TrojanDownloader:O97M/Emotet!pz

[ITAl 0]

On 9/15/23, Windows Defender detected Emotet!pz on two different Excel spreadsheets on two complete separate computers/networks. At the time, neither workstation had Eset NOD32 installed.  After installing NOD32 and restoring the one of the flagged files, Eset found no infection in suspected file and the entire workstation scanned clean.

I suspect this is a false positive from Windows Defender?  Anyone else experience this?

I've used Eset for many years and trust its protection.

Thank you!
Al
 

[Marcos 4,841]

Please check the file at https://www.virustotal.com and post a link to scan results here.

[ITAl 0]

2 minutes ago, Marcos said:

Please check the file at www.virustotal.com and post a link to scan results here.

I'd love to Marcos, but they contain personal information.
Thank you!

[Marcos 4,841]

If you create a copy and remove all personal information is it still detected?

[ITAl 0]

23 minutes ago, Marcos said:

If you create a copy and remove all personal information is it still detected?

If it really is infected, is it wise to open the file, activating the malicious code?

[Marcos 4,841]

Please compress the file, encrypt it with the password "infected" and supply it to me via a private message. You can also send it to samples[at]eset.com.

[ITAl 0]

29 minutes ago, Marcos said:

Please compress the file, encrypt it with the password "infected" and supply it to me via a private message. You can also send it to samples[at]eset.com.

Please check your PMs.  FYI - it's not password protected.   Thank you!

[Marcos 4,841]

We confirm it's a false positive by Microsoft.

[ITAl 0]

8 minutes ago, Marcos said:

We confirm it's a false positive by Microsoft.

THANK YOU!  I surprised others haven't run in this.