Disable "These files might be harmful to your computer" warning?

171

I keep getting this irritating warning when copying files over the network:

These files might be harmful to your computer

These files might be harmful to your computer

Your internet security settings suggest that one or more files may be harmful. Do you want to use it anyway?

I am copying a file from \\192.168.0.197\c$ (home server) to my local machine which is at \\192.168.0.4.

How do I turn off this meaningless "warning"?

Jeff Atwood

Posted 2010-06-05T07:56:11.213

Reputation: 22 108

If I cut and paste (Ctrl-X then Ctrl-V) I do not get this issue. If I click and drag the same files (from the same source as Ctrl-X and to the same destination as Ctrl-V), I do. This seems a bit odd to me, although I'm not sure if I'm misunderstanding something semantically or this is a bug. – fostandy – 2019-06-16T02:23:31.600

Answers

176

I found a fix by changing "internet options" -- so I guess Windows is detecting the "internet" as my own network.. sigh.

Click Start / Control Panel / Internet Options
Click Security tab.
Click Local Intranet
Click Sites button.
Click Advanced button.
Enter the IP Address of the other machine or server (wildcards are allowed) and click Add
Click Close, then OK, then OK again.
Disconnect, and reconnect the network drive

Changing Internet Options screenshot

This worked for me, but it's a bummer I have to manually enter IPs here.. it would be nice if Windows could detect this is a local network file copy and skip the irritating (and pointless) warning about "dangerous" files.

Sidenotes:

If you are using a DNS name to map the network drive, adding the IP address of the server to the zone will not work. You will need to add the DNS name, and vica-versa.
When adding an IP address, you can use wildcards like so: 192.168.1.*
Whan adding a DNS name, you can use wildcards like so: *.example.com

Jeff Atwood

Posted 2010-06-05T07:56:11.213

Reputation: 22 108

6This also increased copy from network speed by 50% !! (through wifi) – Odys – 2014-10-29T14:26:31.743

I'm curious what you network adapter settings are (ipconfig /all) - It should be catching those addresses under "Automatically detect intranet network". – Darth Android – 2010-06-05T08:34:25.860

If you use names for the computers (i.e. not IP addresses) then the default rules for local intranet (those three "include..." checkboxes) should apply. – Richard – 2010-06-05T09:51:35.400

@Richard They should apply anyways, I have a number of windows system which I just reference by IP address and they copy files just fine. – Darth Android – 2010-06-05T10:09:35.670

1It seems to have worked with the 10.0.0.0/24 format too. – Nulano – 2017-03-22T18:36:55.307

Also note that it's not required to disconnect the drive. Restarting explorer, or signing out/in again also updates the security policy. – René – 2017-04-07T18:09:48.060

If you mapped your drive you can add it by its letter, e.g. "N:". And please note I did it many times and never needed to disconnect the drive or restart explorer, so I suggest to give it a try first. – Kar.ma – 2018-03-21T12:00:41.733

1This still works on Windows 10. +1 – Phlucious – 2018-07-19T22:51:52.187

Does anyone know if this is a sort of operation that could be scripted for application on multiple computers? Or where the first step to look for that would be? We map all our network drives by IP and it would be great to apply this fix as a script rather than manually. >> edit >> here is a start http://support.microsoft.com/kb/303650

– bsigrist – 2011-06-16T15:36:53.840

2note @gerbenny answer at the bottom about wildcards in the sites dialog. – IgalSt – 2011-08-01T09:04:55.117

9Note that if the network share is open while this change is made, it has to be closed and reopened to see the change. – azdev – 2012-09-25T13:14:07.187

3Didn't work here; still get the warning. – gravitation – 2013-04-21T23:22:15.947

Using Windows 7, I added my IP address with a wildcard:

10.55.25.*

Now all the ip's in this range are part of the "Local Intranet".

gerbenny

Posted 2010-06-05T07:56:11.213

Reputation: 561

Can you explain what you add this IP address to? – Charlie Harding – 2016-09-16T15:48:18.080

1@CharlieHarding: This answer was an addition to Jeff's answer of June 5 2010. So, you'd add this to the Local intranet zone dialog box. – Wouter – 2017-02-23T09:22:55.580

It tells me I have entered an invalid wildcard sequence when I try to add *.local. – mm201 – 2018-08-24T04:30:11.450

22ah, good tip, it is not clear that dialog supports wildcards. – Jeff Atwood – 2011-04-23T10:56:13.227

If you want to do this in Group Policy, this quote may be helpful to you.

You can control this with Group Policy, as well. Use gpedit.msc and drill down to

User Configuration → Policies → Administrative Templates → Windows Components → Internet Explorer → Internet Control Panel → Security Page

Enable "Intranet Zone Template" with the Low option.

Then enable "Site to Zone Assignment List" and use the Show button to add your "sites" (servername, servername.domain, ipaddress - the values you enter depend on what name or IP you use to access the share) with a value of 1.

Lastly - and this is the most important step - drill down one folder in gpedit to "Intranet Zone" and enable for "Show security warning for potentially unsafe files", choosing Enable from the drop-down.

Close gpedit, reboot or run gpupdate /force and enjoy no more annoying Windows Security dialogues!

