Run by Smartscreen utility

Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,489
Post updated in May 2022.

PROGRAM INFO

The application can be used on Windows 8+.
GitHub - AndyFul/Run-By-Smartscreen

Run By Smartscreen' is a very simple idea to safely open/run the new files via the option on the Explorer right-click context menu. 'Run By Smartscreen' can mark files with MOTW, so they are treated as downloaded from the Internet. This forces the SmartScreen before running the executable with MOTW. Furthermore, the popular documents marked with MOTW will be opened in 'Protected View', if the document application has such ability (like MS Office 2010+ and Adobe Acrobat Reader 10+). Many file types with unsafe extensions will be blocked when 'Run By Smartscreen' to minimize the chances of infection.​

Why the SmartScreen?
The Windows built-in SmartScreen technology is one of the best for fighting 0-day malware files.

Why 'Run By SmartScreen'?
This technology is only halfway adopted in Windows. SmartScreen for Explorer can check executables with "Mark of the Web", which is attached to files after downloading from the Internet by popular Web Browsers, Windows Store or Windows OneDrive. There are many cases when files do not have "Mark of the Web" and then, they are simply ignored by SmartScreen.​

More info:
https://github.com/AndyFul/Run-By-Smartscreen
 
Last edited:
  • Like
  • +Reputation
Reactions: Shadowra, Gandalf_The_Grey, shukla44 and 24 others
W

Wave

Av Gurus said:
...in the User Space...which folders are that (C:\Users)?
Click to expand...
I think he was just differentiating between the protected directories (e.g. Windows folder, Program Files) to the default unprotected folders (such as Documents, Desktop, Pictures) which can be accessed from a non-elevated process. :)

Andy Ful said:
User Space = everything outside 'C:\Windows', 'C:\Program Files', and 'C:\Program Files (x86)' folders.:)
Click to expand...
Sorry, I didn't see this response before I replied to @Av Gurus... Oops!
 
  • Like
Reactions: _CyberGhosT_, DardiM, frogboy and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,489
If you have 64Bit Windows, you have to copy RunBySmartscreen(x64).exe to C:\Windows and run this file with 'Run As Administrator'. After that the 'Run By Smartscreen' option should be seen in Explorer context menu.
 
  • Like
Reactions: simmerskool, Correlate, Dirk41 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,489
The User Space is adopted from AppGuard:
"User-space refers to the computer storage space that is typically accessible by non-admin Windows users. It contains the user's profile directory (which includes the My Documents folder and Desktop), removable storage devices, network shares, and all non-system hard drives such as additional external and internal disk drives. AppGuard will either block or protect the execution of any programs contained in user-space directories. "
 
  • Like
Reactions: simmerskool, ForgottenSeer 85179, Correlate and 5 others
Av Gurus

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,768
Now is working OK.
But, every time i click "Run by SmartScan" I have to choose app to open .exe?

1.jpg 2.jpg Clipboard18.jpg Clipboard19.jpg
 
  • Like
Reactions: Correlate, Venustus, Dirk41 and 1 other person
W

Wave

Andy Ful said:
The User Space is adopted from AppGuard:
"User-space refers to the computer storage space that is typically accessible by non-admin Windows users. It contains the user's profile directory (which includes the My Documents folder and Desktop), removable storage devices, network shares, and all non-system hard drives such as additional external and internal disk drives. AppGuard will either block or protect the execution of any programs contained in user-space directories. "
Click to expand...
That explains why I am not familiar with it then, since I normally just explain that term regarding non-admin users accessing non-protected directories as opposed to using the term "User Space" for folders... Thanks :)
 
  • Like
Reactions: Dirk41, _CyberGhosT_ and DardiM
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,489
Last edited:
  • Like
Reactions: simmerskool, Correlate and Dirk41
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
7,489
Last edited:
  • Like
Reactions: simmerskool, Correlate and Dirk41

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
Security News Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Replies
10
Views
760
Security News
upnorth
upnorth
Correlate
    • Like
    • Wow
    • Thanks
Security News Exploited Windows zero-day lets JavaScript files bypass security warnings
Replies
0
Views
493
Security News
Correlate
Correlate
Adrian Ścibor
    • Like
    • +Reputation
    • Thanks
AVLab.pl May 2022: Advanced In The Wild Malware Test (changes based on user suggestions)
Replies
23
Views
2,221
Security Statistics and Reports
Adrian Ścibor
Adrian Ścibor

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top