Norton Still Reporting BigBox.dll as a threat

[Neo-Eyes]

Hi, I don't know if this has been posted more than once or twice but on installing version 11.5, not long after the install Norton popped up saying it was working on resolving a threat, before saying that it removed it.
I was a little spooked so I checked what it was , and it reported the threat came from BigBox.dll.
I know a few users have reported similar issues so I just wanted to confirm it is still occurring and out of sheer paranoia just double check that the report is a false positive.
Would also just like to say I reported it to norton as a false positive , idk if that will get them to do anything about these false positives but its been put in for testing.

As a side note I almost always have issues when updating lunchbox for one reason or another related to norton, im almost convinced it just hates the software since 9/10 times i need to run the updater twice so that i can tell norton to not block it from overwriting launchbox files so it can actually do the update. I know thats nothing to do with what you people here make just felt better to say it. 
Anyway thankyou for your time and have a lovely day.

[sundogak]

I have Norton as well and it has issues with the Bigbox.dll since they moved to the Net-core platform. It was resolved for 11.5 but popped back up on 11.6 and the 11.7 beta.  It is a false positive , but it is annoying in that prefer not excluding things if can help it. 

[Neo-Eyes]

50 minutes ago, sundogak said:

I have Norton as well and it has issues with the Bigbox.dll since they moved to the Net-core platform. It was resolved for 11.5 but popped back up on 11.6 and the 11.7 beta.  It is a false positive , but it is annoying in that prefer not excluding things if can help it. 

Honestly yeah thats my biggest complaint too, leaving anything excluded from my anti-virus gives me the hebejibes , like i pulled the file from quarantine and gave it to virus total and its literally just symantec that complains about it so im reasonably sure its safe, but eh i guess , gave it to the false positive team so hopefully they get back to me soon, its information i already know basically (everyone says its  a false positive, even other anti-viruses) but i'd still rather be sure in as many ways as possible. Thanks for getting back to me , lets hope the issue is cleaned up soon. 
what makes norton heuristics hate the net-core so much i wonder 

[neil9000]

1 hour ago, Neo-Eyes said:

Honestly yeah thats my biggest complaint too, leaving anything excluded from my anti-virus gives me the hebejibes , like i pulled the file from quarantine and gave it to virus total and its literally just symantec that complains about it so im reasonably sure its safe, but eh i guess , gave it to the false positive team so hopefully they get back to me soon, its information i already know basically (everyone says its  a false positive, even other anti-viruses) but i'd still rather be sure in as many ways as possible. Thanks for getting back to me , lets hope the issue is cleaned up soon. 
what makes norton heuristics hate the net-core so much i wonder 

With all due respect, a Antivirus that deletes files that are not virus's is a poor product to start with and not worth the money. It's clearly not fit for purpose if it just deletes perfectly safe files with little or no warnings at all, actually in that regard Norton is acting like a virus itself by removing/editing files without notifying the user, thats really bad form and i wouldnt touch Norton with a 10 foot pole. The Windows defender that comes free with Windows is a perfectly fine product, and doesnt go around deleting files without telling you or scaring you with virus warnings for perfectly safe programs, also uses far far less resources that Norton does.

[sundogak]

It isn’t just Norton since saw reference to folks with Avast having issues as well (just one I recall off top of head). Norton does advise it found issue with the DLL and pops up notification accordingly, so the comment on its behavior is incorrect. It also notes in log or quarantine if it moved. It started with code changes to LB, not something new to Norton. Also 11.5 was coded to avoid triggering AVs with some fiddling by Jason. So it is something that is workable on LB side even if it sounds like it is annoying from a coding perspective. 
 

Defender is great, but I wouldn’t use it as sole AV. To each their own. I also have no grand allegiance to Norton, but it (and others) has served me well over the decades. LB is also great software, but ultimately it is the code changes in LB that started falsely triggering and from my perspective should be addressed by LB, at least from a support headache view as well as user experience. These are large market share AVs having issues, so the LB user base in aggregate is going to keep running in to it, regardless of views positive or negative on their worth. 

[neil9000]

18 minutes ago, sundogak said:

Norton does advise it found issue with the DLL and pops up notification accordingly, so the comment on its behavior is incorrect.

Seemingly not all the time as i have personally seen examples on these very forums of people looking after i have told them that there AV may have removed files and finding the Bigbox.dll had been quarantined without there knowledge. So it does happen, and those people are usually less tech savvy in the first place hence why they rely on a program like Norton so they can just set and forget, so they are not likely to be looking at logs to see what is going on.

This below thread just being the most recent one i have seen where a user wasnt aware that Norton had interfered at all, and wanted to re-install Launchbox.

 

[sundogak]

I saw that thread plus another where a Norton user missed the pop up. So agreed on this part, that it is easy enough for user to miss it or not read it, particularly if not expecting it (I did in the 11.5 betas initially).  Assuming user has not turned on silent mode, it will do a task bar pop up that stays up for ~20 seconds or so. The bigbox.dll one is actually a red popup since flags as high risk. If no user interaction (or click on details) the pop up will hide itself.  The quarantine history will show it as unresolved but as you noted, user is unlikely to open history window in AV software.

But like said above, LB never had issues 11.4 or prior and AV junk or not, these are brands that many may have on their PCs (XFinity in US gives Norton away "free", for example).  So will continue to be an annoyance for many if not resolved on LB side since most won't dump/change their AV program.

[Retro808]

1 hour ago, sundogak said:

But like said above, LB never had issues 11.4 or prior and AV junk or not, these are brands that many may have on their PCs (XFinity in US gives Norton away "free", for example).  So will continue to be an annoyance for many if not resolved on LB side since most won't dump/change their AV program.

LB has had this happen even prior to 11.4. LB’s and antivirus program false positives have occurred on different occasions for years. As far back as 2014.  Jason has for quite some time spoke of their issues.