Jump to content

False Positive (?) in Windows 10 Mail & Agenda app


Recommended Posts

Greetings,

There was a false (?) positive in my Windows 10 Mail & Agenda program/app. ( HxMail.exe )

Threat name: Malware.Ransom.Agent.Generic.

I had to reboot and the file was placed in quarantine, however now I can’t open the Mail (or the Agenda) program/app anymore.

I get a message that can’t restore from quarantine due to an error and I was advised to contact you here.

Please find below a screenshot of the quarantine and the requested zip files.

Thank you for any help.

HxMailExe.jpg

Malwarebytes Anti-Ransomware.zip

MBAMSERVICE.zip

Link to post
Share on other sites

Reference: https://www.virustotal.com/en/file/3CAFDF30FAD10C9B8608E2D6F0F95F408B3A959466734584ED3B98EBDB54DEE4/analysis/ Unsigned

   C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxMail.exe

Hello paradoxius and :welcome:

Since yesterday, Tuesday evening, 09-May-2016, has a Windows System Restore Point (SRP), system backup, or system/partition image been generated for the computer in question?

Thank you.

 

Link to post
Share on other sites

I am glad it is not a real threat, thank you for the link with the report, big relief. I was drawn to this program by a news post and am seriously thinking of switching to your products when this is released, kudo's to all, meanwhile glad to help as a test-subject.

Have turned the protection off, copied and pasted the line in your post in the exclusion list, it said file not found, turned program back on for now.

Tried to find if there were any recent SRP points or system back ups made by Windows due to updates itself but can't find location, have only used an external backup program for a system back up in March.

Thanks

 

 

Link to post
Share on other sites

Hello paradoxius:

Please try the following procedure to restore HxMail.exe:

  1. Please restart the Windows Operating System to Normal boot mode.
  2. Please enter the following commands, one at a time, from an Elevated Command Prompt:

  3.      DISM.exe /Online /Cleanup-image /ScanHealth

         DISM.exe /Online /Cleanup-image /RestoreHealth


  4. Upon normal completion of the above commands, please restart the system to Normal boot mode.



Please confirm the restoration of the missing HxMail.exe file at:

     C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxMail.exe

Please reply to your topic with the status of your system.

Thank you for beta testing MBARW Beta6 and your valuable feedback.

Link to post
Share on other sites

 

Hello 1PW,

I feel rather stupid, am not a programmer, just a normal computer user with limited knowledge. In windows 10 I can not find any advise in help regarding which program or key combination to use to insert your quote’s, no idea what to use or what an elevated command prompt means :huh:

If possible could you please give me guidance or a step by step thingy how to get there?

System info: windows 10 home version 1511 / 10586.318

Intel Core i7 - 6700 CPU @ 3.40 Ghz / 16 GB RAM / 64 bits  

Thank you.

 

Link to post
Share on other sites

Hello paradoxius:

If you wish to use a quote box, in a reply on this forum, the sixth symbol from the left at the top of the reply box will open a quote field.

The following will afford numerous methods for opening an elevated command prompt box in Windows 10: How to Open an Elevated Command Prompt in Windows 10

Thank you.

 

Link to post
Share on other sites

Thanks a lot :) I have run both commands succesfully as admin (see screenshot) restarted the system and did a search by copy/paste the line above, negative search result, no match. Hope this helps. The system did an update yesterday when I closed off, don't know if thats is important.

scanhealth.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.