From the bottom of http://social.technet.microsoft.com/Forums/fi-FI/w7itprosecurity/thread/35ca8f9c-5e69-4b7f-a002-0d72fa0dc14b

flickerfly

Posted 2010-06-05T07:56:11.213

Reputation: 531

1For anyone else following this, I couldn't find the .../Intranet Zone/Launching programs and unsafe files setting in my policies. However just doing the first step with file://*.example.com=1 did the trick. – Samuel Harmer – 2014-06-28T10:30:18.193

4The last setting seems to now be called "Show security warning for potentially unsafe files" and needs to be Enabled with the option set to Enable. – thaimin – 2016-01-03T05:17:17.137

We recently put in a new server using DFS and I was having this same error. I ended up putting in:

" \\\servername.local.?"

After clicking add, it then showed:

file://*.servername.local.

I tried the * verses the ?, but that was not allowed.

Jeff Cornell

Posted 2010-06-05T07:56:11.213

Reputation: 61

I did a procmon and found where the settings are stored in the registry - this is for my 192.168.1.* network:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1]
"*"=dword:00000001
":Range"="192.168.1.*"

This is for my \\NAS server:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nas]
"file"=dword:00000001

This is how it looks in the internet settings control panel:

KERR

Posted 2010-06-05T07:56:11.213

Reputation: 329

I have been getting the same error recently, and found a way to disable this warning forever (I know what files I want to open, so yes, I am sure I want to disable this warning...):

go to Internet Settings (in Internet Explorer)
go to the "Security" tab
click on "Custom level" (with "Internet" selected = first icon)
in the "Miscellaneous" part, select "Enable (not secure)" for the option "Launching applications and unsafe files (not secure)"
click "OK" and then apply the changes; you'll have a warning asking if you're sure you want to do this (you'll have to say yes)

And that's it. :) Have fun.

Pete

Posted 2010-06-05T07:56:11.213

Reputation: 81

You are likely to find you get downvoted for this answer as it leads to an unnecessarily vulnerable system. – Andrew Morton – 2015-10-03T17:11:04.217

4I'm upvoting, seems harsh to downvote as the OP is asking a question on how to make the system slightly more vulnerable - so any answer could fairly assume that the OP isn't looking for the most perfectly secure answer.... – leinad13 – 2016-10-31T16:05:23.137

I believe you wouldn't get the warning if you used the netbios name of your home server instead of the ip address. If you use the ip address or say the fully qualified dns name of the remote computer it doesn't recognize it as being in the intranet zone. the other option as mentioned earlier is to manually add it to the intranet zone list.

user4892

Posted 2010-06-05T07:56:11.213

Reputation: 196

Adding these two lines (without changing the default Local Intranet settings) is a quick fix:

file://10.*.*.*
10.*.*.*

You need to disconnect and reconnect shares for this to work.

jott14

Posted 2010-06-05T07:56:11.213

Reputation: 21

The other solutions here didn't work for me on Windows 7, but I found one that worked: remove Internet Explorer through Add/Remove Programs and then Adjust Windows Features. Unclick Internet Explorer 8. No more nag dialog!

gravitation

Posted 2010-06-05T07:56:11.213

Reputation: 257

-2

Here's how I fixed the issue. First here's my setup. I have Windows 10 on my C:\ drive partitioned with a D:\ letter drive on which I keep my personnal files. The "Windows Security-These files can be harmful to bla bla" pop-up bug came in I don't know how why or when. But it happened with only two folders on my D:\ partition drive. How why and when I still have no clues.... or maybe. But hey let's fix the matter. What I did is copy\pasted all I needed most on my D:\ drive onto an external HD. Then I formatted the D:\ drive and copy\pasted back in, bit by bit (verifying in between) the folders I had saved on my external device. Bingo problem solved. Of course this sounds curious. Technology is curious from time to time.

I think permissions, authorizations, ownerships, rights etc. may have something to do. Why I don't know but these settings came back to a default position" And I had often modified them before. Then again I can be wrong. I'm just noticing things here. Or maybe the letters on some external drives had changed because USB keys or external Disk constant ins and outs. Anyway I hope this tweak will be helpful for those who did not find a fix yet, and feel someone is watching them. I have to say this issue was one of the hardest I've ever dealt with. Jeeeez Cheeez Wizzzz dudes !

august 31 2018

Jag Robert

Posted 2010-06-05T07:56:11.213

Reputation: 1

1What? Literally what? I don't think this answers the question in any way. – confetti – 2018-08-31T13:57:55.470

@confetti you talkin to me ? Explain yourself. – Jag Robert – 2018-08-31T14:39:03.297

The question is related to nerworking, I can't see that in your answer. Furthermore I can't see how reformatting and copying one-by-one does any good. – confetti – 2018-08-31T14:41:04.453

@confetti all I'm saying is my tweak fixed what the other fixes did not. I tried them all. I'm not an expert but I can manage. Arguing is not an option even if you're right about the networking talk. I can be right too and I could have spared me a lot of time if I had tried my fix earlier. Am I occupying to much space here ? – Jag Robert – 2018-08-31T14:52:01.353

1@confetti: Here’s the deal: When you download (executable) files from the network, Internet Explorer flags them (your downloaded copies) with meta-data that identifies them as files that came from the network. NTFS may be the only filesystem type that supports that meta-data, so copying the files to a non-NTFS disk causes the “dangerous” flag to be discarded. So it works as a way of scrubbing the files you have downloaded, but you would have to do it again for every file you download in the future. P.S. I believe that you can clear the flag in “File” → “Properties”. – Scott – 2018-09-08T05:17:22.493