Hi,

I was just doing a routine scan of my system and it reported the following as a rootkit

C:\ProgramFiles\WindowsApps\microsoft.windowscommunicationapps_17.6868.41141.0_x64_8wekyb3d8bbwe\HxTsr.exe

Is this a false positive?
What should I do?

Test the file at VT (https://www.virustotal.com) and post the link to the result here.

Hi,

I can’t seem to do that as I can’t access WindowsApps even though I am the admin.

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253

Hi,

Here are the following logs.

Thanks

Addition.txt from FRST is missing.

Sorry missed that one.

OK, now you’ve to wait a bit…

I would classify that as a false positive as it is a windows file for MS outlook, I have see reference on the Panda forum that an update to office will fix the problem

So a few more bits of information. Despite no action being taken (I don’t have permission to write to the directory it is in) avast no longer reports any viruses found when scanning. I also have not installed Microsoft office - although I think some lite version may come with Windows 10.

In that case I would suspect Avast has been updated to remove it as a threat

http://windows.microsoft.com/en-us/windows-8/communications-app-privacy
https://forums.malwarebytes.org/topic/180039-hxtsrexe-false-positive/

One of the threads on the Panda Webboard about it :
http://support.pandasecurity.com/forum/viewtopic.php?f=96&t=5507

I can't seem to do that as I can't access WindowsApps even though I am the admin.