This is a false perception. EXE doesn't mean virus any more than any other download. I'd be more concerned about what makes up the unzipped package.
There is a huge difference between having to run an executable to see what it does and loading a script (or source code) that you can read before you load it (or compile it). (This presupposes, of course, that you can completely understand what it is you're reading.) Perhaps if you could read straight through and understand, you might have been able to create the code to begin with, perhaps not.
If it's a full script and there's backdoors in it what makes it any less dangerous by making it a .zip instead of a .exe?
The main difference is that someone (me, in this case) can read your script and check for backdoors or other surprises. I don't have to load it and run it to see if I now have a
surprise.
I've released scripts and addons for 3 1/2 years all time using Winzip Self Extractor and not once have I either been asked to provide a .zip or anyone complaining about virii.
That's nice, I'm proud of you. However, many of the rest of us are wary of blindly running an EXE file. I, personally, don't have much problem with infecting myself with a virus/trojan and have even been known to do so on purpose. I have the know-how to get rid of it, too; JoeAverageUser does not.
You are more likely to get stung by a trojan downloaded from a corrupted website on a free webhost if you ask me.
You're right - going to a free webhost and downloading any of the filetypes that trojans are deployed in is asking for trouble. However, had you spent very much time on IRC in help channels or in some of the larger chat channels, you'd see a hole host of people who'd prove you wrong with their monumental ignorance (not stupidity). We regularly see those idiotic $decode /writes to set up a spammer just to spam that $decode. We see people
every single day who have gotten themselves infected with IRC trojans; research shows that most of them have downloaded some infected warez on IRC or, as you mentioned, got their warez from a shady web page.
Scripts you can read before you try; source code you have to compile requires a compiler but allows you to read what it will do before you run it. EXE files are unknowns. It might be a harmless self-extracting ZIP file -- or it might be a very bad trojan. Which is it, trojan or virus? (And by the way, trojans CAN be embedded into a normal .zip file such that you don't even have to extract the files.)