UnZixHTA (version 2.04)

Summary

A Windows-only HTML Application to strip the rubbish off of a .zix file and recover the original file contents. This application is in development — please report bugs via the “Comments” button.

Note that not all zix files are recoverable, some contain nothing but blank data, others contain trojans and other malware.

Apparently there's a new form of zix file (Zix 2.0) that incorporates something akin to ZIP compression amongst the file or files inside the zix file. Currently UnZixHTA does not preform the decompression since the current decompression algorithm is unknown. However, UnZixHTA should recover Zix 1.0 files, including zix files that contain multiple files.

Overview

You may have encountered the “.zix” file type, it's increasingly found on downloaded files, often inside a “.rar” file. After you unpack the .rar file with something like 7-Zip you discover the file you wanted, but with the .zix file extension. Packaged along with the .zix file will often be a webpage with instructions on how to download a program from the Winzix website that will unpack the .zix file into the usable file or files you were originally expecting.

You may also know that that program designed to the do the unpacking is alleged to contain adware — I don't know as I haven't installed it but search around the web for yourself and make up your own mind.

At the time of writing, a .zix file is neither compressed nor encrypted and it's hard to see that the mechanism by which the files are obfuscated could be considered Digital Rights Management and thus fall foul of the DMCA.

I've written a HTML Application program to remove the bad label and recover the original file or files. You can download it below.

Download

Download UnZixHTA version 2.04, the name of this file is “unzixhta.zip”.

The application inside the zip is named “unzixhta.hta” and should be 35468 bytes in size (34.64KB) and have an MD5 hash of “d1ee31f6cc3c537c19b5da70dea563c6”.

Screenshot of UnZixHTA running

If you'd rather not download the application then an alternative is to copy the source code, paste it into a new plain text document, save it and change the file name to unzixhta.hta.

Security

  • Only download this file from “http://andrewu.co.uk/tools/unzixhta/”.
  • The application inside the zip file is a self-contained text file, you can view the complete source by opening it in NotePad. The source code is also available for viewing as a webpage.
  • The “unzixhta.hta” file inside the zip file should match the size and MD5 hash shown above.

If upon using UnZixHTA you see the following error message, then “right-click” on the “unzixhta.hta” file, choose “Properties” from the context menu that pops up and then choose the “Unblock” button.

Security settings on this computer are preventing unZixHTA from opening the zix file. That's generally a good thing, but unZixHTA won't work if it can't open the zix file! Read the advice in the Security section at: http://andrewu.co.uk/tools/unzixhta/#security

Some anti-virus applications (e.g. Symmantec) may panic when you attempt to open a .hta file, and generally rightly so! If you're not sure about using this “unzixhta.hta” file then don't — ask someone to examine its source code and verify its authenticity.

Caveats

Currently the application will not recreate folder structures. If the zix file contains information on folders then UnZixHTA will not recreate the folders when recovering the files inside them, but it will recover the files inside those folders nevertheless, but the directory structure will be “flat” rather than “nested”, if you see what I mean.

This application does not fully recover version 2.0 zix files. It saves out the contents of these zix files but does not perform the decompression. If the compression algorithm turns out to be an obfuscated form of zip file then UnZixHTA could be modified to perform the de-obfuscation and save the one or more files inside the zix as true zip files for unpacking with your favourite unzipping program. However, if the algorithm is a genuine new invention then it would be unlikely that UnZixHTA would support it due to potential legal issues (IANAL).

This application is very memory hungry. It will perform badly if you don't have a fast processor (preferrably multi-core) and free system RAM that is at least twice the size of the file you're unzixing. If you only have as much free system RAM as the size of the zix file you're unzixing then it will peform exceedingly badly, if at all, because the system pagefile is going to be used a lot. If you have less free RAM than that, then perhaps try a different unzixing application. It may be possible to make this HTA version use a lot less memory, but the ActiveX object I use for the binary manipulation is rather limited and I haven't managed it yet with the API calls available, despite quite a lot of trying (haven't found a way to stream small chunks of file into memory). Were this written in C++ then I could make it very memory efficient, but I'm a web programmer by trade and know nothing of writing Windows GUI applications. If you do make a Windows GUI version, please publish the source.

Use this application at your own risk! A general disclaimer applies. The application is freeware and I make no claims as to its suitability for any purpose in any context.

Not all zix files are recoverable, some may be corrupt and at least one zix file found in the wild contained nothing but 355MB of empty bytes. UnZixHTA should warn you of these problems though if it finds them. A number of zix files unpack to reveal an .avi. and a file called codec.exe, this codec.exe file is a trojan, do not install it. By default UnZixHTA will not recover files it suspects of being malware (although you can override this setting). Recovered files must be scanned for viruses, trojans and other malware.

Notes

This utility is a direct result of a post on my web technology blog: Webtech: File Extension “zix” where there are also instructions on how to recover zix files manually using a hex editor.

This utility makes use of the ADODB.Stream and Scripting.FileSystem ActiveX objects. In some security environments these ActiveX object may not be available and so this program may not function.

Note: This application was originally named UnZix, but another application already exists with that name so mine has become UnZixHTA. There is no relation between UnZixHTA and UnZix.

If the application fails, it may ask you to submit a bug report to this website. This is optional.

Source Code

You can either open the application directly in a text editor or you view the source as a webpage.

Advertisement

Feedback

Voting Panel
Did this program recover your zix file?
or
Did you find any bugs?
or
For security did you verify the filesize and MD5 hash?
or
Rate this utility: (0=poor, 5=very good)
Answers are anonymous, only the combined totals are stored. Uses cookies.