Windows Defender started flagging the addinutil.exe file used by the installer.
Here is what appears in the Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational logs:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0
Name: Trojan:Win32/Fuery.B!cl
ID: 2147718514
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Users\passp\AppData\Local\Temp\Temp1_TestDriven.NET-4.3.0_Personal_RTM.zip\setup.exe;containerfile:_C:\Users\passp\AppData\Local\Temp\Temp2_TestDriven.NET-4.3.0_Extraterrestrial_RTM.zip\setup.exe;containerfile:_C:\Users\passp\AppData\Local\Temp\Temp3_TestDriven.NET-4.3.0_Enterprise_RTM.zip\setup.exe;containerfile:_C:\Users\passp\AppData\Local\Temp\Temp4_TestDriven.NET-4.3.0_Enterprise_RTM.zip\setup.exe;file:_C:\Users\passp\AppData\Local\Temp\addinutil.exe;file:_C:\Users\passp\AppData\Local\Temp\Temp1_TestDriven.NET-4.3.0_Personal_RTM.zip\setup.exe->[MSILRES:addinutil.exe];file:_C:\Users\passp\AppData\Local\Temp\Temp2_TestDriven.NET-4.3.0_Extraterrestrial_RTM.zip\setup.exe->[MSILRES:addinutil.exe];file:_C:\Users\passp\AppData\Local\Temp\Temp3_TestDriven.NET-4.3.0_Enterprise_RTM.zip\setup.exe->[MSILRES:addinutil.exe];file:_C:\Users\passp\AppData\Local\Temp\Temp4_TestDriven.NET-4.3.0_Enterprise_RTM.zip\setup.exe->[MSILRES:addinutil.exe]
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Downloads and attachments
User: DESKTOP-A4A4NCF\passp
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.269.272.0, AS: 1.269.272.0, NIS: 1.269.272.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4
Windows Defender started flagging the
addinutil.exefile used by the installer.Here is what appears in the
Applications and Services Logs > Microsoft > Windows > Windows Defender > Operationallogs: