I have no idea why, but Norton Mobile Security is now claiming various apps contain malware, despite the fact that these apps were just fine previously. These are not dubious apps, so I trust them, not Norton.
FollowMyHealth, Fing, Reddit, etc.
There is a problem with the malware engine or database!
I think we are basically on the same page.
The Background Data usage, along with the other warnings should probably not get a High rating. I'm not saying I agree with the severity that is assigned to the detections. There were some changes over the last couple of updates to the app that suddenly added these High ratings. Initially they did not even highlight what they were concerned about. At least they have addressed that issue and you can see what the App Advisor is warning about.
More options are also good, but with limited storage on a mobile device, there are sometimes trade offs between feature 'bloat' and storage use.
You can always make suggestions for the product in the Product Suggestions board https://community.norton.com/forums/product-suggestions
PeterWeb, I can't say that I disagree with you for the most, nor do I disagree, that the app is designed for the lowest denominator in users.
I guess we simply disagree on whether simplistic issues should be declared HIGH-RISK or not, or should be classified as informational statuses only.. Putting some accuracy into the product..
The fact that most users are just "Users" is exactly why there should be some accuracy in the warnings.. Maybe even a way to switch off some of the insignificant junk-warnings, more than merely blankly "Trusting" an app.
Such as "Don't tell me an app might use data.. I KNOW.."..
Again, splattering "You device is at risk" warning screens (still), and showing apps that do nothing wrong as "High Risk" in red letters across my phone, just because I installed a banking app that might use data when I start it, is in my opinion just silly..
And giving me no options other than "forever" declaring Trust for an app to turn these warnings off is also silly.
And talking to my bank/app-developer about "not requiring the permission to access the net"? You can see yourself that this is not possible. If they drop the permission to access the network, there IS no banking app. Its a required, absolute minimum function. :-)
Obviously, the "High-Risk" warning is not related to the required permissions (to access the net) by the app, but to some notion the Norton developers have, that this app might use more data than they'd like when I start it. Whatever that means.
GeekOne
Maybe your username says it all. You may be a 'geek' like me and look at and watch for anything out of the ordinary that could be untrustworthy, or malicious. But like the Norton line of PC products, they have to be designed for the lowest common denominator. Most users are just that. Users. They have no clue what may be bad for them or their devices. So some of these more aggressive detections and warnings are necessary to bring these things to their attention. You and I can over ride or bypass the warnings because we do know what is what. It is better for the less knowledgeable users to take the advice given by the warnings. At least until they can get some advice from someone more knowledgeable.
As for your banking app (or any other app you get unnecessary warnings for ) being flagged for data or battery use when it does not, maybe you can contact the bank and make your feelings known. Ask them to remove the permissions notations in GP that are not really required. This is what I have done for a couple of apps I was looking at.
That is exactly what I did, disable device Administrator and cleared all data and signed back into my Norton account, and so far have not received the erroneous malware warnings.
PeterWeb,
Going back to your first post
Claimed to be "High Risk", "Malware" and advised not to be installed.. Arggh.
Was this the App Advisor showing the High Risk while you were still in the Google Play app? Did it specifically say Malware? The app advisor does not scan for malware. That is why I ask.
Yes, the false "My Verizon" issue app is reported directly in the banner shown when in Google Play.. The banner says "High Risk", and when you tap on the banner, you get an almost full-screen message claiming "This app contains Malware. Installation is not recommended". While still in Google Play.
You are right, that changing some issue listings to be purely informative ("Potential Issue" as you call it could be a good name) would be good.. Thats what I meant with my type b) above.
On the Bank of America app.. It does not run unless I start it.. No auto-start. I check my process list quite frequently.
Hence listing a well-known banking application or any other app (like Wifi Analytics) with big red banners as "High Risk", for the normal function they do purely when I ASK them to run is just being the boy crying wolf, when the word "Risk", and even worse "High Risk" gets attached. High Risk to most people would mean "DO NOT INSTALL THIS JUNK".. To me, not so much. I know what that App does and still use it.
People with less understanding of the issues that I will follow Norton's assessments, because over long history (on PCs) they have been worth trusting.. But the Mobile Norton App developers, they are just being plum silly children. Over-reaching in their warnings to seem more important.
