So, an upd ate. When zipping with 7-Zip it has the option of Encrypting with a password. If I do that, then none of the antivirus's on virustotal.com can see thru it. It's reported as safe. Presumably, then, it would be allowed to download.
I certainly hear your point about making it as easy for the end-user as possible. However, if the download fails, then that's not easy. I have tried this, and with default windows installation, you can just:
- download the .zip file
- double click on the downloaded file (or click 'Run') (which actually opens window's zip browser)
- then double click on agent.exe that is displayed (which is actually "in" the .zip file)
- type in the password
- windows does the work of extracting to temp file and running
So, it is really just two more steps, just one more double-click, and typing a password, which is still pretty easy. You're probably on the phone with them walking them thru it.
Then, once you're in, you can extract agent.exe to desktop, or remote install host, or file transfer another agent.exe from your machine to remote.
And you can use the task scheduler to re-start agent outside of the .zip file extracted to the temp dir. Here's some .bat file code i use:
:: this editor is putting a space in all my 'set' commands making them 'se t'
se t future_time=19:05
:: rutserv or agent :
se t path_to_rutsrv=C:\some\path\to\rutserv.exe
se t path_to_rutsrv=C:\some\path\to\agent.exe
:: the /rl is priviledge level
:: the /f means overwrite task
:: the quotes are necessary
:: 1. to handle the space in eg program files
:: 2. to allow the /start to not be processed by schtasks itself but parsed and passed on
:: as part of the /tr
:: 3. so that the first space does not delimited programs and parametrs in task scheduler
:: and you dont need /start at all for agent.exe
schtasks /create /sc once /tn rut_restart /tr "'%path_to_rutsrv%' /start" /st %future_time% /rl highest
schtasks /query /tn rut_restart /v /fo list