none
Possible bug: How do you prevent Windows Security from questioning access to .zip files on LAN NAS?

    Question

  • I have a drive letter persitently mapped to a NAS server on my home LAN. When I right-click on files with suffix .zip, I get a "Windows Security" dialog warning me that "Opening these files might be harmful to your computer  -   Your Internet security settings blocked one or more files from being opened. Do you want to open these files anyway?"

    First of all, a NAS server on my LAN is NOT on the Internet, so why would "Internet security settings" have anything to do with it?  I set "local intranet" security settings to low, but the bogus message still persists.  The message is triggered from the file type suffix (.zip) alone, because I created an empty file named foo.zip and that also triggers the message. The trigger is dependent on the file location. If the file is local, there is no message, but the same file on NAS casues the message to be displayed.  It is interesting that .tar, .gzip, .7zip and even .exe files do not trigger this message--only .zip files. Is there any way to make this stop?

     


    Lee Cason
    Fairfax, VA  USA
    -----------------------------------------------------------------
    OS Name:                   Microsoft Windows 7 Ultimate
    OS Version:                6.1.7100 N/A Build 7100
    OS Configuration:          Standalone Workstation
    OS Build Type:             Multiprocessor Free
    Product ID:                00447-321-7001193-70610
    Processor(s):              1 Processor(s) Installed.
                               [01]: Intel64 Family 6 Model 23 Stepping 7 GenuineIntel ~1985 Mhz
    BIOS Version:              American Megatrends Inc. R01-A1, 1/13/2009
    Boot Device:               \Device\HarddiskVolume2
    Total Physical Memory:     8,191 MB
    Available Physical Memory: 7,003 MB
    Network Card(s):           1 NIC(s) Installed.
                               [01]: NVIDIA nForce 10/100/1000 Mbps Ethernet

    Sunday, July 26, 2009 4:25 PM

All replies

  • I am seeing the same behavior in Windows 7 ultimate. I have a file server on a home LAN. I am also mapped to a drive. I am attempting to MOVE files from one directory to another and I am getting the message "These files might be harmful to your computer" "Your internet security settings suggest that one or more files may be harmful. Do you want to use it anyway?" the help for how to unblock these files is woefully inadequate. I have adjusted every internet security setting I can think of and the annoying pop-up message persists. The big thing I question is that the files I am trying to move are JPG files... I can understand a ZIP file might be malicious, but I have never seen a malicious JPG.

    I right click on the file and there are NO properties that would allow me to "unblock". How do I unblock these files so that I do not get this pop-up.
    Tuesday, August 18, 2009 12:39 PM
  • I see the same behavior, but only when dragging and dropping. On a Win7 Ultimate (x64) workstation logged in as user "MyDomain\UserAAA" I selected several .jpg image file stored on a Windows Server 2008 file share, then dragged them to a subfolder in the same directory on the same share. Win7 warned me "These files might be harmful to your computer" and asked whether I wanted to continue.
    Right-clicking and selecting "copy" on any file or directory in the share and then right-clicking and pasting in to the same destination subdirectory does NOT produce the warning. Neither does double-clicking and opening. Only right-click dragging and dropping. To repeat, these are all just .jpg files.

    Very interestingly, logged in to the same workstation as user "MyDomain\UserBBB" this does NOT happen. Both users MyDomain\UserAAA and MyDomain\UserBBB are Domain users in the single simple Domain managed by that same Windows Server 2008 server.  Neither user has Administrative privileges, nor really any different privileges from one another. In terms of ACLs on the files and directories in question, there is one slight different: UserAAA who gets the warning does not have "Full" control of the directories themselves, while UserBBB who does not get the warning does have Full control ... but UserAAA does have read, write, change, etc on all of the directories and files in question, so warnings about security risks don't seem like they should be affected by those ACLs.

    Can someone please explain
    1) why this message arises at all; and
    2) why it should arise only with drag-and-drop, but not with simpler explicit actions which would seem to perform the same underlying operations on the files; and
    3) why it would happen with UserAAA and not with UserBBB who should be equivalent; and most importantly
    4) how to stop it?

    Thanks!
    Jay

    Sunday, September 06, 2009 3:51 PM
  • Its on Control Pannel > Windows Defender > Tools > Options > Excluded file types

    By default it is all empty so if you find youlself in windows 7 and you dont want the pop up warning just add the file types that you consider that are safe.

    :-)
    • Proposed as answer by El Bekko Wednesday, January 20, 2010 2:45 AM
    Monday, September 14, 2009 1:35 PM
  • HKEY_CLASSES_ROOT\CLSID\{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}\ShellFolder

    First, give yourself (or your group) Full Control of the ShellFolder key. Then either rename the Attributes value to something else (Attributes! is what I chose) or change the Attributes value's data to 0x00000000. Restart explorer and you should no longer have that issue... but you also won't be able to open Zip files with Explorer. Nice pick your poison scenario here.

    http://msdn.microsoft.com/en-us/library/bb762589(VS.85).aspx should have some more info about Attributes.

