Windows 7 annoyance when it comes to opening files

[Red Squirrel]

This is something that is driving me nuts. It seems at random when I go to open files I will get a variation of "are you sure" type dialogs. They're not always the same. UAC is disabled.

I will sometimes get the "are you sure you want to open this file" dialog. othertimes I will get "these type of files can harm your computer". Basically, some warning of some sort, at random. These files are on my network, and I trust them, I don't need windows trying to convince me that they could be dangerous. Even if it happened to be a virus and I did not know, the virus scanner would hopefully pick it up, otherwise this warning is useless because I'd be clicking yes anyway.

Is there a catch all way to get rid of all these warnings?

 

[Red Squirrel]

The one I'm having the most trouble with is the one that says "these files might be harmful to your computer" which happens when you go to move a file or right click on a file in a network location. VERY VERY annoying. I can fix it on a per server basis by adding the server in the trusted zone, but is there a catch all way of stopping this irritating dialog? Adding 10.*.*.* does not work, it seems to only work with host names. I also can't do *.loc as it wont accept that wildcard.

UAC is turned off.

 

[Nothinman]

You should probably turn UAC back on, there's really no reason to turn it off in Win7. And what is the exact wording of the warning?

 

[VirtualLarry]

Is your server on the same subnet as your PCs?

Possibly Windows thinks that the files on your server are in the "internet zone"?

 

[Red Squirrel]

This is the warning I get:



If I add it to the intranet zone it goes away, but I really don't want to have to add every hostname I got, it's kinda rediculous, and it's still going to do it if there's a foreign machine that is on my network and I need to get files from it. It's just an annoyance that serves no purpose really.

This happens if I right click or try to do anything with any file.

I really don't see the point of UAC either. If I want to open a file or perform an action, it's because I know what I'm doing. Even if I did not know what I was doing, I would just click yes anyway and then get infected. This is why common sense and anti viruses exist. Using common sense I know if I should trust a file or not, and failing that the AV should pick it up. 99.99% of the files I deal with are either system files or files that I created anyway.

I just want to disable this dialog globally. I tried adding the entire /8 subnet into the trusted zone but that wont work, it has to be by hostname.

Oh and to make matters worse the computer in that example is actually on the same domain as my PC. That alone should tell windows that it's a trusted PC.

 

[Nothinman]

I really don't see the point of UAC either. If I want to open a file or perform an action, it's because I know what I'm doing.

So you know exactly what every single binary that you run will do to your system? You can tell just from looking at it if it will touch global files or registry settings without first asking you itself?

But the larger point is that there is no reason to turn it off in Win7. In Vista it was overwhelming, but with Win7 it's been trimmed down and I think I see ~5 UAC prompts a week and the only ones I'm not sure why they appear are from the Exchange 2010 management console. The rest are from me making global setting changes so they make sense.

Oh and to make matters worse the computer in that example is actually on the same domain as my PC. That alone should tell windows that it's a trusted PC.

If I had to guess, I'd say one of the security settings you've changed in order to make it "easier" for you broke it then because I definitely don't see that on our work network for domain joined servers. My Win7 VM is pretty stock in that regard and I don't get those.

 

[VirtualLarry]

I've not really changed any Windows 7 networking permissions settings or anything, and I've gotten that dialog once or twice, for some text files (.TXT) sitting on my NAS. No other files seem to cause that, and I have no idea why a TXT file would be bringing up that dialog. I agree, it's very annoying.

You might try stripping off the alternate streams off of the file, perhaps Windows has "tagged" the file with zone info, that causes that.

 

[lsv]

Try that.

 

[Red Squirrel]

Try that.

That works but it's on a per system/IP bassis. I want to fix it globally. I suppose I could add every single IP in my network range...

ex scenario: I bring someone's machine home to fix it, hook it up to my network and want to access the files, it will bother me again. I just want to get rid of it completely.

It seems to be random too, it does not do it with all files, but it does do it with most of them. At one point it was even doing it on my desktop. I'd right click / drag a file so I can get the extract menu and get that warning. very annoying. Turning off UAC stopped it locally though.

So you know exactly what every single binary that you run will do to your system? You can tell just from looking at it if it will touch global files or registry settings without first asking you itself?

But the larger point is that there is no reason to turn it off in Win7. In Vista it was overwhelming, but with Win7 it's been trimmed down and I think I see ~5 UAC prompts a week and the only ones I'm not sure why they appear are from the Exchange 2010 management console. The rest are from me making global setting changes so they make sense.

