In previous versions of Windows the SmartScreen filter was a feature of Internet Explorer, with Windows 8 it becomes part of the Windows file system. But how does it know which files have been downloaded and which ones originated from your PC? Read on to see how How-To Geek went exploring in the file system.
Note: The information provided in this article is for educational purposes only.
So What’s The Magic?
Well the magic used here actually consists of fairly simple technology, most notably Internet Zones.
While you can only get access to the settings for these Internet Zones via Internet Explorer, they are used in various places throughout Windows. Whenever you download a file that comes from the Internet zone it gets tagged with a special Zone Identifier, and this identifier is stored in an alternate data stream. To see this I decided to bust open my favorite scripting language, PowerShell. I wrote the following script to see the alternate data streams of each file in my downloads folder.
$Files = Get-ChildItem -Path C:\Users\Taylor\Downloads
foreach($File in $Files)
{
Get-Item $File.FullName -Stream *
}
You see that last file in the list, it has an additional data stream called Zone.Identifier, that’s what we were are talking about. When you open a file in Windows it checks for this special data stream and triggers the SmartScreen if it exists. In true geek fashion we decided to take a peek inside the data stream to see what information it held.
Get-Item -Path C:\Users\Taylor\Downloads\socketsniff.zip -Stream Zone* | Get-Content
While that might not mean anything to us, it certainly got us thinking about how we can get around the SmartScreen.
How to Circumvent the SmartScreen in Windows 8
The first way to get around it is using the GUI, if you have a file with a Zone.Identifier data stream you can easily unblock it from the properties of the file. Just right click on the file and open its properties from the context menu and then click the Unblock button, so now when you open the file the SmartScreen wont get triggered.
You could also use the new unblock file cmdlet in PowerShell 3, which is the script equivalent of clicking the unblock button.
$Files = Get-ChildItem -Path C:\Users\Taylor\Downloads
foreach($File in $Files)
{
Unblock-File –Path $File.Fullname
}
The final way to get around SmartScreen is to simply add the website you are downloading from to the intranet zone in Internet Explorer.
Of course we recommend you never do that as that zone is reserved for intranet sites and it would leave you vulnerable to malware that originates from those sites in the list, and on that note I leave you with this script to find files on your PC that originated from the internet zone.
$Files = Get-ChildItem -Path C:\Users\Taylor\Downloads
foreach($File in $Files)
{
Get-Item $File.FullName -Stream * | %{if($_.Stream -like "Zone*"){$File.Name}}
}
That’s all there is to it.