Solved

PC DM Files Legit or Malware???

Posted on 2010-08-16
7
997 Views
Last Modified: 2013-11-22
In the directory C:\Users\Public\Documents\PC DM Files:

There are hundreds of folders which present as some type of backup; however, I suspect malware.

The C: Drive is completely full from these files!

Please advise and include a removal tool suggestion.

Thanks Much!

0
Comment
Question by:kboles101
  • 3
  • 2
  • 2
7 Comments
 
LVL 7

Expert Comment

by:brettkm
ID: 33451418
I would scan your computer with Malwarebytes' Anti-Malware.  It's probably worthwhile installing/updating the software in normal mode, reboot into safe mode, do a full scan, boot back into normal mode and do another full scan.
0
 
LVL 38

Expert Comment

by:younghv
ID: 33453190
MBAM - is always a good starting point.
"Malwarebytes' Anti-Malware" (http://www.malwarebytes.org/mbam.php)

Please note that it is NOT to be run in Safe Mode - if your system will boot to Normal Mode.
From the MBAM Member Forum - a good discussion about how MBAM works and why "Normal Mode" is recommended:
http://www.malwarebytes.org/forums/index.php?showtopic=17334&st=0&p 
0
 

Accepted Solution

by:
kboles101 earned 0 total points
ID: 33453526
Yes...I am familiar and have used with MBAM; thanks both. It turned out to be a "riskware" program installed by the owner: DRPU PC Data Manager.   http://www.f-secure.com/sw-desc/monitoring-tool_w32_pcdm_a.shtml perhaps to monitor teens' activities. They were unaware the logging (over a million files in the span of 4 months) exhausted the hard drive space.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 7

Expert Comment

by:brettkm
ID: 33453561
younghv:  There's plenty of reasons in that forum you posted as to why it's a good idea to scan in safe mode.  As long as you DO do a scan in mormal mode you're fine.
0
 
LVL 38

Expert Comment

by:younghv
ID: 33454021
brettkm,
Actually there isn't - as explained by one of the actual creators of MBAM (nosirrah).
Let's continue the conversation here: http://www.experts-exchange.com/Q_24860646.html
0
 
LVL 38

Expert Comment

by:younghv
ID: 33454049
kboles101,
Glad you solved it.
Is there some kind of simple clean-up function within "DRPU..." or can you do a simple DOS delete command for that particular extension?

If you post the solution you use, one of your options for closing questions is to "Accept as Solution" your own comment.

Doing so will save the answer in our searchable database of "PAQ" (Previously Answered Questions).

Thanks
0
 

Author Comment

by:kboles101
ID: 33534471
Closing comments / thoughts:

This program does appear to barley meet the definition of "legitimate" application and perhaps could have been removed using conventional methods. However, by the time I received the laptop, it was very crippled. Also, the stated purpose of the program is key and user activity logging...AKA spying. To ensure all traces of the spying application were removed, I opted for an HP F11 system restore from scratch.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Malware seems to be getting smarter and smarter. If you are having trouble being able to launch your malware removal tools such as (and recommended): MalwareBytes, HiJackThis, ComboFix, etc. you can try some of the workarounds listed below. 1. Ma…
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question