Windows Defender Smartscreen Malicious File Warning

Windows Smartscreen Incorrect Detection Algorithm
13

Feb

Windows Smartscreen Incorrect Detection Algorithm

If you are using Internet Explorer or Microsoft Edge you have already seen this “Windows Defender Smartscreen” nonsense warning message many times.

Windows Defender Smart Screen Incorrect Detection

How Does Windows Smartscreen Detect Malicious Files?

This message is based on absolutely no meaningful data. That is confirmed by a quote from Microsoft’s web site:

SmartScreen checks files that you download from the web against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, SmartScreen will warn you that the download has been blocked for your safety. SmartScreen also checks the files that you download against a list of files that are well known and downloaded by many people who use Internet Explorer. If the file that you’re downloading isn’t on that list, SmartScreen will warn you. (Source of this quote: https://support.microsoft.com/en-us/help/17443/microsoft-edge-smartscreen-faq)

As you can understand this makes absolutely NO SENSE as people who use EDGE and Internet Explorer are just 4% so it can not be “downloaded by many people who use Internet Explorer” – see the usage shares of all browsers as of 13.02.2020 as listed on Wikipedia:

Web Browser UsageSo if we release a new version, Microsoft will display that warning until ALL our users download that version as most likely even fewer than 4% of them are using IE or EDGE. So it turns out that such a message is there just to scare users. We will clarify that in detail as there is a very good reason for Microsoft to do that.

Why does Windows SmartScreen display red Warning Messages?

Microsoft and the so-called “antivirus” vendors are working in partnership with companies that issue code-signing certificates. Those certificates cost thousands of dollars yearly. Like that was not enough, they recently introduced a new type of EV certificate that even cost tens of thousands of dollars yearly. Those certifications on the other hand are totally useless – read why in the next section.

So the software vendors are pushed to pay those subscriptions in order to get rid of such warnings. In a very obvious translation – “Pay the ransom or we will scare your users”. That is not something that we like or approve. That is something that can only harm the Internet and the IT world. Though we can decide to pay that “ransom” what will happen with the developers that create free tools or the open-source organizations that can not afford to pay such fees? It is clear – they will be “killed” as their users will be scared by such nonsense warnings. We do not approve such a monopoly and we do not intend to sponsor it. We have already covered a similar topic in our Worst Antivirus Tools article.

Another reason for those messages is the attempt of Microsoft to copy the Apple Store by providing a Microsoft Store which is not doing well enough. Scaring the users with red warning messages on independent vendor websites aims to push them towards the MS Store. This will provide Microsoft extra profit both from vendors and users.

Why Software Code-signing Certificates are a Gimmick

The only purpose those certificates serve is to prove that the file that you receive is coming unmodified in the form provided by the vendor. So the only way such a certificate can be useful is if you have downloaded a file from a third-party unknown website.

If you value your security you should download from the vendor websites rather than from third-party locations. If you download a file from our website – your connection to us is over a secure SSL connection and you can be 100% sure that the file is unmodified and is provided by us. Therefore, it is absolutely irrelevant if the file was signed or not. That signature has meaning only if you are downloading our files from third parties.

How To Test A File For Malicious Content Without Downloading It?

If you have doubts, you can upload or paste a link to a file at VIRUSTOTAL DOT COM to scan it. It will scan a file with 60+ antivirus tools simultaneously. You do not even need to download the file – just copy its download URL. Of course, there are poor tools that may report false positives (incorrect detection as a threat) there too. Nevertheless, if you see that 65 out of 67 antivirus tools report a file as SAFE you can be sure that it is.

How To Disable Windows Smartscreen?

The best thing to do is to stop using IE or EDGE completely.  96% of the world can not be wrong that those browsers are not good. You can also disable Windows Smart Screen as it is useless or just ignore its nonsense as displayed below.

