Q&A What is Smartscreen? (Win8/10)

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Do you use it ?

  • Yes

    Votes: 46 86.8%
  • No because...

    Votes: 7 13.2%

  • Total voters
    53

HarborFront

Level 36
Content Creator
Oct 9, 2016
2,557
#41
If the file has got EV digital certificate, the SmartScreen assumes that the file is safe. But, I do not know if it means not connecting to Reputation Cloud. I do not have got such files.
You try that foobar 2000 and see with internet disconnected.
 

jamescv7

Level 61
Verified
Mar 15, 2011
12,660
Operating System
Windows 10
Installed Antivirus
Microsoft
#44
So far I have not seen it in action since I'm not using IE and Edge
Typically the Smartscreen scans for digital signature alongside of reputation result when online, so if no alerts occurred then it passed on the criteria hence ready for execution.

Possible it checks also from current digital publishers if exist in the system.

@Umbra Does that mean Windows SmartScreen is 100% cloud-based?

View attachment 135741
Yes by context, the concept of IE/Edge browser is same on Windows OS feature. I've encountered Smartscreen yesterday on my classmate's laptop.

Although it may scan possible from current certificates in the system.

I got no alert from Smartscreen in my Windows 10 Pro for the last 2 demo tests with internet disconnected like what @Umbra said
Basically the Smartscreen already downloaded some temporary cache to checked for results of a file.

A pop-up like 'cannot checked right now' is because of digital signature that may not present in the system.
 
Dec 23, 2014
1,354
Operating System
Windows 10
Installed Antivirus
Microsoft
#46
What is the definition of 100% cloud-based?
I do not think that such definition exists. But, for our discussion, it could mean that SmartScreen cannot check the file without Internet connection with Reputation Cloud.
 
Jan 27, 2017
143
Operating System
Windows 10
Installed Antivirus
Default-Deny
#48
I do not think that such definition exists. But, for our discussion, it could mean that SmartScreen cannot check the file without Internet connection with Reputation Cloud.
Thanks Andy. I think that is a workable definition for the sake of this thread. :) I must be getting old because some questions just fry my brain. Like trying to answer the question... When does smell become taste?
 
Likes: Andy Ful
Dec 23, 2014
1,354
Operating System
Windows 10
Installed Antivirus
Microsoft
#50
You can bypass Windows inbuilt filters for using unsigned/blocked apps by opening cmd with admin rights and typing " to start then file location and name and finish by typing " at the end and you will be able to use/install blocked program. Sometimes when Windows blocks unsigned/blocked apps I know are clean I have to use this method to unlock the file.
I would like to test it. Could you give some examples, please.
 
Likes: reboot
Jan 27, 2017
143
Operating System
Windows 10
Installed Antivirus
Default-Deny
#51
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,488
Operating System
Windows 10
Installed Antivirus
Default-Deny
#52
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
good question , i never tried, maybe you can do , and tell us :D
 
Likes: reboot

shmu26

Level 57
Jul 3, 2015
4,687
Operating System
Windows 10
Installed Antivirus
Microsoft
#53
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,488
Operating System
Windows 10
Installed Antivirus
Default-Deny
#55
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
as i said above , you will know by testing it and tell us your result :D
 
Likes: Andy Ful
Dec 23, 2014
1,354
Operating System
Windows 10
Installed Antivirus
Microsoft
#56
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
No impact on SmartScreen, I think. SmartScreen App Reputation on Run works even with disabled WD. But, the excluded files should open quicker.
 
Dec 23, 2014
1,354
Operating System
Windows 10
Installed Antivirus
Microsoft
#57
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
@shmu26
I am afraid you missed my post #32 in this thread. Please read it first. I am sure it will help a lot. If you will have some concern, I'm here for you.:)
 
Likes: Umbra

shmu26

Level 57
Jul 3, 2015
4,687
Operating System
Windows 10
Installed Antivirus
Microsoft
#59
@shmu26
I am afraid you missed my post #32 in this thread. Please read it first. I am sure it will help a lot. If you will have some concern, I'm here for you.:)
thanks!
so smartscreen won't work with a torrented file, and even if downloaded by browser, it might or might not work, after a zipped file is unzipped.

and what about a regular, unzipped script file, that is downloaded by a non-microsoft browser?
I don't think you covered that point. Maybe I missed it?
 
Dec 23, 2014
1,354
Operating System
Windows 10
Installed Antivirus
Microsoft
#60
thanks!
so smartscreen won't work with a torrented file, and even if downloaded by browser, it might or might not work, after a zipped file is unzipped.

and what about a regular, unzipped script file, that is downloaded by a non-microsoft browser?
I don't think you covered that point. Maybe I missed it?
It does not matter what popular browser is used to download ZIP file. It always gets :
[ZoneTransfer]
ZoneId=3

The problem arises, when the file is uzipped. Windows builtin unzip function, can transfer

[ZoneTransfer]
ZoneId=3

to unzipped files.
 
Likes: shmu26