    Unfortunately for me though, I'm still having this issue when selecting 17 or more .m2ts files in a folder then right clicking. I'll try to figure that one out too..

    Edit: Turns out there's an easy way to fix this (that really shouldn't be necessary). If you add the IP address and/or computer name of the network machine to the list of Local Intranet sites in Internet Options, the warnings stop.

    http://i35.tinypic.com/w17bic.png
    • Proposed as answer by Snowknight26 Friday, October 02, 2009 9:34 PM
    • Edited by Snowknight26 Tuesday, October 27, 2009 1:53 AM Better solution
    Friday, October 02, 2009 9:29 PM
  • I'm having the same problem.  I'm unable to solve it by setting the ShellFolder DWORD to 0.  Interestingly, this is the only english page that comes up on Google for "Opening these files might be harmful to your computer".  No english pages show up on bing.

    Adding entries to the Windows Defender exclude list is not acceptable, nor is changing IE security settings.  It happens on all file types and also on folders from my storage server.  I cannot configure each and every type individually - there really should be an off switch somewhere for this kind of "protection" scheme.

    I also agree with Jay above - it is curious that the file operation goes through when a copy/paste or CLI command is executed.  Am I to assume that copy/paste will also bypass other Windows security mechanisms as well?

    Thursday, October 08, 2009 12:53 AM
  • This is extremely annoying, how do I get it to stop asking me every time I try to move a file from a NAS?
    Saturday, October 31, 2009 8:41 PM
  • I disagree!
    i really think a jpg can be harmful depending on where that coming from and i see ,and i love that behaviour and am not feeling affected by the "over" security of windows 7!
    IMHO i think MSFT decided to design a safer OS and compete with others such as linux in terms of security ,but with a friendly looking and easy to use/configure etc!
    so i think the mojority agree with me ,i mean those who are looking for a more secure system!
    i understand some ppl fraustrations but it must have a workaround to satisfy those who s having hard times with permissions!
    if its easy for to assign permissions it should be much easier for hackers ,so it makes sense to have it a bit harder ...
    Regards,
    RR

    PS: intention here is not to offend anyone im just manifesting my optnion and showing my appreciation to all MSFT developers,in the middle of a storm of complaints IMO not so necessary..
    Saturday, October 31, 2009 9:03 PM
  • That's great you like it, I'm really happy for you.  I just want a way to turn the darn thing off.

    I just did the fix that SnowWhite posted in this picture: http://i35.tinypic.com/w17bic.png  and it appears to help.
    • Proposed as answer by Mike Schueler Sunday, October 10, 2010 10:54 PM
    Saturday, October 31, 2009 10:17 PM
  • Ddos_Evader, there's no doubt that .ZIP files and the files they contain can be harmful. The concern in this entire thread is a bit different: that Windows is incorrectly considering local file servers in the same security domain to be foreign sources from which it should raise this warning. Thus the original complaint about a file from a NAS triggering the warning, and my similar complaint about files from my own local Windows file server (which is also the Domain Controller) triggering the warning.

    Though manually adding particular servers to the Local Intranet zone will take care of the problem, as ArSeNIK13 noted, it doesn't solve the root of the problem, which is the somewhat non-transparent magic algorithms provided by Microsoft making wrong guesses as to what is in, and what it outside of, the local security equivalence domain.
    Tuesday, November 10, 2009 11:49 AM
  • just ran into this problem myself.   How ridiculous!!!   To show how stupid the underlying MS algorithms are, adding a local IP address to the box called "enter this website to the zone" shows they totally missed the boat.

    since when is 192.168.0.4 a website???  (well, maybe it could be technically, but doesn't one hand know what the other hand is doing?!?!?!)

    Also a pain that my IP intranet address numbers change from time to time if I unplug the printer or fiddle with router.   So I have to list all possibles.  Hope that doesn't bite.

    and why modify should my browser settings have anything to do with how I manipulate files?   The world does not revolve around IE!!!   well, mine doesn't.

    I'm sure configuring my printer's ScanToComputer buttons to upload files to this PC will be a joke too. 

    I wonder if this is specific to WIN 7 Ultimate.    Sorry I sprung for the extra bucks for extra hassle.

    end rant.  thanks for the fix and pic. 
    Wednesday, November 18, 2009 7:16 PM
  • See next post below - this works for me to disable the annoying dialogs.
    • Proposed as answer by HamNCheese Monday, November 23, 2009 8:07 AM
    • Edited by HamNCheese Monday, November 23, 2009 8:13 AM
    Monday, November 23, 2009 8:05 AM
  • UPDATE:

    I have found a solution by picking through some other posts.

    Start / Control Panel / Internet Options.

    (Internet Options control panel appears)

    Click "Security" tab.

    Click "Local Intranet"

    Drag slider to "Low"

    Click "Sites" button.

    Click "Advanced" button.

    Enter the IP Address of the NAS / SMB/ CIFS / whatever server and click "Add."

    Click "Close"

    Bingo.  No more errors for me!

