Fix 'Windows protected your PC' and Microsoft Defender SmartScreen Blocks

beginner๐ŸชŸ Windows2026-07-13| Windows 10, Windows 11, Windows Server 2019/2022

Error Message

Windows protected your PC - Microsoft Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.
#windows-defender#smartscreen#security#mark-of-the-web#unblock

The 10-Second Fix

Staring at a giant blue banner? If you trust the file you just downloaded, you can skip the security check in two clicks:

  • Click the More info link tucked under the main warning text.
  • Select the Run anyway button that appears at the bottom.

If you're a developer or sysadmin dealing with a folder full of blocked scripts, don't click them one by one. Open PowerShell and run this command to clear the block from every file in a directory:

dir -Path "C:\Downloads\MyApp" -Recurse | Unblock-File

The Culprit: Mark of the Web (MotW)

Windows tracks where your files come from using a feature called Mark of the Web (MotW). When you download a tool via Chrome or save an email attachment, Windows attaches a hidden piece of metadata called an Alternate Data Stream (ADS). Specifically, it creates a Zone.Identifier stream that labels the file with a "ZoneId=3" (Internet).

SmartScreen triggers when you launch a file with this tag if the app is unsigned or lacks a solid reputation. In Microsoft's eyes, a "solid reputation" usually means the binary has been safely run by thousands of other users. Until you hit that threshold, Windows treats your app as a potential threat.

How to Unblock Your Files

Method 1: File Properties (Best for single installers)

This is the standard manual fix for an .exe or .msi file. It takes about five seconds.

  • Right-click the blocked file and choose Properties.
  • Stay on the General tab and look at the bottom.
  • Check the Unblock box next to the security warning.
  • Hit Apply.

The blue warning disappears immediately. Note that if you unblock a ZIP file before extracting it, Windows automatically unblocks every file inside. If you extract first, you'll have to unblock each file individually.

Method 2: PowerShell (Best for bulk unblocking)

Manually clicking properties on 50 different DLLs is a waste of time. PowerShell can strip the Mark of the Web from an entire project folder in seconds.

To unblock a single file:

Unblock-File -Path ".\setup.exe"

To recursively unblock an entire directory (like a 500MB SDK or a vendor toolset):

Get-ChildItem -Path "C:\dev\tools" -Recurse | Unblock-File

Method 3: Disable SmartScreen via Registry (Dev/Lab use only)

If you're working in a dedicated lab environment where you constantly build unsigned binaries, these popups destroy your productivity. You can turn them off system-wide, but avoid doing this on your primary machine as it removes a vital layer of defense.

Run PowerShell as Administrator:

# Disable SmartScreen for the Windows Shell
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" -Name "SmartScreenEnabled" -Value "Off"

# Disable SmartScreen for Edge
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Edge\SmartScreenEnabled" -Name "Enabled" -Value 0

Method 4: Group Policy (For IT Admins)

Admins managing a fleet can control this behavior via the Group Policy Editor (gpedit.msc). This is useful if you want to allow users to bypass the warning without disabling the protection entirely.

  • Go to: Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender SmartScreen > Explorer.
  • Open Configure Windows Defender SmartScreen.
  • Set it to Enabled.
  • In the Options pane, select Warn. This keeps the banner but allows the "Run anyway" button. (Selecting "Warn and prevent bypass" locks the file down completely).

How to Verify the Block is Gone

Want to be sure the file is "clean"? Use PowerShell to look for the hidden data stream:

Get-Item -Path ".\app.exe" -Stream *

If you see Zone.Identifier in the list, the file is still blocked. If only $DATA appears, you're good to go.

For Developers: Avoiding the 'Blue Box of Death'

If you're distributing software, you don't want your customers seeing this error. It kills conversion rates and looks unprofessional. Here is how to fix it at the source:

  • Get an EV Code Signing Certificate: Standard certificates require a "warm-up" period of several hundred downloads before SmartScreen trusts them. An Extended Validation (EV) certificate, which costs roughly $300โ€“$500/year, provides instant reputation.
  • Submit to Microsoft: Use the Microsoft Security Intelligence portal to submit your binary for analysis. This can manually whitelist your app and speed up the reputation-building process.
  • Sign Everything: Ensure all executables and DLLs in your package are signed with the same certificate to maintain a consistent identity.

Related Error Notes