Friday, August 24, 2012

Remove security warning from Internet-sourced files


Ever been setting up or managing a system and run into a prompt like this:

It’s probably because you grabbed the original executable from an Internet site.

Using a modern browser to grab the file will typically result in a special NTFS stream added to the originally-downloaded file (eg, bginfo.zip) that gets promulgated to the executable you’re trying to run.

This can be a good thing when you're trying out software, but how do you fix it when you know you can trust the file? This sort of thing can be come quite annoying if it's tied to a Startup item like BGInfo.

The best solution is to “unblock” the file you download; that keeps the stream from being added to the extracted file(s). But what if you’ve already extracted them?

Same solution, but you apply it to the executable instead of the download. Right-click on the file to unblock, then select properties. You should see something a bit like this:
Note the [Unblock] button at the bottom. If you click that and save the properties, the NTFS stream metadata is removed from the file, and you won’t get the popup message whenever the app is run.

When I'm retrieving trusted files from my own web servers, I’ve simply gotten into the habit of unblocking files as soon as I download them; if the ZIP or installer file doesn’t have that metadata, the extracted files won’t inherit them.

Also: there’s no way to mass-unblock files; if you select a group of files and choose properties, you don’t get the option to edit the security. If you're downloading a zip file full of executables (like the SysInternals Suite), you definitely want to unblock the ZIP file before extracting it, or you'll have to unblock each executable individually.

7 comments:

  1. Inside that SysInternals suite is a utility called streams.exe. Wrap it up in a batch file, and you can run it on your download directory to fix all the files at once.

    See batchfile here for example: http://pastebin.com/GsjpzX5T

    ReplyDelete
  2. I your writing style truly enjoying this website . borrar todo

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
  4. They have quick internet, that is guaranteed. In any case, the current examination demonstrates that a great deal of internet clients in Lithuania are encountering security issues a year ago.delete bing search history

    ReplyDelete
  5. I am definitely bookmarking this website and sharing it with my acquaintances. You will be getting plenty of visitors to your website from me! identity and access management

    ReplyDelete
  6. This variety of assignments is ordinarily tended to amid protect card preparing. Numerous strip malls and theaters as of late have utilized an assurance group to screen the parking areas and offer insurance to clients from burglary.vericlock review

    ReplyDelete
  7. I’m extremely impressed with your writing skills neatly as with the format on your blog. Is this a paid subject matter or did you customize it yourself? Anyway keep up the nice high quality writing, it is uncommon to peer a nice blog like this one nowadays. how to increase brain power

    ReplyDelete