Unblock a file with PowerShell?

Question

I am trying to have PowerShell unblock a file in Win2K8 R2.

Does anyone have a pointer as to syntax?

Thanks in advance,

Dan

Answer 1

Do you mean this:

set-executionpolicy remotesigned

This will allow you to execute local scripts without them being signed, and remote ones if they are signed. More info available here.

HTH, Kent

Answer 2

The "blocking" part is simply an alternate data stream of the file, named "Zone.Identifier". You can display it in CMD by using input redirection (no other way to get to a stream in CMD, though):

H:\Downloads> more < test.exe:Zone.Identifier
[ZoneTransfer]
ZoneId=3

You can find them using dir /r on Windows Vista and later:

2009-10-24  12:18        54.538.056 test.exe
                                 24 test.exe:Zone.Identifier:$DATA

Also in CMD you can easily get rid of that by overwriting it (using output redirection, this time):

echo.>myDownloadedFile.exe:Zone.Identifier

which isn't quite the same as removing the ADS completely, but works in that Explorer doesn't complain anymore.

There doesn't seem to be native support for handling ADS from within PowerShell (as mentioned on The PowerShell Guy's blog here [cached page, since the original one seems to be down currently]. That article also has some information how to get that functionality in PowerShell). You could, however, simply call cmd:

cmd /c "echo.>test.exe:Zone.Identifier"

That works from PowerShell as well.

Another option would be Mark Russinovich's streams utility which allows you to inspect a file's ADS and also to delete them. So

streams -d myDownloadedFile.exe

does work as well.

Answer 3

The PoshCode module includes Set-DownloadFlag and Remove-DownloadFlag functions which work as advertised. :) I've just pulled that piece out into it's own script contribution http://poshcode.org/1430 ... it will work on PowerShell 1 too, if you use the New-Type function in place of Add-Type ( http://poshcode.org/720 )