Well known problem, discussed many times on the forum.
The "WS.Reputation.1 is not a virus. It's a message that Norton gives when it doesn't know about a file, because it's too new or not popular. You can see how this is utterly and blatantly wrong: if you keep trusting Norton, you will not eventually be able to download anything else that very common and popular files, like Acrobat Reader…
The issue is, we update our installers so often, then they will never get the chance to be "popular" enough for Norton considering worthy of its "reputation" score.
More proof ? There's a 20 pages long thread on Symantec forum about legit applications mistakenly flagged as threats with a"WS.Reputation.1"
http://community.norton.com/t5/Norton-Internet-Security-Norton/What-is-WS-Reputation-1/td-p/228251Even more proof ? Read here how the bugged Norton antivirus and its "reputation" feature really works:
http://www.codeandweb.com/blog/2012/06/23/how-symantec-ruins-independent-developersEven MORE proof, from Symantec themselves ? We of course report their false positives, when they happen. And this is their usual reply, were they clearly admit their program is at fault, and promise to "fix" it in the next update.
This email came from Symantec False positive support:
We are writing in relation to your submission through Symantec's on-line Security Risk / False Positive Dispute Submission form for your software being detected by Symantec Software. In light of further investigation and analysis Symantec is happy to remove this detection from within its products.
The updated detection will be distributed in the next set of virus definitions, available daily, or weekly via LiveUpdate, depending on Symantec product version, or daily from our website at
http://securityresponse.symantec.com/avcenter/defs.download.html.
Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.
If you are a software vendor, Symantec offers the possibility of adding your software to its database of known clean files in order to reduce the possibility of false positives. If you wish to participate in this program, please complete the following form.
https://submit.symantec.com/whitelist
Sincerely,
Symantec Security Response
http://securityresponse.symantec.com
But, as I've said, we update all installers so often, they simply can't keep track of all updates.
When in this case, when the antivirus is at fault, the correct procedure to install is:
- Turn OFF the antivirus entirely
- Download the installer and keep the antivirus turned OFF
- Install all the sceneries and keep the antivirus turned OFF
- Before launching Flight sim, configure the antivirus to exclude the following files from scanning:
\YourFSXFolder\bglmanx.dll
\YourFSXFolder\fsdreamteam\Couatl\Coautl.exe
When you configured the antivirus to exclude the above files, you can turn it back on and launch Flight sim.
The real solution, though, is to switch to another product which doesn't mistakenly flag our products as threats. There are many, the best one is the FREE and always updated Microsoft Security Essentials, which doesn't require any configuration and doesn't mistakenly detect any of our products as threats.