Now, if they had done some actual investigative work, and found that an app advertised to do X actually also did negative things Y and Z in the background (skimming information, tracking, malware, ..), THAT I would want to know. But listing an app as "High Risk" just because it might use battery or data when I ASK it to run and perform its normal/advertised function, thats just silly.
I have been in this game for a long time, and check permissions religiously. As well as checking my process lists to stop anything I don't want running. One of my pet peeves is the fact that way too many apps on mobile devices seem to think that they need to be running all the time, whether I want them to or not.. So I know what is running pretty much all the time and why.
By adding "Trust" to the app in NS, one has essentially shot oneself in the foot, should the app ever suddenly become an actual bad app. Google Play will forever (until untrusted) show its status as "Trusted" no matter how dangerous the app suddenly gets..
Not so. App advisor scans the permissions for an app while in Google Play. So if the app asks for new permissions, Norton will inform you so you can again decide if you are OK with the new permissions being asked for. I have personally seen this for a VPN app I had previously trusted. An update was available, and when I went to GP to get the update, Norton's App Advisor noted the new 'risk'.
I can't say whether NS MIGHT at times change its banner in Google Play based on things that are easy to detect, such as permissions changes. BUT, I know that once Trusted in NS, I have never seen anything but a green Trusted banner across apps when I update them.. Including that I cannot remember that banner ever changing away from Trusted, even when they added features requesting more access. Permission changes are too easy, BTW.. I am already being told about those from Google Play.. What is important is whether a new ACTUAL risks with an App would take priority over the green Trusted banner NS shows in Google Play. Letting me know that this app added some negative behavior since I last installed it.. I have never seen such a banner change.
The only time I have seen it change away from "Trusted" was yesterday, when I manually Untrusted the BoFA App in NS, to see it change from "Trusted" to suddenly "High Risk" because it might use data when it runs. 
D Evans
Thanks for checking out the different combinations. I guess I was unable to get the same results as I did not have Fing installed when the NMS update came through.
I was focusing on the malware definitions. Maybe there was some other update that messed things up.
Ran more testing on backup phone... disabled device administrator and cleared all data for Norton Mobile Security did the trick. After restarting and re-scanning, Fing (still installed) no longer seen as malware. Reset device admin on both phones & rebooted, rescanned, still no malware detection on Fing.
DE
Did a force stop on Fing and cleared all it's data & cache, uninstalled, reinstalled from Play Store... Fing still reported as malware by Norton Mobile Security.
Left Fing installed, repeated reinstall process on Norton Mobile Security (including deleting the phone's Norton license and reinstalling from scratch), ran live update and re-scanned phone, no longer detecting Fing as malware. Ran scan including SD card... still no malware or app issues detected. Ran reinstall of Fing again... no malware alert. Ran Norton scan again... no malware alerts.
DE
C.B.
Some users have found that manually running LiveUpdate again may solve the issue. Others have found that reinstalling the detected apps is a work around that worked. Let us know if either of these helps in your case.
Apps incorrectly identified as malware across three different devices from three different carriers. Norton Mobile Security Version 3.15.0.3134
This began after the September 1st LiveUpdate was installed.
D Evans:Ran LiveUpdate, Norton Mobile Security Virus Definitions version 20160902009 is downloaded, scan then ran, and Fing was flagged as malware again. Screen shots attached in Zip.
I just installed Fing. Firstly, the App Advisor flagged the app as high risk, showing it sends a list of running apps somewhere, and it prompts to install other apps. I installed anyway, and the malware scan did not show any malware, as your images show. Maybe you have a different version of Fing than what I just installed. I would suggest uninstalling the app, then restart your device. Then if you really want to look at it again, have a look at what Norton's App Advisor is reporting, and see what it is reporting as the issues. If you are OK with letting the app do these things, then you can install the app again. Then run a scan to see if it is detected as malware again.
GeekOne
The ratings/reporting system for apps needs to change, if they want to be taken seriously. I appreciate being given detailed information about the side-effects of an app, but there should be two separate rating schemes then.
a) An actual "Risk" rating that reports on real malware type things. Things that are actually unadvertised and risky to me.
b) An information or "app type" rating, that simply tell me potential side-effects. Side-effects that are NOT real RISKS (does not make the app a bad app), but simply things to be aware of.
