Run by Smartscreen utility

Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
9,120
PROGRAM INFO

The application can be used on Windows 8+. New ver. 5.0.1.1 available (updated in July 2025).
GitHub - AndyFul/Run-By-Smartscreen

Run By Smartscreen' is a very simple idea to safely open/run the new files via the option on the Explorer right-click context menu. 'Run By Smartscreen' can mark files with MOTW, so they are treated as downloaded from the Internet. This forces the SmartScreen before running the executable with MOTW. Furthermore, the popular documents marked with MOTW will be opened in 'Protected View', if the document application has such ability (like MS Office 2010+ and Adobe Acrobat Reader 10+). Many file types with unsafe extensions will be blocked when 'Run By Smartscreen' to minimize the chances of infection.​

Why the SmartScreen?
The Windows built-in SmartScreen technology is one of the best for fighting 0-day malware files.

Why 'Run By SmartScreen'?
This technology is only halfway adopted in Windows. SmartScreen for Explorer can check executables with the "Mark of the Web", which is attached to files after downloading from the Internet by popular Web Browsers, Windows Store, or Windows OneDrive. There are many cases when files do not have the "Mark of the Web" and then, they are simply ignored by SmartScreen.​

More info:
https://github.com/AndyFul/Run-By-Smartscreen
 
Last edited:
  • Like
  • +Reputation
Reactions: Shadowra, Gandalf_The_Grey, shukla44 and 24 others
W

Wave

Av Gurus said:
...in the User Space...which folders are that (C:\Users)?
Click to expand...
I think he was just differentiating between the protected directories (e.g. Windows folder, Program Files) to the default unprotected folders (such as Documents, Desktop, Pictures) which can be accessed from a non-elevated process. :)

Andy Ful said:
User Space = everything outside 'C:\Windows', 'C:\Program Files', and 'C:\Program Files (x86)' folders.:)
Click to expand...
Sorry, I didn't see this response before I replied to @Av Gurus... Oops!
 
  • Like
Reactions: _CyberGhosT_, DardiM, frogboy and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
9,120
If you have 64Bit Windows, you have to copy RunBySmartscreen(x64).exe to C:\Windows and run this file with 'Run As Administrator'. After that the 'Run By Smartscreen' option should be seen in Explorer context menu.
 
  • Like
Reactions: simmerskool, [correlate], Dirk41 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
9,120
The User Space is adopted from AppGuard:
"User-space refers to the computer storage space that is typically accessible by non-admin Windows users. It contains the user's profile directory (which includes the My Documents folder and Desktop), removable storage devices, network shares, and all non-system hard drives such as additional external and internal disk drives. AppGuard will either block or protect the execution of any programs contained in user-space directories. "
 
  • Like
Reactions: simmerskool, ForgottenSeer 85179, [correlate] and 5 others
Av Gurus

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Now is working OK.
But, every time i click "Run by SmartScan" I have to choose app to open .exe?

1.jpg 2.jpg Clipboard18.jpg Clipboard19.jpg
 
  • Like
Reactions: [correlate], Venustus, Dirk41 and 1 other person
W

Wave

Andy Ful said:
The User Space is adopted from AppGuard:
"User-space refers to the computer storage space that is typically accessible by non-admin Windows users. It contains the user's profile directory (which includes the My Documents folder and Desktop), removable storage devices, network shares, and all non-system hard drives such as additional external and internal disk drives. AppGuard will either block or protect the execution of any programs contained in user-space directories. "
Click to expand...
That explains why I am not familiar with it then, since I normally just explain that term regarding non-admin users accessing non-protected directories as opposed to using the term "User Space" for folders... Thanks :)
 
  • Like
Reactions: Dirk41, _CyberGhosT_ and DardiM
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
9,120
Last edited:
  • Like
Reactions: simmerskool, [correlate] and Dirk41
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
9,120
Last edited:
  • Like
Reactions: simmerskool, [correlate] and Dirk41
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Security News 7-Zip MotW bypass exploited in zero-day attacks against Ukraine
Replies
1
Views
688
Security News
Andy Ful
Andy Ful
oldschool
    • Like
    • +Reputation
    • Thanks
New Update Enhanced Phishing Protection in Microsoft Defender SmartScreen
Replies
11
Views
1,978
Windows 11
simmerskool
simmerskool
Gandalf_The_Grey
    • Like
    • +Reputation
    • Hundred Points
Security News 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now
Replies
0
Views
811
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top