To turn SmartScreen on or off in the new Microsoft Edge:

Select Settings and more > Settings > Privacy & services .
Scroll down to Services, and turn Microsoft Defender SmartScreen on or off.

How To Override Windows Smartscreen Warnings In Internet Explorer?

If you insist on using them (IE and EDGE), once you save your file, click on “Actions” then “More options” and choose “Run anyway” – see the screenshots below.

Windows Smart Screen Downloads BlockedWindows Smart Screen Warning

How To Override Windows Smartscreen Warnings In Microsoft Edge?

The latest Microsoft Edge is even more aggressive than Internet Explorer.
Follow the steps below to get rid of that nonsense warning.

  1. Click the three dots near the downloaded file
  2. Report this file as safe to Microsoft
  3. Click Keep

Edge Download WarningUnfortunately, Edge is even more annoying than Internet Explorer and will ask the same thing even if you have already clicked KEEP. This on its own demonstrates poor design and coding. Clicking the KEEP button will display the new warning below, with the same options where you have to click KEEP again.

Edge Blocked Download

Is Windows Defender Smart Screen Reliable?

If you still think that Microsoft is an authority when it comes to security – think again. How a company that can not protect its most valuable assets – the Windows Source code is going to protect you? If you have missed it, almost all Windows source codes have leaked during the years and recently The Windows XP and Windows Server 2003 source codes were hacked and published online.

In our humble opinion, Microsoft should focus on providing better quality and better AND WELL TESTED updates for their customers instead of causing them extra headaches. The latest Windows Updates have been a total disaster for many users.

We will be glad to hear your opinion. Should software vendors and independent open-source organizations pay a form of “ransom” to get rid of scary messages in Microsoft Windows and “Antivirus” applications?

This article also relates to: Disable Smartscreen Windows 10, Disable Smartscreen Windows 10 2018, Disable Smartscreen Windows 7, How Do I Disable Smartscreen On Windows 10?, How Do I Turn Off Smartscreen Filter In Internet Explorer?, How Do I Turn On Windows Smartscreen?, How Do I Turn Smartscreen Filter Off Or On?, How Does Smartscreen Work?, How To Disable The Smartscreen Filter In Internet Explorer, How To Turn On Windows Smartscreen, How To Use Smartscreen, Microsoft Smartscreen, Should I Disable Smartscreen?, Smartscreen Disable, Smartscreen Filter Internet Explorer 11, Smartscreen Filter Windows 7, Turn Smartscreen On Or Off In The New Microsoft Edge, What Does Smartscreen Protect You From In Microsoft Edge?, What Is Smartscreen Filter In Internet Explorer 11?, What Is Smartscreen For Microsoft Edge, Windows 10 Smartscreen Disable, Windows Defender Smartscreen,

3 thoughts on “Windows Defender Smartscreen Malicious File Warning

  1. brian garland

    I am very grateful for the clarification. I agree with your approach re the MS ransom scheme and wish you well.

  2. Steve Evans

    Very good article and I am going through the SmartScreen pain right now with a new version of a program I supply to a customer. If there was a prize for the most useless tool for Windows, this has to be amongst the favourites to win it.

    It’s bad enough that you have to tell Edge twice to keep the file. But once you have done that, you can scan the file with Windows Defender, which of course reports 0 threats. But despite knowing that the file is harmless, you then have to tell Smartscreen to “Run anyway” by clicking the “More Info” link. Poor software design from start to finish.

    What’s more, if you download again, you have to go through this whole procedure once more. Infuriating.

  3. MindGems Support Post author

    Thank you for sharing your experience Steve. We think that displaying a red warning popup that says “This application may cause damage to your device. Sensitive personal data may also be at risk” without ABSOLUTELY NO PROOF is dishonest to say the least. That is actually the real threat and SCAM on behalf of Microsoft, not on behalf of the vendors. If more vendors boycott them, they may fix that madness.

Leave a Reply

Your email address will not be published. Required fields are marked *