Microsoft has blacklisted your encrypted 7z file.

[barlowhaydnb]

Nowadays even encrypted file is not safe from anti-virus software, they just detect files by hash.

[abbodi1406]

The house always wins 🙄

[rautamiekka]

What does the title even mean ? Does it get auto-deleted and can't be told not to, including not even by whitelisting beforehand ? AV's have almost always used hash-like methods for detection cuz the database would become astronomically massive.

[Technetium1]

Confirming the latest release is still fine on a completely updated system.

@barlowhaydnb Disable defender until completion: https://support.microsoft.com/en-us/windows/turn-off-defender-antivirus-protection-in-windows-security-99e6004f-c54c-8509-773c-a4d776b77960

[greatquux]

The best way I've found around this (especially from an automated perspective) is

• create a folder where the .cmd file will live in advance, like c:\windows\kms
• add this folder to defender exclusion list somehow, either through GUI or 3rd-party mgmt solution, or powershell (though I'm not sure if tamper prevention being on affects any of that)
• create your own encrypted ZIP of the .cmd file using your own password (if automated, edit .cmd to turn that on)
• transfer this ZIP to the excluded directory and extract it there
• run from that folder, and it should work without being detected

[SubZero5]

1234 is a known and commonly used password that people use to send virus samples that are caught in the wild to AntiVirus companies.

I suggest the password to be changed to 2024 or something like that.