WS.Reputation.1 is still problematic

Having just read the locked post regarding WS.Reputation.1 I have to comment as follows:

 

1. I am a developer.

 

2. I have posted an application (in C#), to be deployed by Microsoft ClickOnce, to my web server and every time I try to download the setup.exe, Norton 2010 (fully updated) aborts it as being infected with WS.Reputation.1. My old version of Norton allowed the download without problem.

 

3. I FTPed the file to my system and got Norton (and several other AV products) to scan it. They all agreed it was clean (including Norton, which won't download it!)

 

4. I know the server is clean, I know my application is clean, but anyone using Norton 2010 can't downloiad it. Fortunately, it is a free tool for other developers so I'm not losing revenue, but suppose it wasn't? And you don't seriously think it helps the reputation of my company to have Norton flash up a virus warning when someone tries to download our software? So far, we are still green as far as Norton safety goes, but what if we get listed as an unsafe site? The whole thing is creating anxiety and worry and there doesn't seem to be any redress or recourse.

 

5. I dutifully notified the False Positive using the procedure described in this community. That was around 10 days ago. So far I have no response, not even an acknowledgement of my mail. I think this is reprehensible. I am generally pretty happy with Norton products but this is making me rethink the whole deal. To read in a post here that these false positive reports are being monitored "24 hours a day" when I know very well that at least mine has elicited no response whatsoever, is pretty frustrating.

 

6. I understand that this is a new approach to virus detection but why can't I turn it off? I tried turning off everything I could find to turn off but it made no difference. Why can't it notify that it thinks this is infected and INSTEAD of ABORTING, allow me to continue if I want to? I loathe and detest software that thinks it is so clever it knows better than I do... Software should explain the situation to the user and let the USER make a decision, and it should be configurable to do that. (Other areas of Norton software are, and it is commendable, but the ball appears to have been well and truly dropped on this one.)

 

I am really running out of patience with this and posting here is my last resort attempt to get some kind of workaround or fix. I spent well over an hour with online help only to be told it is a "dangerous virus". Their standard scripted responses did not cater for the possibility of a bug in the Norton software, and although I tried to explain what was happening it just didn't register. WS.Reputation.1 might well be a "danerous virus", but it isn't infecting my software.

 

I can't believe I am the ONLY user experiencing this so if anyone else here has had a similar problem and resolved it, with or without help from Norton, could you throw me a bone and let me know how you did so, please?

 

Many thanks in anticipation,

 

Morepork.

 

Actually the logic behind this feature is that if many people use it it must be safe. If few people do, there is a high chance its a virus.

Because this detection is based on a reputation score created by tens of millions of computers, and it ignores all computers running any other antivirus software or even other versions of Norton, it has a built in discrimination against companies distributing hundreds versus millions of copies. 

 

For a small company with a handful of products, the form at https://submit.symantec.com/whitelist/new.cgi is burdensome, especially if it needs to be revisited with every update. Why not a single form where a company can provide adequate information to whitelist the company versus every product? Even then it's a burden directed exclusively at small companies and may not even be a known requirement until after customer complaints are received and damage has been done.

 

On the surface this appears to be a clever means of protecting consumers, but it's a killer for small companies and their reputation when a product is declared to contain a virus and become quarantined. It's not a reputation warning that comes up - it says literally that a virus is detected.

 

It has diminished our reputation without just cause.

 

When you're refunding money to angry customers due to no fault of your own this "feature" is a leech. 

 

MichiganJim-

 

is it all your products that are being detected or just one? you don't need to whitelist unless the program is detected. if all your programs are being detected its likely due to something common between all the programs (like their not digitally signed or something). programs aren't going to be detected just because less users use them. theres always going to be a first person who downloads programs even from the big companies and the software doesn't detect it from them.

 

this post might help- http://community.norton.com/t5/Norton-Internet-Security-Norton/What-is-WS-Reputation-1/m-p/237003#M114149

As a developer I have to concur with everything that MorePork posted in http://community.norton.com/t5/Norton-Internet-Security-Norton/WS-Reputation-1-is-still-problematic/m-p/234985/highlight/true#M113310

 

Today my small company refunded a significant purchase price to a customer who was outraged that our software failed Norton's scan. There is no virus or trojan horse in our package, yet Norton quarantined it and scared her off. It's inexcusable that Symantec is causing small developers to lose income and reputation over a bogus popularity contest. Okay, so I try to jump through Symantec's hoops (pita) to see how to get around this issue. Reading Symantec's Clarification on WS.Reputation.1 detection I come across a link for the recommendations but all I get there is that I'm unauthorized to view it.

 

Thanks Symantec. It's always nice to be stifled at every turn.