SeoTools for Excel\SeoToolsMaster64_packed.xll MSIL/TrojanDropper.Agent.FGU@TYPE=Trojan@SUSP=mod"

[Bill_Pacific 1]

Hello All,
I am posting this here as I am not able to post in the false positive area.
My SEO team contacted me today and had this removed from their systems by ESET Endpoint Antivirus 8.1 with the latest VSDB.
I am wanting to exclude this from detection as I believe this is a false positive, I also know that the nature of this software is a bit odd so I can see why it was detected. Need to know if this is a false positive or not. I have 10 SEOs who are not able to do some work due to this.

Detection Log below
Dir: C:\Users\user.name\AppData\Local\ESET\ESET Security\Quarantine\
0CA732EA2C31D33CDC96B4E39E814EA7249136F7.NDF    "C:\Program Files (x86)\SeoTools for Excel\SeoToolsMaster64_packed.xll"    "@NAME=MSIL/TrojanDropper.Agent.FGU@TYPE=Trojan@SUSP=mod"    27.08.2021    792576 bytes

Also detecting in WebAccess
 

Hash

B34B273B4F3BD8E6EEF03FB51FF69EF978C149AB

 

Name

MSIL/TrojanDropper.Agent.FGU

Detection Type

Trojan

Object type

file

Uniform Resource Identifier (URI)

https://releases.seotoolsforexcel.com/SeoTools_v9.7.0.1_20210727.zip

Process name

C:\Program Files\Google\Chrome\Application\chrome.exe

 

Scan

Scanner

HTTP filter

Detection engine version

23865 (20210827)

Current engine version

23865 (20210827)

[itman 1,659]

Based on VirusTotal detection: https://www.virustotal.com/gui/file/dd7854b16b415a773ff4ce389660d47bf8d7d5fa408c9c5606faffc5cb7c9af6/detection , four AV products detect it including Eset.

Note that a month ago, only two of these products detected and Eset was not one of them. So this is a fairly new detection by Eset. As such, I would say Eset's detection is correct.

Edited August 27, 2021 by itman

[Marcos 5,074]

It was confirmed to be a false positive. The detection has been removed.

[Bill_Pacific 1]

Thank you Marcos!