Possible bug: How do you prevent Windows Security from questioning access to .zip files on LAN NAS?
I have a drive letter persitently mapped to a NAS server on my home LAN. When I right-click on files with suffix .zip, I get a "Windows Security" dialog warning me that "Opening these files might be harmful to your computer - Your Internet security settings blocked one or more files from being opened. Do you want to open these files anyway?" First of all, a NAS server on my LAN is NOT on the Internet, so why would "Internet security settings" have anything to do with it? I set "local intranet" security settings to low, but the bogus message still persists. The message is triggered from the file type suffix (.zip) alone, because I created an empty file named foo.zip and that also triggers the message. The trigger is dependent on the file location. If the file is local, there is no message, but the same file on NAS casues the message to be displayed. It is interesting that .tar, .gzip, .7zip and even .exe files do not trigger this message--only .zip files. Is there any way to make this stop? Lee CasonFairfax, VA USA-----------------------------------------------------------------OS Name: Microsoft Windows 7 UltimateOS Version: 6.1.7100 N/A Build 7100OS Configuration: Standalone WorkstationOS Build Type: Multiprocessor FreeProduct ID: 00447-321-7001193-70610Processor(s): 1 Processor(s) Installed. [01]: Intel64 Family 6 Model 23 Stepping 7 GenuineIntel ~1985 MhzBIOS Version: American Megatrends Inc. R01-A1, 1/13/2009Boot Device: \Device\HarddiskVolume2Total Physical Memory: 8,191 MBAvailable Physical Memory: 7,003 MBNetwork Card(s): 1 NIC(s) Installed. [01]: NVIDIA nForce 10/100/1000 Mbps Ethernet
July 26th, 2009 12:25pm

I am seeing the same behavior in Windows 7 ultimate. I have a file server on a home LAN. I am also mapped to a drive. I am attempting to MOVE files from one directory to another and I am getting the message "These files might be harmful to your computer" "Your internet security settings suggest that one or more files may be harmful. Do you want to use it anyway?" the help for how to unblock these files is woefully inadequate. I have adjusted every internet security setting I can think of and the annoying pop-up message persists. The big thing I question is that the files I am trying to move are JPG files... I can understand a ZIP file might be malicious, but I have never seen a malicious JPG. I right click on the file and there are NO properties that would allow me to "unblock". How do I unblock these files so that I do not get this pop-up.
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2009 8:39am

I see the same behavior, but only when dragging and dropping. On a Win7 Ultimate (x64) workstation logged in as user "MyDomain\UserAAA" I selected several .jpg image file stored on a Windows Server 2008 file share, then dragged them to a subfolder in the same directory on the same share. Win7 warned me "These files might be harmful to your computer" and asked whether I wanted to continue. Right-clicking and selecting "copy" on any file or directory in the share and then right-clicking and pasting in to the same destination subdirectory does NOT produce the warning. Neither does double-clicking and opening. Only right-click dragging and dropping. To repeat, these are all just .jpg files. Very interestingly, logged in to the same workstation as user "MyDomain\UserBBB" this does NOT happen. Both users MyDomain\UserAAA and MyDomain\UserBBB are Domain users in the single simple Domain managed by that same Windows Server 2008 server. Neither user has Administrative privileges, nor really any different privileges from one another. In terms of ACLs on the files and directories in question, there is one slight different: UserAAA who gets the warning does not have "Full" control of the directories themselves, while UserBBB who does not get the warning does have Full control ... but UserAAA does have read, write, change, etc on all of the directories and files in question, so warnings about security risks don't seem like they should be affected by those ACLs. Can someone please explain 1) why this message arises at all; and 2) why it should arise only with drag-and-drop, but not with simpler explicit actions which would seem to perform the same underlying operations on the files; and 3) why it would happen with UserAAA and not with UserBBB who should be equivalent; and most importantly 4) how to stop it? Thanks! Jay
September 6th, 2009 11:51am

I'm having the same problem. I'm unable to solve it by setting the ShellFolder DWORD to 0. Interestingly, this is the only english page that comes up on Google for "Opening these files might be harmful to your computer". No english pages show up on bing. Adding entries to the Windows Defender exclude list is not acceptable, nor is changing IE security settings. It happens on all file types and also on folders from my storage server. I cannot configure each and every type individually - there really should be an off switch somewhere for this kind of "protection" scheme. I also agree with Jay above - it is curious that the file operation goes through when a copy/paste or CLI command is executed. Am I to assume that copy/paste will also bypass other Windows security mechanisms as well?
Free Windows Admin Tool Kit Click here and download it now
October 7th, 2009 8:53pm

This is extremely annoying, how do I get it to stop asking me every time I try to move a file from a NAS?
October 31st, 2009 4:41pm

I disagree!i really think a jpg can be harmful depending on where that coming from and i see ,and i love that behaviour and am not feeling affected by the "over" security of windows 7!IMHO i think MSFT decided to design a safer OS and compete with others such as linux in terms of security ,but with a friendly looking and easy to use/configure etc!so i think the mojority agree with me ,i mean those who are looking for a more secure system!i understand some ppl fraustrations but it must have a workaround to satisfy those who s having hard times with permissions!if its easyfor to assign permissions it should be much easier for hackers ,so it makes sense to have it a bit harder ...Regards,RRPS: intention here is not to offend anyone im just manifesting my optnion and showing my appreciation to all MSFT developers,in the middle of a storm of complaints IMO not so necessary..
Free Windows Admin Tool Kit Click here and download it now
October 31st, 2009 5:03pm

