New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

[danb]

I forgot to mention, there will obviously be more blocks if the Dynamic Security Postures settings is enabled (assuming a web app is running). But this feature is only doing what it is designed to do... lock the computer when it is at risk .

So if you are testing for unwanted blocks, it is probably best to disable the Dynamic Security Postures feature for a day or so, then enable it if you wish.

 

[VecchioScarpone]

@danb

Macrium Reflect blocks fix

 

[VecchioScarpone]

@danb FYI

Dynamic Security Postures settings enabled did not interfere with CMD nor Macrium.

 

[Stelica]

@danb
I noticed that if I made the settings for the user, they are not the same for the administrator or vice versa. I had to make the settings for each user.

 

[Stelica]

I had only two alerts - filecoauth.exe (OneDrive) and sandboxiecrypto.exe (Sandboxie)!
Dynamic Security Posture setting is enabled.

 

[l0rdraiden]

Hey guys,

Here is the latest, I will catch up on the posts asap.

Approximately 50-75% of the blocks have been fixed, but there will still be some blocks for a few more versions. I am trying to keep the number of rules to a minimum, so I am trying not to add tons of rules all at once. But we really are close.

If you want to test to see if your blocks have been fixed, just reset the whitelist and see how it goes.

I realize some of the translations are too long and I will work on that soon, I was just focusing on the blocks for now.

Please remember to not run VS with DefenderUI Pro, it will simply not work well at all. If you want to run VS with DefenderUI Free, that does work well.

BTW, if these new features turn out as planned, we will probably be replacing VS's engine with this engine in the near future, and then add back the other VS features like rules, custom folders, etc. The VS code is solid, but after 10 years of working on VS, I figured it was time to rethink the engine. In a nutshell, the contextual engine is a highly refined and optimized version of the original anti-exploit feature of VS. The goal is to minimize unwanted blocks as much as possible while blocking what really needs to be blocked.

For now there is not a way to edit the whitelist, and I am not even sure it is needed since the whitelist is not a whitelist snapshot, it is more like a list of exclusions. But either way we will figure it out.

DefenderUIPro 0.93 beta

https://defenderui.com/Download/InstallDefenderUIPro093beta.exe

SHA-256: 22f315077b0a2d6443a60821970689b916775193f1e2507a3c1c5e4c4cf997c3

Thank you guys!

Xbox App for win10 still is not able to launch any game, Dynamic security is disable, when I open the game I get the notification popup (too small) I allow it but then nothing happens, and If I try to lauch the game again, nothing happens.

 

[Stelica]

Xbox App for win10 still is not able to launch any game, Dynamic security is disable, when I open the game I get the notification popup (too small) I allow it but then nothing happens, and If I try to lauch the game again, nothing happens.
View attachment 261383

It's possible to be ASR rules. Reset the white list, put the DefenderUI in interactive mode and try to launch the game. Allow alerts received. This is my opinion, I don't know if it's good!

 

[l0rdraiden]

It's possible to be ASR rules. Reset the white list, put the DefenderUI in interactive mode and try to launch the game. Allow alerts received. This is my opinion, I don't know if it's good!

It must be something related with defender guard because it was working before and ASR have exactly the same settings, resetting the whitelist doesn't help either.
DefenderUI is already in interactive mode.

 

[Stelica]

It must be something related with defender guard because it was working before and ASR have exactly the same settings, resetting the whitelist doesn't help either.
DefenderUI is already in interactive mode.

Sorry! I think only Dan can solve it.

 

[Gandalf_The_Grey]

@danb I got a few blocks today and I allowed them.
I know that you are logging them so no need to post them.
I hope you can solve most soon.

 

[danb]

Hey guys,

Here is the latest. Approximately 90-95% of the blocks should be fixed now. To test old blocks please reset your whitelist.

DefenderUIPro 0.94 beta

https://defenderui.com/Download/InstallDefenderUIPro094beta.exe

SHA-256: d957d9b3a04544fe69f521fee9d8422b0d2b4dc96a974afbbc2c33bb76fde783

I really should be able to catch up on the posts asap, hopefully today.

I see there are some modifications to the language translations. If possible, can you keep a list of the changes, then in a couple of days when the blocks are finished, I will see if you can pm or email them to me and I will fix them right away.

Thank you guys!

 

[Stelica]

For romanian translation I have only two changes
- Cloud check timeout with Expirarea verificării în cloud in Basic
- Tamper protection activat with Protecţia împotriva alterării activată in Home
Also two observations
- In ASR rules, incomplete content for last rule

- In DefenderUI Pro settings, incomplete content for last setting

 

[silversurfer]

DefenderUIPro 0.94 beta, with enabled 'Dynamic Security Postures'. Here works flawlessly so far since yesterday
Reset the whitelist first was done by me, I had to allow manually a few portable tools only like Autoruns, ProcessExplorer, etc.

 

[l0rdraiden]

Hey guys,

Here is the latest. Approximately 90-95% of the blocks should be fixed now. To test old blocks please reset your whitelist.

DefenderUIPro 0.94 beta

https://defenderui.com/Download/InstallDefenderUIPro094beta.exe

SHA-256: d957d9b3a04544fe69f521fee9d8422b0d2b4dc96a974afbbc2c33bb76fde783

I really should be able to catch up on the posts asap, hopefully today.

I see there are some modifications to the language translations. If possible, can you keep a list of the changes, then in a couple of days when the blocks are finished, I will see if you can pm or email them to me and I will fix them right away.

Thank you guys!

Games in Xbox App still can't launch

 

[Stelica]

An other block appears when I want to clean temporary files - dismhost.exe. I had to allow it. (Dynamic Security Posture enabled)
Information - dismhost.exe executes as a process with the local user's privileges typically within the context of its parent cleanmgr.exe.

 

[danb]

FYI 0.91 asked to exit 0.90 before installation.
Is there a way to see what is whitelisted? Will there be a prompt if an unsafe file is detected? Similar to WLC.

At some point we will probably have a way to view the Exclusions / Whitelist, I just haven't figured out the best way to do that yet, mainly because I want to keep it as simple as possible.

 

[danb]

Hi,
If I want to install DefenderUI Pro I must first uninstall free version or I can install over it?
Thank you!

You can install DefenderUI Pro over the top of DefenderUI Free.

 

[danb]

Sorry if the question was answered already but will there be or is there already auto-update implemented? I'd like to install it on the machines of my family members and can't really check for updates all the time.

There is an auto update that is just like the one in DefenderUI Free, I just have not activated it yet for DefenderUI Pro, but I will soon.

 

[danb]

When I tested the free version I got an automatic update to a new version, but i had to answer an elevation (UAC) prompt.
That would be a problem when installing on family members pcs.

Yeah, unfortunately the installer requires elevation. Hopefully users will see DefenderUI and allow it.

 

[danb]

I don't think that the free version will take 6 more months of developement. It's just a tool to modify the settings of Defender and I doubt that it takes that much time. I don't know what the plans for the pro version are so maybe you are right about that one.

We are actually almost pretty much finished with both of the apps. Well, for now, until we add new features. We want to keep it simple though.