Norton Mobile Security does this now. For 'a' above, the malware scanner in the app detects malware when it scans your device. For 'b' above, this is what App Advisor function of NMS does as it scans the permissions for an app while in the Google Play store. The app is not yet on your device for this scan. The word Risk in the App Advisor may be what is upsetting you.
PeterWeb, A "risk" to me, is when an App might do something negative to me, that is not already anticipated based on its advertised functionality.
Maybe you read through all the additional info on Google Play, including all the permissions required by the app. But many users probably do not. So they would not be aware that the app might use all their battery from background use. And this battery use issue may be something negative to other users.
Maybe this is a semantics issue. Would you be happier if it was worded 'a Possible Issue' with the app? (and no, I am not an employee, and I cannot make that happen).
Going back to your first post
Claimed to be "High Risk", "Malware" and advised not to be installed.. Arggh.
Was this the App Advisor showing the High Risk while you were still in the Google Play app? Did it specifically say Malware? The app advisor does not scan for malware. That is why I ask.
By adding "Trust" to the app in NS, one has essentially shot oneself in the foot, should the app ever suddenly become an actual bad app. Google Play will forever (until untrusted) show its status as "Trusted" no matter how dangerous the app suddenly gets..
Not so. App advisor scans the permissions for an app while in Google Play. So if the app asks for new permissions, Norton will inform you so you can again decide if you are OK with the new permissions being asked for. I have personally seen this for a VPN app I had previously trusted. An update was available, and when I went to GP to get the update, Norton's App Advisor noted the new 'risk'.
Bank of Americas banking app.. Currently still claimed by NS as "High Risk" in a big red banner. Why? Because of background data usage only. No other "dangers".
BUT...It runs ONLY when asked to and manually started (when I need it)? I am sorry, but an app using data WHEN I ASK IT TO is not a "High Risk" item to anyone. In no way, shape, or form.
Some apps use push tech to send notices or updates. Are you sure this app does not do this? This could use up valuable data that you are not aware of. The point is that the app reports in GP that it can use data in the background. Norton just reports this so you can choose whether or not to use that app. As you note, the risk has nothing to do with malware.
If you are vigilant about reading all the permissions asked by apps in GP, you can always turn off the App advisor feature, and take on the responsibility yourself.
Ran LiveUpdate, Norton Mobile Security Virus Definitions version 20160902009 is downloaded, scan then ran, and Fing was flagged as malware again. Screen shots attached in Zip.
PeterWeb, A "risk" to me, is when an App might do something negative to me, that is not already anticipated based on its advertised functionality.. (Steal my data, run when I do not ask it to and use up my bandwidth, install a virus, other malware, ...)
BUT... Take for example an app like "Wi-Fi Analytics".
App Advisor keep telling me, that "Your Device is at risk", and lists this app as the reason for the whining (because I havent added "Trust"). Why is NS complaining? Well, when looking at the App profile in App Advisor, it claims:
Data is safe, No ads, low data usage, BUT "Medium background Battery Usage"..
Battery usage a "Medium security Risk" for an app that ONLY runs when you start it yourself (not running in the background at all unless you started it manually and did not stop it again)??
Norton Mobile ratings are severely like the boy crying wolf and will eventually make people ignore both the good and the bad warnings..
And then what can you do about it, if you still want the app?
Your only option to stop NS's whining is to either remove/not install the app or list is as "Trusted".. Which as far as I can see will leave it trusted forever. Meaning, that if I later install an upgrade to that app that add an ACTUAL risk to an existing app (like if Wi-Fi Analytics suddenly started collecting my information and sending it offshore), it is now listed as a Trusted App (even on the NS banner when I am in Google Play) and I will never be warned. By adding "Trust" to the app in NS, one has essentially shot oneself in the foot, should the app ever suddenly become an actual bad app. Google Play will forever (until untrusted) show its status as "Trusted" no matter how dangerous the app suddenly gets..
