Unblocking zip or exe files download from the internet or non trusted zones

When you download a zip file or an executable file from the internet using IE, Edge or Chrome on Windows, more likely than not the file will have it zone identifier in the alternate stream of the file. This information is used by Windows to determine if the file was downloaded from the internet and it can apply certain level of security precautions for the user.

In some instances, files/installers with zone identifiers will not install properly. There are multiple ways to check if the file have zone id. You can use streams, like so:

c:\> streams64.exe tightvnc-2.8.27-gpl-setup-64bit.msi

And this would spit out something like:

streams v1.60 - Reveal NTFS alternate streams.
Copyright (C) 2005-2016 Mark Russinovich
Sysinternals - www.sysinternals.com

C:\temp\tightvnc-2.8.27-gpl-setup-64bit.msi:
   :Zone.Identifier:$DATA       163

Or just plain PowerShell, like:

PS c:\> Get-Content -Path .\tightvnc-2.8.27-gpl-setup-64bit.msi -Stream Zone.Identifier

Which will actually dump more interesting information like the referrer URL and where it was downloaded, like:

[ZoneTransfer]
ZoneId=3
ReferrerUrl=https://www.tightvnc.com/download.php
HostUrl=https://www.tightvnc.com/download/2.8.27/tightvnc-2.8.27-gpl-setup-64bit.msi

There are multiple ways to remove or unblock the file. Using streams, you can unblock like:

c:\> streams64.exe -d tightvnc-2.8.27-gpl-setup-64bit.msi

This would spit out something, like:

streams v1.60 - Reveal NTFS alternate streams.
Copyright (C) 2005-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
 
C:\temp\tightvnc-2.8.27-gpl-setup-64bit.msi:
   Deleted :Zone.Identifier:$DATA

Or use the File Explorer, so right click and hit on Properties of the file, then check Unblock (see below) and it on OK button.