Symantec Mobility: Suite administrators may issue device policies that specifically prohibit device access to corporate resources when the device is non-compliant with the policy settings. In cases where the policy is using status information from a Norton Mobile Security client residing on the Android device, a known-good app may be flagged as being malware- a condition referred to as a false positive.
To remediate the malware threat, delete the malware app from the device. The app must be deleted by the user; Symantec Mobility administrators cannot delete apps from Android devices remotely.
However, this action may not desirable. For instance, the app may be important to the user or to the enterprise. In such cases, the Symantec Mobility administrator should submit a false-positive report to Symantec. This report is called a "Mobile Application Rating Dispute Submission".
When the detection occurred: Choose the selection: "During a scheduled scan or during a scan I requested"
Product being used: Choose the selection: "Norton Mobile Security (any version)"
On the last page of the submission form, provide the required information:
Name of person to contact
Whether you are the creator or distributor of the app
The name and web site of the company making the app
The name and version of the app
App download URL
Description of the app
The reason for submitting the form
Optionally, provide the MD5 or SHA256 hash of the app in question (instructions for obtaining the hash are provided on the form).
If you are the creator or a distributor of the app, you also have the option to provide information about your app-code signatory (the issuer and subject).
Symantec typically responds within 24-48 hours.
If a device policy is set to block access to email servers or secured apps in Mobility Suite, a minimum 12 hour lockout takes effect when malware is detected on the device. This is the shortest interval between device scans by Norton Mobile Security.