How To Tell If 'potentially Malicious Process' Is Actually Safe

Bitsmasher

Hello,

I just installed BDTS 2012 on a machine that I suspect may have been hacked. I previously used Avast & Malwarebytes. They detected a few infected items. I ran a full scan with BDTS right after installing and updating and it found 8 infected items.

After rebooting, the firewall has blocked some processes. I know what these processes are and I'm pretty sure I do need them, but I want to be sure they're safe before I click 'Allow' in the Firewall events page.

The processes are:

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPlicensingService.exe

Used by Acrobat pro 8.3

C:\Program Files\PowerISO\PWRISOVM.EXE

PowerISO program

C:\WINDOWS\system32\WDBtnMgr.exe

Western Digital Button Manager - helps with my external WD drive

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

Microsoft .net debugging

C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe

Asus ACPI service

The last one is the most important. Without it, I can't enable/disable my wifi card among other things. As it stands, I can't connect the machine to the internet because of this.

I have gone back and re-scanned each of these with BD and it said 'No Threat Found' for all of them.

How can I check the safety of these programs?

Thanks

Bitsmasher

I just sent all the files through virustotal.com and they all came up clean.

rootkit

Hi

Please pack those file(s) in archive with the password infected and send me a PM with it.

If the file is too big to attach it, upload it on

http://www.sendspace.com

or

http://www.mediafire.com

and send me a PM with the download link.

We will analyze the information you sent and then reply with a possible solution in the shortest time.

Have a nice day.