Solved

PC DM Files Legit or Malware???

Posted on 2010-08-16
7
968 Views
Last Modified: 2013-11-22
In the directory C:\Users\Public\Documents\PC DM Files:

There are hundreds of folders which present as some type of backup; however, I suspect malware.

The C: Drive is completely full from these files!

Please advise and include a removal tool suggestion.

Thanks Much!

0
Comment
Question by:kboles101
  • 3
  • 2
  • 2
7 Comments
 
LVL 7

Expert Comment

by:brettkm
Comment Utility
I would scan your computer with Malwarebytes' Anti-Malware.  It's probably worthwhile installing/updating the software in normal mode, reboot into safe mode, do a full scan, boot back into normal mode and do another full scan.
0
 
LVL 38

Expert Comment

by:younghv
Comment Utility
MBAM - is always a good starting point.
"Malwarebytes' Anti-Malware" (http://www.malwarebytes.org/mbam.php)

Please note that it is NOT to be run in Safe Mode - if your system will boot to Normal Mode.
From the MBAM Member Forum - a good discussion about how MBAM works and why "Normal Mode" is recommended:
http://www.malwarebytes.org/forums/index.php?showtopic=17334&st=0&p
0
 

Accepted Solution

by:
kboles101 earned 0 total points
Comment Utility
Yes...I am familiar and have used with MBAM; thanks both. It turned out to be a "riskware" program installed by the owner: DRPU PC Data Manager.   http://www.f-secure.com/sw-desc/monitoring-tool_w32_pcdm_a.shtml perhaps to monitor teens' activities. They were unaware the logging (over a million files in the span of 4 months) exhausted the hard drive space.
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 7

Expert Comment

by:brettkm
Comment Utility
younghv:  There's plenty of reasons in that forum you posted as to why it's a good idea to scan in safe mode.  As long as you DO do a scan in mormal mode you're fine.
0
 
LVL 38

Expert Comment

by:younghv
Comment Utility
brettkm,
Actually there isn't - as explained by one of the actual creators of MBAM (nosirrah).
Let's continue the conversation here: http://www.experts-exchange.com/Q_24860646.html
0
 
LVL 38

Expert Comment

by:younghv
Comment Utility
kboles101,
Glad you solved it.
Is there some kind of simple clean-up function within "DRPU..." or can you do a simple DOS delete command for that particular extension?

If you post the solution you use, one of your options for closing questions is to "Accept as Solution" your own comment.

Doing so will save the answer in our searchable database of "PAQ" (Previously Answered Questions).

Thanks
0
 

Author Comment

by:kboles101
Comment Utility
Closing comments / thoughts:

This program does appear to barley meet the definition of "legitimate" application and perhaps could have been removed using conventional methods. However, by the time I received the laptop, it was very crippled. Also, the stated purpose of the program is key and user activity logging...AKA spying. To ensure all traces of the spying application were removed, I opted for an HP F11 system restore from scratch.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now