How to Bulk Unblock Files Downloaded from Internet

Files downloaded from the internet are marked with the Zone identifier (“Mark of the Web” stored as Alternate Data Streams) to trigger the application reputation check by Windows SmartScreen in Windows 8 and higher.

bulk unblock files downloaded from internet

This article explains how to bulk unblock multiple files downloaded from the internet.

Zone Identification tagging using Alternate Data Streams was first introduced in Windows XP Service Pack 2 and continued in later Operating Systems, including Windows 10.

In Windows 7 and earlier, when the user launches a file downloaded from the internet, the following dialog is presented:

unblock files downloaded from internet

If you enable “Always ask before opening this file” and click Run, Windows clears the Zone ID for that file and launches the program.

SmartScreen – Application Reputation Check

Windows 8+ improves this further by doing the Application Reputation Check using Windows SmartScreen when running a program downloaded (not necessarily using Internet Explorer) from the internet. For example, if the file doesn’t pass the SmartScreen reputation checks, the user is shown the following screen.

unblock files downloaded from internet

If you trust the source and want to run the file regardless of the warning, click More Info and then Run anyway. This clears the existing zone identifier for the file, replacing it with AppZoneId=4 entry.

unblock files downloaded from internet

How to Bulk Unblock Files in a Folder and Sub-folders

To unblock a file, you can right-click on the file, click Properties, select “Unblock,” and click OK.

unblock files downloaded from internet

To bulk unblock multiple files in a folder, use one of the methods listed below.

1) Using “Streams” from Windows Sysinternals:

Download Streams and extract the executable to a folder. And then open a Command Prompt window and run Streams.exe as below:

streams.exe -d  %userprofile%\downloads\*

unblock files downloaded from internet

This removes the NTFS alternate data streams for all files in the Downloads folder.

To unblock a single file, use the file name:

streams -d "C:\Users\ramesh\Downloads\BrowserAddonsView.exe"

streams delete ntfs data stream for a file

To remove the zone information for files in every sub-directory (recursively), use this syntax:

streams -s -d %userprofile%\downloads\

unblock files downloaded from internet


2) Using Windows PowerShell:

PowerShell has a neat little cmdlet called Unblock-File which can unblock multiple files in a single command-line.



Unblock a single file

Unblock-File -Path "c:\users\ramesh\downloads\old versions\tc_free.exe"

Unblock all files in a folder

gci "c:\users\ramesh\downloads" | Unblock-File

Unblock files in every sub-folder (recursion)

To do this recursively, affecting files in every sub-folder, run:

gci -recurse "c:\users\ramesh\downloads" | Unblock-File

unblock files downloaded from internet

That clears the zone information for specified or all files.

Add “Unblock” to the context menu

You can add an Unblock command (that runs a PowerShell command) to the right-click menu for files.

To do so, follow these steps:

  1. First, copy the following lines to Notepad.
    Windows Registry Editor Version 5.00
    
    [HKEY_CLASSES_ROOT\*\shell\unblock]
    "MUIVerb"="Unblock"
    "Extended"=""
    
    [HKEY_CLASSES_ROOT\*\shell\unblock\command]
    @="powershell.exe Unblock-File -LiteralPath '%L'"
  2. Save the file as “unblock.reg
  3. Double-click “unblock.reg” to apply the registry settings.
  4. Select a file (or multiple files — up to 15 files), press the Shift key, and right-click on the selection.
  5. Click the Unblock option. This option executes the PowerShell command to unblock the selected file(s).

Whitelisting a website to prevent files from being blocked by SmartScreen

Certain situations require you to always allow downloads from a specific website — for example, a company website that hosts many files. You can add the website to Internet Explorer’s Trusted Sites list if it is trustworthy. This prevents the SmartScreen reputation check from being triggered when the user runs the downloaded file, regardless of which browser (Chrome, Firefox, IE, etc.) was used to download the file.

For example, I download WebBrowserPassView from Nirsoft. The following command showed the Zone Identifier – “ZoneID” set to 3, which means Internet Zone.

more < WebBrowserPassView.zip:Zone.Identifier

whitelist files for smartscreen

After adding *.nirsoft.net to the Trusted Sites list in Internet Explorer, I re-downloaded the file.

whitelist files for smartscreen

No zone identifier was added this time. And, no “Unblock” button in Properties for the file downloaded from a site listed in IE’s Trusted Zone.

whitelist files for smartscreen

Although the SmartScreen notifications can be annoying sometimes, it’s an excellent protection mechanism that shouldn’t be disabled or bypassed if you’re bothered about security.


One small request: If you liked this post, please share this?

One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
  • Pin it!
  • Share it to your favorite blog + Facebook, Reddit
  • Tweet it!
So thank you so much for your support. It won't take more than 10 seconds of your time. The share buttons are right below. :)

Ramesh Srinivasan is passionate about Microsoft technologies and he has been a consecutive ten-time recipient of the Microsoft Most Valuable Professional award in the Windows Shell/Desktop Experience category, from 2003 to 2012. He loves to troubleshoot and write about Windows. Ramesh founded Winhelponline.com in 2005.

2 thoughts on “How to Bulk Unblock Files Downloaded from Internet”

Leave a Comment