    Apparently the "Detect Local Intranet" option is broken.  In my case, the server is clearly within the same /24 subnet.  My netmask is 255.255.255.0 - why this doesn't work, I have no idea.


    • Proposed as answer by HamNCheese Monday, November 23, 2009 8:11 AM
    Monday, November 23, 2009 8:10 AM
  • This worked for me - thanks.  Could this problem be why Media Player 11 has failed to get loads of track data from the files on my NAS and marked them all as 'unknown' even though you can read the data in Explorer?  I'll just rebuild my library and find out!
    Wednesday, November 25, 2009 7:37 PM
  • Thank you.  The second half of your post helped me resolve the problem of getting the message when I tried to drag and drop files.
    Tuesday, December 15, 2009 5:14 PM
  • Getting rid of Windows Defender worked. Thanks for the suggestion.
    Wednesday, January 20, 2010 2:45 AM
  • thanks,   I had to fill in " file://192.168.1.1"
    • Proposed as answer by skywalka Tuesday, June 26, 2012 12:21 AM
    Sunday, February 07, 2010 11:05 PM
  • thanks,   I had to fill in " file://192.168.1.1"
    That did the trick for me too - thanks for posting that tip
    Saturday, December 04, 2010 5:56 AM
  • Many many thanks for that. Every file I use is on a local server and that delightful little safety feature has been driving me insane since I got this machine!
    Tuesday, March 08, 2011 1:03 AM
  • The extra securtity is fine.

    The inability to define trusted paths easily is the issue.

    What is really dumb about that response is that even with the security in place, constantly harassing me every time i right click a zip file or other file that I do want to access on my LAN, even if that file WAS a harmful file, it's on my LAN and after clicking away hundreds of these warnings I can garentee that I, and almost every other person on this thread is STILL going to click "OK" to get the file we want.

    So after all that, how helpful is this feature against a folder path that in my mind is already safe? (regardless of it's actual safety)


    Darren. Professional Developer.
    Thursday, April 21, 2011 4:24 PM
  • Can someone please unmark Daft's reply as an accepted answer. It is not a correct answer to this problem. There are better answers below.
    Thursday, July 14, 2011 1:43 AM
  • thanks,   I had to fill in " file://192.168.1.1"
    Be careful - that sounds like your router and you should be careful of allowing access to files from outside your network.
    Friday, August 26, 2011 10:32 AM
  • That's great you like it, I'm really happy for you.  I just want a way to turn the darn thing off.
    I just did the fix that SnowWhite posted in this picture: http://i35.tinypic.com/w17bic.png  and it appears to help.

    Thanks so much! I just didn't get the 'help' and I'm guessing this is what they meant!
    Friday, August 26, 2011 10:33 AM
  • If you are on a Domain you also have to add the Domain Name " YourDomain.local"
    Wednesday, September 28, 2011 6:53 PM
  • thanks,   I had to fill in " file://192.168.1.1"
    Be careful - that sounds like your router and you should be careful of allowing access to files from outside your network.

    you clearly have no idea what you're talking about
    Monday, October 31, 2011 12:52 PM
  • http://i35.tinypic.com/w17bic.png
    That picture, right there. Legendary.
    Sunday, November 27, 2011 10:09 PM
  • The step that ArSeNIK13 posted worked for me.  http://i35.tinypic.com/w17bic.png
    Wednesday, February 29, 2012 6:13 PM
  • You can control this with Group Policy, as well.  Use gpedit.msc and drill down to User Configuration->Policies->Administrative Templates->Windows Components->Internet Explorer->Internet Control Panel->Security Page.  Enable "Intranet Zone Template" with the Low option.  Then enable "Site to Zone Assignment List" and use the Show button to add your "sites" (servername, servername.domain, ipaddress - the values you enter depend on what name or IP you use to access the share) with a value of 1.  Lastly - and this is the most important step - drill down one folder in gpedit to "Intranet Zone" and enable for "Launching programs and unsafe files", choosing Enable from the drop-down.

    Close gpedit, reboot or run "gpupdate /force" and enjoy no more annoying Windows Security dialogues!
    • Proposed as answer by Trip Hazzard Wednesday, August 08, 2012 9:24 AM
    Wednesday, March 14, 2012 5:54 PM
  • Tried all of the above to no avail but I have fixed my issue:

    Launch Raidar > Setup > Network > Wizard. My workgroup was set to VOLUME. I changed this to match WORKGROUP (in Windows)

    No longer receive a warning when either accessing or moving files on the NAS


    shapi

    Friday, July 06, 2012 7:21 AM
  • This solution should work for all

    Run this as an Administrator from the command prompt and it will fix you issue without compromising your internet security.
    ICACLS "C:\Users\YOU USER NAME GOES HERE\Desktop" /Setintegritylevel (OI)(CI)M                   Keep The quotes

    Thursday, April 04, 2013 6:40 PM
  • THANK YOU!!!
    Friday, August 09, 2013 3:38 PM
  • Yep, file://site in IE security works, Defender settings have no effect (Win 8.1 preview)
    Friday, September 13, 2013 8:16 PM