Solved

PC DM Files Legit or Malware???

Posted on 2010-08-16
7
1,005 Views
Last Modified: 2013-11-22
In the directory C:\Users\Public\Documents\PC DM Files:

There are hundreds of folders which present as some type of backup; however, I suspect malware.

The C: Drive is completely full from these files!

Please advise and include a removal tool suggestion.

Thanks Much!

0
Comment
Question by:kboles101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 7

Expert Comment

by:brettkm
ID: 33451418
I would scan your computer with Malwarebytes' Anti-Malware.  It's probably worthwhile installing/updating the software in normal mode, reboot into safe mode, do a full scan, boot back into normal mode and do another full scan.
0
 
LVL 38

Expert Comment

by:younghv
ID: 33453190
MBAM - is always a good starting point.
"Malwarebytes' Anti-Malware" (http://www.malwarebytes.org/mbam.php)

Please note that it is NOT to be run in Safe Mode - if your system will boot to Normal Mode.
From the MBAM Member Forum - a good discussion about how MBAM works and why "Normal Mode" is recommended:
http://www.malwarebytes.org/forums/index.php?showtopic=17334&st=0&p 
0
 

Accepted Solution

by:
kboles101 earned 0 total points
ID: 33453526
Yes...I am familiar and have used with MBAM; thanks both. It turned out to be a "riskware" program installed by the owner: DRPU PC Data Manager.   http://www.f-secure.com/sw-desc/monitoring-tool_w32_pcdm_a.shtml perhaps to monitor teens' activities. They were unaware the logging (over a million files in the span of 4 months) exhausted the hard drive space.
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 7

Expert Comment

by:brettkm
ID: 33453561
younghv:  There's plenty of reasons in that forum you posted as to why it's a good idea to scan in safe mode.  As long as you DO do a scan in mormal mode you're fine.
0
 
LVL 38

Expert Comment

by:younghv
ID: 33454021
brettkm,
Actually there isn't - as explained by one of the actual creators of MBAM (nosirrah).
Let's continue the conversation here: http://www.experts-exchange.com/Q_24860646.html
0
 
LVL 38

Expert Comment

by:younghv
ID: 33454049
kboles101,
Glad you solved it.
Is there some kind of simple clean-up function within "DRPU..." or can you do a simple DOS delete command for that particular extension?

If you post the solution you use, one of your options for closing questions is to "Accept as Solution" your own comment.

Doing so will save the answer in our searchable database of "PAQ" (Previously Answered Questions).

Thanks
0
 

Author Comment

by:kboles101
ID: 33534471
Closing comments / thoughts:

This program does appear to barley meet the definition of "legitimate" application and perhaps could have been removed using conventional methods. However, by the time I received the laptop, it was very crippled. Also, the stated purpose of the program is key and user activity logging...AKA spying. To ensure all traces of the spying application were removed, I opted for an HP F11 system restore from scratch.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Best practices power settings GPO Win 10 4 124
extended monitor print screen 8 107
is this a virus? 3 112
Evaluating Enterprise Antivirus solutions 2 80
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question