Ddos_Evader, there's no doubt that .ZIP files and the files they contain can be harmful. The concern in this entire thread is a bit different: that Windows is incorrectly considering local file servers in the same security domain to be foreign sources from which it should raise this warning. Thus the original complaint about a file from a NAS triggering the warning, and my similar complaint about files from my own local Windows file server (which is also the Domain Controller) triggering the warning.Though manually adding particular servers to the Local Intranet zone will take care of the problem, as ArSeNIK13 noted, it doesn't solve the root of the problem, which is the somewhat non-transparent magic algorithms provided by Microsoft making wrong guesses as to what is in, and what it outside of, the local security equivalence domain.
November 10th, 2009 6:49am

just ran into this problem myself. How ridiculous!!! To show how stupid the underlying MS algorithms are, adding a local IP address to the box called "enter this website to the zone" shows they totally missed the boat. since when is 192.168.0.4 a website??? (well, maybe it could be technically, but doesn't one hand know what the other hand is doing?!?!?!) Also a pain that my IP intranet address numbers change from time to time if I unplug the printer or fiddle with router. So I have to list all possibles. Hope that doesn't bite. and why modify should my browser settings have anything to do with how I manipulate files? The world does not revolve around IE!!! well, mine doesn't. I'm sure configuring my printer's ScanToComputer buttons to upload files to this PC will be a joke too. I wonder if this is specific to WIN 7 Ultimate. Sorry I sprung for the extra bucks for extra hassle. end rant. thanks for the fix and pic.
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2009 2:16pm

This worked for me - thanks. Could this problem be why Media Player 11 has failed to get loads of track data from the files on my NAS and marked them all as 'unknown' even though you can read the data in Explorer? I'll just rebuild my library and find out!
November 25th, 2009 2:37pm

Thank you. The second half of your post helped me resolve the problem of getting the message when I tried to drag and drop files.
Free Windows Admin Tool Kit Click here and download it now
December 15th, 2009 12:14pm

Getting rid of Windows Defender worked. Thanks for the suggestion.
January 19th, 2010 9:45pm

thanks, I had to fill in " file://192.168.1.1"
Free Windows Admin Tool Kit Click here and download it now
February 7th, 2010 6:05pm

thanks, I had to fill in " file://192.168.1.1" That did the trick for me too - thanks for posting that tip
December 4th, 2010 12:56am

Many many thanks for that. Every file I use is on a local server and that delightful little safety feature has been driving me insane since I got this machine!
Free Windows Admin Tool Kit Click here and download it now
March 7th, 2011 8:03pm

The extra securtity is fine. The inability to define trusted paths easily is the issue. What is really dumb about that response is that even with the security in place, constantly harassing me every time i right click a zip file or other file that I do want to access on my LAN, even if that file WAS a harmful file, it's on my LAN and after clicking away hundreds of these warnings I can garentee that I, and almost every other person on this thread is STILL going to click "OK" to get the file we want. So after all that, how helpful is this feature against a folder path that in my mind is already safe? (regardless of it's actual safety)Darren. Professional Developer.
April 21st, 2011 12:24pm

Can someone please unmark Daft's reply as an accepted answer. It is not a correct answer to this problem. There are better answers below.
Free Windows Admin Tool Kit Click here and download it now
July 13th, 2011 9:43pm

thanks, I had to fill in " file://192.168.1.1" Be careful - that sounds like your router and you should be careful of allowing access to files from outside your network.
August 26th, 2011 6:32am

That's great you like it, I'm really happy for you. I just want a way to turn the darn thing off. I just did the fix that SnowWhite posted in this picture: http://i35.tinypic.com/w17bic.png and it appears to help. Thanks so much! I just didn't get the 'help' and I'm guessing this is what they meant!
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2011 6:33am

If you are on a Domain you also have to add the Domain Name " YourDomain.local"
September 28th, 2011 2:53pm

thanks, I had to fill in " file://192.168.1.1" Be careful - that sounds like your router and you should be careful of allowing access to files from outside your network. you clearly have no idea what you're talking about
Free Windows Admin Tool Kit Click here and download it now
October 31st, 2011 8:52am

http://i35.tinypic.com/w17bic.png That picture, right there. Legendary.
November 27th, 2011 5:09pm

The step that ArSeNIK13 posted worked for me. http://i35.tinypic.com/w17bic.png
Free Windows Admin Tool Kit Click here and download it now
February 29th, 2012 1:13pm

You can control this with Group Policy, as well. Use gpedit.msc and drill down to User Configuration->Policies->Administrative Templates->Windows Components->Internet Explorer->Internet Control Panel->Security Page. Enable "Intranet Zone Template" with the Low option. Then enable "Site to Zone Assignment List" and use the Show button to add your "sites" (servername, servername.domain, ipaddress - the values you enter depend on what name or IP you use to access the share) with a value of 1. Lastly - and this is the most important step - drill down one folder in gpedit to "Intranet Zone" and enable for "Launching programs and unsafe files", choosing Enable from the drop-down. Close gpedit, reboot or run "gpupdate /force" and enjoy no more annoying Windows Security dialogues!
March 14th, 2012 1:54pm

Tried all of the above to no avail but I have fixed my issue: Launch Raidar > Setup > Network > Wizard. My workgroup was set to VOLUME. I changed this to match WORKGROUP (in Windows) No longer receive a warning when either accessing or moving files on the NASshapi
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2012 3:21am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics