of functionality in software.  And no, I'm not submitting thousands of DLLs or signing them all whilst in development and continual compilation just to be able to use them. Norton needs to get off it's ego trip and put in user owned controls for potentially damaging code like this.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

JustinB486:

There absolutely needs to be a way to remove ws.reputation.1 as an utterly useless and dangerous feature!

Um, have you tried to exclude WS.Reputation.1 signature from all detections.

The Norton product scans your files and folders using multiple components, such as Auto-Protect, SONAR, or File Insight. If you exclude a file or folder that is detected by Auto-Protect, the same file or folder is detected again in the next scan by a different component like SONAR or File Insight. This occurs due to the detection of the file's signature. To resolve this, you need to exclude the signature from all scans.

https://support.norton.com/sp/en/us/home/current/solutions/v115455517

Note: populating the list of signatures may take a few mins.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Yes. ws.reputation.1 was allegedly disabled. monitoring on folders was disabled and I was stuck watching it delete (not quarantine!) masses of files. I did solve the problem though, I just uninstalled Norton suite.

How am I meant to recover all of that work though I'm not sure, I was moving it to make a backup!

Norton should not delete files unless they are absolutely identified with major viruses, not a bloody made up reputation... I've seen this cause hell with SQL servers, web servers inside corporates, till we scrapped the product and stopped recommending into any corporate customers.  That view will now extend to home use.

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Okay.... as I recall.... my WS.Repuation.1 detections were quarantined. 

I did solve the problem though, I just uninstalled Norton suite.

I hear ya'.  
Regards w Respect

Kudos0

Re: WS.Reputation.1 has destroyed a decade's worth of plugins.

Interesting matter, how even through exclusions it still scans. To be fair, the background checks are a bit annoying and tedious, it is worse for development applications since they are all custom generated ones, that change. Norton will not recognize them and most likely quarantine them. I can understand why it works as it does. However, some tweaking could be beneficial though.