XIV7.0.5 IInact 2.6.3.2 ESET Reports a variant of Win64/HackTool.RustRegion.B on FFXIV_ACT_Plugin.dll

[KiwiMonkeyUSA]

Just wondering if this is a false positive or not.

Normally, I know ACT can look like something malicious, however over the last months I've never had ACT, Dalamud, or IINACT report any kind of malicious activity, no matter how many times I updated the plugin. All of a sudden, with patch 7.0.5, I'm now getting ESET reports on the plugin.dll

Object;Detection;Action;Information;Hash;First seen here C:\Users\xxxx\AppData\Roaming\XIVLauncher\installedPlugins\IINACT\2.6.3.2\FFXIV_ACT_Plugin.dll;a variant of Win64/HackTool.RustRegion.B application;cleaned by deleting;Event occurred on a new file created by the application: D:\Games\Steam\steamapps\common\FINAL FANTASY XIV Online\game\ffxiv_dx11.exe

[Mercwri]

VirusTotal shows fine and the hash looks the same both before and after the update. https://www.virustotal.com/gui/file/b57f3e8b306e8c82504b6444ebf8b3425ff5b1b3f13905bf76261ed933d19588

[KiwiMonkeyUSA]

Okay. thanks for checking and confirming. Looks like ESET is just being super aggressive this week.