Andy Ful

Level 48
Verified
Trusted
Content Creator
@Andy Ful , in H_C, when you use run by smartscreen, you get a little icon in the context menu that replaces run as admin. Is this version supposed t have its own icon in the context menu too?
In H_C the "Run as administrator" option in the right-click Explorer context menu is controlled by the button <Hide 'Run As Administrator'> (Log OFF from account required). The recommended options in H_C hide "Run as administrator" automatically when <Run As SmartScreen> = ON, but it can be recovered manually if needed.
 

Andy Ful

Level 48
Verified
Trusted
Content Creator
@Andy Ful Is it correct that there is no icon for Run By SmartScreen (standalone) like there was for Run By SmartScreen installed by hard Configurator?
...
Yes, the standalone RunBySmartScreen tries to take the icon from the path:
C:\WINDOWS\system32\SmartScreenSettings.exe
which is not present in the new Windows 10. I will solve this issue in the next version.
The icon can be added by modifying the registry key:
HKEY_CLASSES_ROOT\*\shell\Run By SmartScreen
The value Icon points to the path:
C:\WINDOWS\system32\SmartScreenSettings.exe
You can change it to any file_path with the icon you like.
 

Andy Ful

Level 48
Verified
Trusted
Content Creator

Andy Ful

Level 48
Verified
Trusted
Content Creator
The new version of Run By SmartScreen (3.0.1.0):
  1. For Windows 64-bit:AndyFul/Run-By-Smartscreen
  2. For Windows 32-bit: AndyFul/Run-By-Smartscreen
What is new as compared to ver. 3.0.0.0

Version 3.1.0.0
1. Corrected the procedure of checking if SmartScreen is enabled.

Version 3.0.1.0
1. Corrected Help information.
2. Corrected some issues related to shortcuts.
3. Added icons for RunBySmartScreen executables.


For users who did not use Run By SmartScreen, I included here some examples which show how it works.
RunBySmartScreen is intended for opening all new\unsafe\unknown files on Windows 8 and higher versions. So it can be used as on-demand reputation & SRP application.

Installation files and native Windows executables (COM, EXE, SCR, MSI) in UserSpace are always checked by SmartScreen before executing (forced SmartScreen), even when they would be normally ignored by SmartScreen.
If the file is from not dangerous category (checked by file extension), then it is allowed to be opened (photos, media files, plain text documents, etc.).

If the files can be abused but are widely used (PDF, DOCX, etc.), then an alert is displayed, like the below:

214599

Additionally, for MS Office documents and PDF files, the Mark Of The Web (MOTW) is added. So, the applications open those files as if they were downloaded from the Internet.

If the user tries to open the shortcut with the command line, then it is blocked with an alert:
214600


Compressed archives not supported by Windows build-in unpacker (.7z, .arj, .rar, .zipx) are blocked with an alert and short warning:
214601


Other files with dangerous extensions (over 250 file types) are blocked with an alert, for example:
214602
 

Back3

Level 2
I have Windows Defender with Comodo Firewall at CS settings plus Hips. I have installed Configure Defender ( High) 2 days ago. So far so good. Would installing Run By Smartscreen be usefull or overkill? I'm carefull because ComodoCS is environmentally sensitive!
 

shmu26

Level 83
Verified
Trusted
Content Creator
I have Windows Defender with Comodo Firewall at CS settings plus Hips. I have installed Configure Defender ( High) 2 days ago. So far so good. Would installing Run By Smartscreen be usefull or overkill? I'm carefull because ComodoCS is environmentally sensitive!
In Comodo you will need to "trust" the Run By Smartscreen file.
Run By Smartscreen will give you an additional check before you run files. You don't need it in your setup. But if you like multiple checks, you may use it.
 

Andy Ful

Level 48
Verified
Trusted
Content Creator
I have Windows Defender with Comodo Firewall at CS settings plus Hips. I have installed Configure Defender ( High) 2 days ago. So far so good. Would installing Run By Smartscreen be usefull or overkill? I'm carefull because ComodoCS is environmentally sensitive!
Run By SmartScreen has two main protection features:
  1. On-demand forced SmartScreen (can be used as a replacement for CF file lookup for application installers). It can cover the vulnerabilities introduced by a large CF Trusted Vendor List
  2. On-demand SRP - can warn you before opening files with dangerous extensions.
Run By SmartScreen is on-demand tool. So, it will not be overkill because it is not real-time protection.
 

Back3

Level 2
In Comodo you will need to "trust" the Run By Smartscreen file.
Run By Smartscreen will give you an additional check before you run files. You don't need it in your setup. But if you like multiple checks, you may use it.
Thanks. I've downloaded the app. I will wait for a week before installing it to make sure a bug between Configure Defender and Comodo doesn't occur!

Run By SmartScreen has two main protection features:
  1. On-demand forced SmartScreen (can be used as a replacement for CF file lookup for application installers). It can cover the vulnerabilities introduced by a large CF Trusted Vendor List
  2. On-demand SRP - can warn you before opening files with dangerous extensions.
Run By SmartScreen is on-demand tool. So, it will not be overkill because it is not real-time protection.
Thanks
 

Andy Ful

Level 48
Verified
Trusted
Content Creator
In Comodo you will need to "trust" the Run By Smartscreen file.
Run By Smartscreen will give you an additional check before you run files. You don't need it in your setup. But if you like multiple checks, you may use it.
I did not try "Run By SmartScreen" with CF, but I think that RunBySmartScreen executable has to be specially trusted in Comodo to work normally. CF has to know that both RunBySmartScreen executable and the application installer executed via "Run By SmartScreen" have to be allowed to run.

If the user set RunBySmartScreen as a Trusted executable, then the SmartScreen check will be performed on the application installer, but the execution can be blocked anyway, if CF will not recognize it as Trusted by TVL or Comodo File Lookup.
Still, the user can use CF + RunBySmartScreen in this way, if he/she understand how it works.
 
Last edited:

Andy Ful

Level 48
Verified
Trusted
Content Creator
Comodo is pretty good at blocking the common script files. Would RunBySmartScreen have important additions, as far as dangerous extensions are concerned?
Script files are only a smart part of file types blocked by RunBySmartScreen. Most of the blocked files are related to MS Office and Windows system (including several types of shortcuts).
 

shmu26

Level 83
Verified
Trusted
Content Creator
Script files are only a smart part of file types blocked by RunBySmartScreen. Most of the blocked files are related to MS Office and Windows system (including several types of shortcuts).
Those shortcut files can be dangerous. Good point, I keep forgetting about them...
If the user opens MS Office files from unknown senders, maybe it would be even better for him to install the standalone DocumentsAntiExploit?