Excel: Disable "Some files can contain viruses" warning when opening file links

1

I have a large Excel table with a lot of local file hyperlinks to PDF files. These links are clicked often, and every time a warning pops up:

Opening <path\to\file.pdf>

Some files can contain viruses or otherwise be harmful to your computer. It is important to be certain that this file is from a trustworthy source.

Would you like to open this file?

This dialog is extremely annoying; is there a way to disable it?

What I've tried (none of it helped):

  • In Registry, add DisableHyperlinkWarning REG_DWORD 0x00000001. I've tried it under following keys:

    • Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common

    • Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\Security

    • Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common

    • Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Security

  • In Registry, enable trusted protocol via HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\xx.0\Common\Security\Trusted Protocols\All Applications. No "Office" key exists under "Microsoft".

  • In Registry, go to Computer\HKEY_CLASSES_ROOT\.pdf, and add key EditFlags REG_DWORD 0x00010000

  • Windows Start button ➔ Internet Options ➔ Security ➔ Trusted Sites. It is impossible to add a file:// link to a local folder.

  • Excel ➔ Excel Options ➔ Trust Center ➔ Trusted Locations. Added folder under User Locations, restarted Excel, warning still pops up.

Excel version: "Microsoft Excel for Office 365 MSO (16.0.12527.21378) 64-bit"

windows-10
microsoft-excel

3 Answers

3

Possibly the .pdf files have Alternate Date Streams with Zone Identifiers. To check, Open a PowerShell window in the directory containing the files, then copy & paste this command:

(Get-Item *.pdf -Stream 'Zone.Identifier' -ea silent).FileName

If file names are returned by that command, they have ADS Zone Identifiers.

And if you want to remove them from the files:

Get-Item *.pdf -Stream 'Zone.Identifier' -ea silent | ForEach {
    Unblock-File -LiteralPath $_.FileName }

More on ADS/Zone Identifiers

If you're curious, the most likely place the average user will find files with ADS is in your Downloads directory (Windows adds the Zone Identifer during download). you can view the information in the ADS by runnig this code from your Downloads directory:

Get-Item * -Stream 'Zone.Identifier' -ea silent | ForEach{
[PSCustomObject]@{
    'Name'   = ( Split-Path $_.FileName -Leaf )
    'ZoneID' = ( Get-Content -LiteralPath $_.PSPath -Raw )
}} | Out-GridView

Sample output

Also, some .url files (those on Desktop?) have an ADS that encapsulates a .ico file. If you have .url shortcuts on your Desktop, try the following from the Desktop directory:

gci *.url | Where { (gi $_ -Stream *).Count -gt 1 } | ForEach{ (gi $_ -Stream *).PSChildName }

Output:

PS C:\...\Desktop>gci *.url | Where { (gi $_ -Stream *).Count -gt 1 } | ForEach{ (gi $_ -Stream *).PSChildName }
CTA  Bus Tracker.url::$DATA
CTA  Bus Tracker.url:favicon
Morning Joe - Joe Scarborough, Mika Brzezinski, & Willie Geist.url::$DATA
Morning Joe - Joe Scarborough, Mika Brzezinski, & Willie Geist.url:favicon
Technet forums.url::$DATA
Technet forums.url:favicon
PS C:\...\Desktop>

If you want to extract at the icons:

gi *.url -Stream favicon -ea silent | ForEach {
    $Splat = @{
        'LiteralPath' = "$($_.FileName).ico"
        'Value'       = Get-Content -Literal $_.PSPath -Raw -Encoding Byte
        'Encoding'    = 'Byte'
        'FOrce'       = $True
    }
    Set-Content @Splat
}

To search a folder and its subfolders for any files with ADS:

Get-CHildItem -Directory -Recurse | ForEach {

    If ( ( $ADS = Get-Item "$($_.FullName)\*" -Stream * | ? Stream -ne ':$DATA' ).Count -ne 0 ) {
        $ADS | ForEach { Get-Item -Literal $_.FIleName }
    }
}
answered on Super User Mar 1, 2021 by Keith Miller • edited Mar 4, 2021 by JoSSte
1

The "insert hyperlink" dialogue in Office 365 looks like a Zombie from Windows XP. And if in that dialogue you click on the 'browse the web' button, astonishingly, internet explorer will open. This makes me think that probably all hyperlinks in office are routed through the internet explorer's dll, so it might have to do something with your explorer-related security settings. In fact, Office 365 uses the information bar rather than popups for security warnings, this makes me think that your popup actually is inherited from internet explorer.

I couldn't replicate your issue, but these steps might point you (or someone else) in the right direction.

Open Control panel. Click on 'Network and Internet' -> 'Internet Options'.

In the 'Internet Properties' window which opens, go to the 'Security' tab. Both on 'Local intranet' and on 'Trusted sites', set the 'Security level for this zone' to "Low". Also, untick "enable protected mode", if it is selected.

enter image description here

answered on Super User Mar 3, 2021 by 1NN
0

In the registry, I found this key: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults The values for each protocol are very likely Zone Idnetifiers -- it would explain files with no ADS still acting like Zone 3 files.

enter image description here

Try:

  1. changing the value of the file entry to 0 (Computer) or 1 (Local Intranet)
  2. Restart
  3. Test
answered on Super User Mar 4, 2021 by Keith Miller

User contributions licensed under CC BY-SA 3.0