My software is a .NET application. The original .exe compiled with Visual Studio works fine and Microsoft Defender has nothing to say about it or any of the dependencies.
I made an installer with INNO Setup, that has been working fine until now, on a bunch of different machines.
The installer deploys my two .exe (the main app and an admin tool) and my own libraries, a few other libraries (Helix Toolkit, Triangles.net), and some libraries from .NET 5.0 (so that the framework is not needed for an offline install).
Since this morning, I have the following :
- one of the installed .exe is seen as a Trojan by Microsoft Defender, and is put in quarantine ;
- when I put the original .exe back in the Program Files directory manually, no Trojan is detected (even when i manually test the directory).
EDIT To be clear :
- no malware is detected in the installer
- no malware is detected in the original file
- only the file installed by INNO SETUP is concerned
Is it possible that Inno Setup put that Trojan in my exe ? If so, what could I do to prevent or circumvent it ?
EDIT The more I investigate this, the less I understand what Inno Setup does. My original exe file weighs only 280 Ko, and the exe file installed by Inno Setup weighs 132 Mo. And, again, the Trojan is ONLY detected in the exe installed by inno setup.
Screen cap
sorry for the french OS
The trojan description is :
EDIT : the inno setup installer is now seen as containing the trojan and put in quarantine.
