• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

I don't know if this is a virus or keylogger, it's called gamemon.des

Norton found malware on my computer earlier today after I had updated it which is something that had been on there for almost a year and a half now that was for a sorting mod orders for games so I'm just leaving it be (which might have been false positive), real problem I think is the gameon.des which I googled and I guess from the stuff I read is a keylogger and not sure, so I post the Norton submissions below for both thing's.

There was a lot of stuff from Norton community watch which all looked normal, other then these things from what I can tell.

I have windows 10 if that is needed.

Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details
3/17/2017 5:06:06 PM,Info,Statistical Submission: gamemon.des,Pending,No Action Required,3/17/2017 5:06:06 PM,Norton Security,Statistical Submission: gamemon.des,"CSIDL_SYSTEMX86\gamemon.des  <br>Detection Digest:  <br>03 00 EA AF 0F 01 00 05 00 00 00 00 00 00 00 00 ................  <br>00 00 00 00 00 00 00 00 00 00 00 00 00 02 04 00 ................  <br>B2 22 FD FF 04 03 00 00 00 00 03 06 00 01 02 04 .\"..............  <br>14 03 00 05 39 00 43 3A 5C 50 72 6F 67 72 61 6D ....9.C:\Program  <br>20 46 69 6C 65 73 20 28 78 38 36 29 5C 4D 61 6C  Files (x86)\Mal  <br>77 61 72 65 62 79 74 65 73 20 41 6E 74 69 2D 4D warebytes Anti-M  <br>61 6C 77 61 72 65 5C 6D 62 61 6D 2E 65 78 65 06 alware\mbam.exe.  <br>4D 00 08 01 12 04 00 00 00 00 1A 04 00 00 00 00 M...............  <br>22 08 00 00 00 00 00 00 00 00 2A 08 00 00 00 00 \".........*.....  <br>00 00 00 00 32 27 06 20 20 4E 6C D5 16 B7 8E 39 ....2'.  Nl....9  <br>DA 26 D6 30 67 04 22 18 C5 E4 3F 87 3D EA 39 1A .&.0g.\"...?.=.9.  <br>DC F1 B9 99 0C 42 B3 50 DB 79 FB FF FF 3A 00    .....B.P.y...:.   <br>"

Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
3/17/2017 4:29:01 PM,High,uninstall.exe (Heur.AdvML.C) detected by Auto-Protect,Quarantined,Resolved - No Action Required,d:\boss\uninstall.exe

Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details
3/17/2017 4:28:34 PM,Info,Statistical Submission: Heur.AdvML.C,Pending,No Action Required,3/17/2017 4:28:34 PM,Norton Security,Statistical Submission: Heur.AdvML.C,"CSIDL_DRIVE_FIXED\boss\uninstall.exeDetection Digest:  <br>03 00 EA AF 0F 01 00 04 00 00 00 00 00 00 00 00 ................  <br>00 00 00 00 00 00 00 00 00 00 00 00 00 04 03 00 ................  <br>00 00 00 03 06 00 01 02 04 14 03 00 05 27 00 43 .............'.C  <br>3A 5C 57 69 6E 64 6F 77 73 5C 53 79 73 74 65 6D :\Windows\System  <br>33 32 5C 43 6F 6D 70 61 74 54 65 6C 52 75 6E 6E 32\CompatTelRunn  <br>65 72 2E 65 78 65 06 4D 00 08 01 12 04 00 00 00 er.exe.M........  <br>00 1A 04 00 00 00 00 22 08 00 00 00 00 00 00 00 .......\"........  <br>00 2A 08 00 00 00 00 00 00 00 00 32 27 06 20 20 .*.........2'.    <br>2E 9C 4C FB 8B 5F 15 B9 A1 A1 65 1E 47 D4 00 73 ..L.._....e.G..s  <br>90 45 CF 2E D7 4A 1C 46 2B 69 1F 57 79 82 D0 32 .E...J.F+i.Wy..2  <br>5B F7 FF FF 3A 00                               [...:.            <br>"

Replies

Kudos0

Re: I don't know if this is a virus or keylogger, it's called gamemon.des

If you can find the files on your computer, start by submitting them to   www.virustotal.com

If they come back clean from there, you can report false positive indications here https://submit.symantec.com/false_positive/

Things happen. Export/Backup your Norton Password Manager data.
Kudos0

Re: I don't know if this is a virus or keylogger, it's called gamemon.des

I uploaded the gamemon.des to virus total came up 0/61 so I guess it's nothing and I'm just worrying cause of the virus I had prior, it was in windows (c) SysWOW64, so I think I might just be too paranoid from looking at the history logs.

Kudos0

Re: I don't know if this is a virus or keylogger, it's called gamemon.des

FWIW ~ VirusTotal makes use of the green circle with white tick mark to indicate that the given file was not detected in any way by the antivirus under consideration. We do not use the word "clean" or "innocuous" because antivirus solutions do not tell you whether a file is goodware, they just flag maliciousness.


0 out of 61 do not see the file as harmless but this doesn't imply the file is harmless or clean. It just mean it wasn't detected.

Kudos0

Re: I don't know if this is a virus or keylogger, it's called gamemon.des

my whole norton history is filled with 25 pages ( under norton community watch) today of Heur.AdvML.C and all of it is pending it's statistical submissions though all of it says exonerated I think, but there is multiple copies of other things being sent as well, should I be worried?

This started happening yesterday after norton updated and started sending stuff from my D drive, also there was a windows update, I don't know if it's just repeating the same thing over trying to send it or what.

Accepted Solution
Kudos0

Re: I don't know if this is a virus or keylogger, it's called gamemon.des

No need to worry. Your Norton product has logged some files it is looking to report on. It could be data for the Download Insight where you see the number of Norton users that have downloaded a given file. Now it is getting ready to report what it found. As time goes by, these submissions should be transmitted to Norton for further analysis.

Things happen. Export/Backup your Norton Password Manager data.

This thread is closed from further comment. Please visit the forum to start a new thread.