When smartshield is enabled Chrome sets the Mark of the Web (MOTW) Alternate Data Stream (ADS) file for downloads "Zone.Identifier" to signal that it's from the Internet (zone 3).

e.g.

[ZoneTransfer]
ZoneId=3

If the additional fields "ReferrerUrl" and "HostUrl" are set and Smartshield is enabled then a smartshield ping is sent upon shell execution (i.e. double click in explorer, or click on the download in the Chrome download shelf).

This would mean that downloads would be scanned by both Chrome Safe Browsing and also SmartShield - currently they are only scanned by Chrome Safe Browsing.

To repro this follow these steps:

0. Verify Smartshield is enabled.
1. Visit https://demo.smartscreen.msft.net/
2. Download "Known Malware" at the bottom right of the page. This saves "knownmalicious.exe" to your downloads folder.
3. Verify that clicking on the download in the Chrome download shelf, or in explorer, presents no warning.

Now to test proposed behavior, do the following:

-1. Delete the knownmalicious.exe file from previous test.
0. Verify Smartshield is enabled.
1. Visit https://demo.smartscreen.msft.net/
2. Download "Known Malware" at the bottom right of the page. This saves "knownmalicious.exe" to your downloads folder.
3. Open the "Zone.Identifier" alternate data stream for "knownmalicious.exe" in notepad by running:
  notepad c:\mydownloads\knownmalicious.exe:Zone.Identifier
4. The file should say:

[ZoneTransfer]
ZoneId=3

Change this to:

[ZoneTransfer]
ZoneId=3
ReferrerUrl=https://demo.smartscreen.msft.net/
HostUrl=https://demo.smartscreen.msft.net/download/known/knownmalicious.exe

5. Verify that clicking on the download in the Chrome download shelf, or in explorer, presents a smartshield warning.