How To Tell If 'potentially Malicious Process' Is Actually Safe

Bitsmasher
edited November 2011 in Firewall

Hello,


I just installed BDTS 2012 on a machine that I suspect may have been hacked. I previously used Avast & Malwarebytes. They detected a few infected items. I ran a full scan with BDTS right after installing and updating and it found 8 infected items.


After rebooting, the firewall has blocked some processes. I know what these processes are and I'm pretty sure I do need them, but I want to be sure they're safe before I click 'Allow' in the Firewall events page.


The processes are:


C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPlicensingService.exe


Used by Acrobat pro 8.3


C:\Program Files\PowerISO\PWRISOVM.EXE


PowerISO program


C:\WINDOWS\system32\WDBtnMgr.exe


Western Digital Button Manager - helps with my external WD drive


C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


Microsoft .net debugging


C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe


Asus ACPI service


The last one is the most important. Without it, I can't enable/disable my wifi card among other things. As it stands, I can't connect the machine to the internet because of this.


I have gone back and re-scanned each of these with BD and it said 'No Threat Found' for all of them.


How can I check the safety of these programs?


Thanks

Comments

  • I just sent all the files through virustotal.com and they all came up clean.

  • Hi :)


    Please pack those file(s) in archive with the password infected and send me a PM with it.


    If the file is too big to attach it, upload it on


    http://www.sendspace.com


    or


    http://www.mediafire.com


    and send me a PM with the download link.


    We will analyze the information you sent and then reply with a possible solution in the shortest time.


    Have a nice day.