The ratings/reporting system for apps needs to change, if they want to be taken seriously. I appreciate being given detailed information about the side-effects of an app, but there should be two separate rating schemes then.
a) An actual "Risk" rating that reports on real malware type things. Things that are actually unadvertised and risky to me.
b) An information or "app type" rating, that simply tell me potential side-effects. Side-effects that are NOT real RISKS (does not make the app a bad app), but simply things to be aware of.
In the latter category falls such things as Wifi analyzer apps for example, which because of their access to the network might use more battery than usual, but are surely not doing anything other than what I installed them to do. For real sure not bad enough to be classified as a "Medium Risk" to me just because of using battery, and have NS constantly tell me that my device is at risk. Forcing me to go into NS manually to figure out what its complaining about.
Other examples of apps I over time have had to Trust in NS, to stop its whining.
Bank of Americas banking app.. Currently still claimed by NS as "High Risk" in a big red banner. Why? Because of background data usage only. No other "dangers".
BUT...It runs ONLY when asked to and manually started (when I need it)? I am sorry, but an app using data WHEN I ASK IT TO is not a "High Risk" item to anyone. In no way, shape, or form.
DropBox, Accuweather Platinum, and Facebook as other examples used to be claimed as risks and I had to "Trust" them in NS to stop the complaining, but I just found out that they apparently later got de-listed and no longer need "Trust" in NS.
They were still listed in both NS and Google Play as "Trusted" (because I once made them trusted), but after I just untrusted them in NS they now suddenly show in Google Play as "No Risk", rather than merely "Trusted".
Of all the apps I trust the least (by principle) Facebook is sure one of them.. :-)
But it is now magically changed to a "No Risk" app in NS' mind (probably caused too many support calls), despite it claiming enough permissions to pretty much OWN my device. It should be paying rent.. :-)
And, BTW.. As opposed to the Bank of America App, Facebook really does have a large and constant background data usage, and does NOT stop running unless I manually KILL it.. It otherwise keeps running in the background and sucking data 24x7, and yet is declared "No Risk" for its data usage
Diego231:FanFiction.Net v4.5.3 app is also flagged as malware on Google Play which is very strange.
I just tried installing this app and had no notifications. Can you check your Activity Log and look for the last time LiveUpdate was run. Tap on the 3 bars at top left of NMS screen, and tap on Activity Log. Within that group of log entries look for Norton Mobile Security Virus Definitions version 20160902009. If you do not see that version, please run LiveUpdate manually and then scan your device again to see if your app is still detected. Again tap on 3 bars, and then tap on App Settings and scroll to the bottom and tap Run LiveUpdate.
This LiveUpdate information should be checked by all users seeing these problems with their apps.
GeekOne
It seems that some of the "risk" level warnings on apps are largely made up to make sure that issues are detected, even when there should be none to report.
If you are referring to the App Advisor warnings, you need to look at the report for the app to see what might be a problem from the issues reported on. ie High background data use could be an issue for someone with limited data plan. So the user then has to decide if they are willing to accept the permissions required by the app.
I too believe that some of the App Advisor warnings are a little exaggerated.
FanFiction.Net v4.5.3 app is also flagged as malware on Google Play which is very strange.
Just had this same issue with the latest update to the "My Verizon" app.. An app with "only" 55 Mill downloads, and pretty much a given presence on all Verizon phones... Claimed to be "High Risk", "Malware" and advised not to be installed.. Arggh.
On a second note, I have been using many versions of AntiVirus, Internet Security, and now the latest Norton Security on both PCs and phones for several decades, and have traditionally always trusted the Norton Software.. But the Mobile version is increasing starting to annoy me, not just for this latest issue, which is an obvious false positive, but for its overall classifications of what "Risk" means.. It seems that some of the "risk" level warnings on apps are largely made up to make sure that issues are detected, even when there should be none to report. To look effective. Unfortunately without providing any explanation of the findings allowing the user to make intelligent choices.
If the PC version reported "risk" the same way the Mobile version does, almost all my apps on the PC would end up classified as risky. If for nothing else for accessing the Internet and using data.
I have asked Norton to check into this. It appears the latest Liveupdate malware definitions may have a problem.