Q&A What is Smartscreen? (Win8/10)

Do you use it ?

  • Yes

    Votes: 48 87.3%
  • No because...

    Votes: 7 12.7%

  • Total voters
    55

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,895
#41
If the file has got EV digital certificate, the SmartScreen assumes that the file is safe. But, I do not know if it means not connecting to Reputation Cloud. I do not have got such files.
You try that foobar 2000 and see with internet disconnected.
 

jamescv7

Level 61
Trusted
Joined
Mar 15, 2011
Messages
12,638
OS
Windows 10
Antivirus
Microsoft
#44
So far I have not seen it in action since I'm not using IE and Edge
Typically the Smartscreen scans for digital signature alongside of reputation result when online, so if no alerts occurred then it passed on the criteria hence ready for execution.

Possible it checks also from current digital publishers if exist in the system.

@Umbra Does that mean Windows SmartScreen is 100% cloud-based?

View attachment 135741
Yes by context, the concept of IE/Edge browser is same on Windows OS feature. I've encountered Smartscreen yesterday on my classmate's laptop.

Although it may scan possible from current certificates in the system.

I got no alert from Smartscreen in my Windows 10 Pro for the last 2 demo tests with internet disconnected like what @Umbra said
Basically the Smartscreen already downloaded some temporary cache to checked for results of a file.

A pop-up like 'cannot checked right now' is because of digital signature that may not present in the system.
 
Joined
Dec 23, 2014
Messages
1,596
OS
Windows 10
Antivirus
Microsoft
#46
What is the definition of 100% cloud-based?
I do not think that such definition exists. But, for our discussion, it could mean that SmartScreen cannot check the file without Internet connection with Reputation Cloud.
 
Joined
Jan 27, 2017
Messages
143
OS
Windows 10
Antivirus
Default-Deny
#48
I do not think that such definition exists. But, for our discussion, it could mean that SmartScreen cannot check the file without Internet connection with Reputation Cloud.
Thanks Andy. I think that is a workable definition for the sake of this thread. :) I must be getting old because some questions just fry my brain. Like trying to answer the question... When does smell become taste?
 
Likes: Andy Ful
Joined
Dec 23, 2014
Messages
1,596
OS
Windows 10
Antivirus
Microsoft
#50
You can bypass Windows inbuilt filters for using unsigned/blocked apps by opening cmd with admin rights and typing " to start then file location and name and finish by typing " at the end and you will be able to use/install blocked program. Sometimes when Windows blocks unsigned/blocked apps I know are clean I have to use this method to unlock the file.
I would like to test it. Could you give some examples, please.
 
Likes: reboot
Joined
Jan 27, 2017
Messages
143
OS
Windows 10
Antivirus
Default-Deny
#51
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
 

Umbra

Level 85
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,969
OS
Windows 10
Antivirus
Default-Deny
#52
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
good question , i never tried, maybe you can do , and tell us :D
 
Likes: reboot

shmu26

Level 62
Joined
Jul 3, 2015
Messages
5,150
OS
Windows 10
#53
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
 

Umbra

Level 85
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,969
OS
Windows 10
Antivirus
Default-Deny
#55
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
as i said above , you will know by testing it and tell us your result :D
 
Likes: Andy Ful
Joined
Dec 23, 2014
Messages
1,596
OS
Windows 10
Antivirus
Microsoft
#56
If one excludes folders and files in Windows Defender what impact if any does that have on SmartScreen?
No impact on SmartScreen, I think. SmartScreen App Reputation on Run works even with disabled WD. But, the excluded files should open quicker.
 
Joined
Dec 23, 2014
Messages
1,596
OS
Windows 10
Antivirus
Microsoft
#57
Let's say I downloaded a file with google chrome or an email client, and then I execute it. What file types will trigger smartscreen blocking? Will it block downloaded scripts?

And what happens if I download a zip file with a torrent client?
@shmu26
I am afraid you missed my post #32 in this thread. Please read it first. I am sure it will help a lot. If you will have some concern, I'm here for you.:)
 
Likes: Umbra

shmu26

Level 62
Joined
Jul 3, 2015
Messages
5,150
OS
Windows 10
#59
@shmu26
I am afraid you missed my post #32 in this thread. Please read it first. I am sure it will help a lot. If you will have some concern, I'm here for you.:)
thanks!
so smartscreen won't work with a torrented file, and even if downloaded by browser, it might or might not work, after a zipped file is unzipped.

and what about a regular, unzipped script file, that is downloaded by a non-microsoft browser?
I don't think you covered that point. Maybe I missed it?
 
Joined
Dec 23, 2014
Messages
1,596
OS
Windows 10
Antivirus
Microsoft
#60
thanks!
so smartscreen won't work with a torrented file, and even if downloaded by browser, it might or might not work, after a zipped file is unzipped.

and what about a regular, unzipped script file, that is downloaded by a non-microsoft browser?
I don't think you covered that point. Maybe I missed it?
It does not matter what popular browser is used to download ZIP file. It always gets :
[ZoneTransfer]
ZoneId=3

The problem arises, when the file is uzipped. Windows builtin unzip function, can transfer

[ZoneTransfer]
ZoneId=3

to unzipped files.
 
Likes: shmu26

Similar Threads

Similar Threads