No but if a file came with windows or a program I bought, I trust the company enough that their own files are safe and if it's a file that I or someone else made such as a word document, I trust it as well, and even if I am opening a file, the fact that I opened it indicates that I want to open it, if it happens to be infected and I don't know any better my AV is either going to catch it, or I'll get infected because I clicked yes like I do every other single time. This does nothing to prevent viruses. It's just an annoyance. Every time you get into your car, there is a chance that you might die from an accident, if car makers added a warning asking you if you are sure you want to turn your car on, it would not prevent accidents.

 

[lsv]

That works but it's on a per system/IP bassis. I want to fix it globally. I suppose I could add every single IP in my network range...

ex scenario: I bring someone's machine home to fix it, hook it up to my network and want to access the files, it will bother me again. I just want to get rid of it completely.

It seems to be random too, it does not do it with all files, but it does do it with most of them. At one point it was even doing it on my desktop. I'd right click / drag a file so I can get the extract menu and get that warning. very annoying. Turning off UAC stopped it locally though.



No but if a file came with windows or a program I bought, I trust the company enough that their own files are safe and if it's a file that I or someone else made such as a word document, I trust it as well, and even if I am opening a file, the fact that I opened it indicates that I want to open it, if it happens to be infected and I don't know any better my AV is either going to catch it, or I'll get infected because I clicked yes like I do every other single time. This does nothing to prevent viruses. It's just an annoyance. Every time you get into your car, there is a chance that you might die from an accident, if car makers added a warning asking you if you are sure you want to turn your car on, it would not prevent accidents.

Maybe try adding *.*.*.* as an IP?

 

[Nothinman]

No but if a file came with windows or a program I bought, I trust the company enough that their own files are safe and if it's a file that I or someone else made such as a word document, I trust it as well, and even if I am opening a file, the fact that I opened it indicates that I want to open it, if it happens to be infected and I don't know any better my AV is either going to catch it, or I'll get infected because I clicked yes like I do every other single time. This does nothing to prevent viruses. It's just an annoyance. Every time you get into your car, there is a chance that you might die from an accident, if car makers added a warning asking you if you are sure you want to turn your car on, it would not prevent accidents.

I've seen enough instances of fake AV software on people's PCs with paid, up to date AV that I only trust them as much as I can see the source code, i.e. pretty much never.

Car analogies never work well, but if you want a more accurate one it would be more akin to a CD you bought asking before it reprograms your radio's presets and mixer levels. Sure you want to play the CD but you might not want it to do all of that.

And you never addressed the fact that you should never see UAC prompts with Win7 unless you're really making global configuration changes all of the time. I never touched the UAC level on my Win7 VM and very rarely see any UAC prompts.

 

[Red Squirrel]

Maybe try adding *.*.*.* as an IP?

For some reason wildcards don't seem to work, that or if I'm accessing it by hostname it does not check the IP. 99% of the time I'm dealing with my main server so I set that one hostname up, and guess if there's no way to get rid of that dialog I'll just have to live with it for the few times I access another machine. You'd think there would be a way to turn that off completely though.

I've seen enough instances of fake AV software on people's PCs with paid, up to date AV that I only trust them as much as I can see the source code, i.e. pretty much never.

Car analogies never work well, but if you want a more accurate one it would be more akin to a CD you bought asking before it reprograms your radio's presets and mixer levels. Sure you want to play the CD but you might not want it to do all of that.

And you never addressed the fact that you should never see UAC prompts with Win7 unless you're really making global configuration changes all of the time. I never touched the UAC level on my Win7 VM and very rarely see any UAC prompts.

Only issue is if a user does download something that happens to be malicious and they don't know it's malicious, they downloaded it for a reason, and they'll open it, and click yes like every other file they trust. The whole idea of prompting is still useless. As for the CD analogy, if it asked you that every single time you played a music CD, not only would it be annoying but it would be second nature to click yes every time. The whole concept of prompting because there's a slight chance it's bad, is flawed.

This particular prompt also happens for simple tasks like moving a file. Even if it WAS infected, moving it wont magically cause it to get executed, and lot of these files are not even executable in first place.

As for global changes, that can happen any time a program is run or installed. You just have to trust whatever you're running, having a prompt tell you that it could be malicious does not do any good when 99.9% of them are not malicious. If you don't get any UAC prompts then you must be one of those users that's just on facebook all day. Heck, even then I can see having UAC prompts such as if an app needs a plugin like flash or something.

Pretty much any activity on a computer has the potential of being dangerous if you don't know what you're doing. I don't need MS telling me that for everything I do.

 

[Nothinman]

You can argue against it all you want, however disabling UAC causes issues as you've just found. I'm not even sure if turning it back on will fix it at this point because we have no idea what else you did with your tweaking, but it would be a good first step.