False positive in Windows mail app?

[TzonZ 0]

Hello, 

About once a month for the last 3 months I get a detection that seems to me as a false positive, since I cannot explain in any other way how it happens. It occurs either during system scan or when opening the Windows Mail app in Windows 10. The log file from one of this cases is shown bellow. What should I do about it? How can I submit the suspicious file for further analysis?

Thank you, 

John

<?xml version="1.0" encoding="utf-8" ?>
<ESET>
  <LOG>
    <RECORD>
      <COLUMN NAME="Time">13/6/2018 5:33:46 μμ</COLUMN>
      <COLUMN NAME="Scanner">Real-time file system protection</COLUMN>
      <COLUMN NAME="Object type">file</COLUMN>
      <COLUMN NAME="Object">C:\Users\johnz\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\LoginEmail[4690].pdf</COLUMN>
      <COLUMN NAME="Threat">PDF/Phishing.A.Gen trojan</COLUMN>
      <COLUMN NAME="Action">cleaned by deleting</COLUMN>
      <COLUMN NAME="User">JOHN-TURBOX\johnz</COLUMN>
      <COLUMN NAME="Information">Event occurred on a new file created by the application: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe (2BB0982898E59FE501C7EF2D85872FF2EFC16F2D).</COLUMN>
      <COLUMN NAME="Hash">2E70DF5E3D428D710C13738F494E32159E4C53F6</COLUMN>
      <COLUMN NAME="First seen here">13/6/2018 5:33:30 μμ</COLUMN>
    </RECORD>
 </LOG>
</ESET>

 

[itman 1,739]

Does the Eset alert occur as a result of you opening an e-mail that requests you enter your logon credentials to download a file from a file sharing web site or view/download a file from elsewhere?

[Marcos 5,228]

It's clearly a phishing:

[galaxy 11]

That's it;-)

[TzonZ 0]

Hi Marcos

Yes, I did get this email. I get quite a few similar phishing emails. 

I didn't know though that the detection of a phishing email looked like this, so I thought it was a file of the application itself being detected. 

Thank you, 

John