New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

[danb]

Regarding dismhost it occurs when I request disk cleaning, system files cleaning (for example when I want to delete old restore points)
But I did not understand the issue discussed about tamper protection. I have DUI Pro in the recommended mode, tamper protection enabled and the only feature which does not work with tamper protection enabled is Threat Default action. Thank you!

Thank you, that was driving me crazy trying to figure out how to reproduce the block. On my system this block is fixed in 0.98, but from what I gather, it is still blocked on your system? If so, I can send you a special version of DefenderUI that will tell us exactly why it is still being blocked. So if it is still being blocked, please let me know and I will create a version to send you. Thank you!

 

[JasonUK]

I believe the plan is to update Voodooshield with the engine now being tested in DefenderUI Pro... will Voodooshield also need Tamper Protection disabled too in the future assuming it will share some of the behavourial monitoring etc? Apologies if this is a silly question but where each product's protection starts & ends sometimes goes over my head

 

[Stelica]

Thank you, that was driving me crazy trying to figure out how to reproduce the block. On my system this block is fixed in 0.98, but from what I gather, it is still blocked on your system? If so, I can send you a special version of DefenderUI that will tell us exactly why it is still being blocked. So if it is still being blocked, please let me know and I will create a version to send you. Thank you!

Now I have no problem with dismhost.exe. I reset the whitelist and the block no longer appears. Thank you!

 

[danb]

I believe the plan is to update Voodooshield with the engine now being tested in DefenderUI Pro... will Voodooshield also need Tamper Protection disabled too in the future assuming it will share some of the behavourial monitoring etc? Apologies if this is a silly question but where each product's protection starts & ends sometimes goes over my head

The Tamper Protection restriction only applies to the handful of MD settings, and since VS does not include these MD settings, this will not be an issue for VS. A couple of years ago I was going to include some of the MD settings in VS, but I think it is much better to have a completely separate product (DefenderUI).

And yes, the Contextual Engine I am working on for DefenderUI will most likely replace a lot of code and features in VS. When I first started building the new Contextual Engine, I was unsure if it was even possible to build such a thing, and I was also not sure if it would actually protect the system while further reducing unwanted blocks. But it looks like we are in the clear now, so it is full steam ahead. BTW, if I would have tried to build the new Contextual Engine in VS, it would have been a total mess. But since I built it with DefenderUI, it allowed me to build it from scratch. So I am not putting VS on the back burner by any means... it is just better and easier to do it this way.

Once everything is in place, I will explain how the new contextual engine works, even though it is quite difficult to describe. I am actually still coming up with new features within the engine, but I believe it is almost complete. And once it is complete, VS will behave essentially like DefenderUI Pro, so it should be just as robust as VS, with fewer unwanted blocks, and we may be able to completely remove Command Lines from VS. Command Lines are still handled in the Contextual Engine, but in a really unique way that should not involve user intervention. Thank you!

 

[danb]

Now I have no problem with dismhost.exe. I reset the list and the block no longer appears. Thank you!

Very cool, thank you for letting me know!

 

[Moonhorse]

it works exactly like it does in CD, except DefenderUI also has a prompt to let you know that the settings has not been changed

This is why i prefer this over CD, even though both work as good

 

[JasonUK]

How easy would it be to change the DefenderUI system tray icon to show if Windows Security was requesting action?

To clarify what I mean, the Windows Security system tray icon will show a yellow exclamation mark instead of a green tick when an action is required.. perhaps a setting needs to be enabled or a scan run or whatever. The loading of the Windows Security system icon appears a bit sporadic though.. sometimes it loads, sometimes not. If it isn't being displayed the user wouldn't know an action was required which wouldn't matter if DefenderUI icon (which always loads!) was also mirroring the fact that action was required.

This would be a 'nice to have' feature only... if the Windows Security icon showed consistently (unless its just my PC) it wouldn't be necessary at all!

 

[Gandalf_The_Grey]

Mail from @danb :

Hey Guys!

Sorry I have been away, things have been a little crazy. Here are the latest version of VoodooShield, DefenderUI and DefenderUI Pro.

I did my best on the language translations, and at this point we will just need to have native speakers refine them more. I realize that we still have to work on the VS rules feature to refine it a little more, so hopefully we can do that soon.

VS 7.00

https://voodooshield.com/Download/InstallVoodooShield.exe

SHA-256: 219d478dab7e2391beeb5c6ab124b840178b73d3b06c228434f3b1d4a1805dec

DefenderUI 1.01

https://defenderui.com/Download/InstallDefenderUI.exe

SHA-256: 03e3efb14dea52c3857fb83277cf0903f30e0e85fc9df2d982781c40417eafc5

DefenderUIPro 1.01

https://defenderui.com/Download/InstallDefenderUIPro.exe

SHA-256: e4a934acc7f99cfbfa39cbff19dae73cea7d7c69084c95f224c71776d47c5758

Thank you guys for all of your help!

I hope everyone had a very Merry Christmas and has an even better Happy New Year!!!

Thank you,

Dan

Sorry, I forgot to mention that VS and DefenderUI will update themselves. DefenderUI Pro will start updating itself after the 1.01 version.

 

[Tutman]

@danb I installed latest DefenderUIPro to test and it shows the service is running but I can not get any GUI to open. I rebooted and it shows installed and running. I am confused.

 

[Tutman]

@Gandalf_The_Grey Are you in touch with Dan via email? I see he still hasn't been on here and I can not get Defenderui Pro to work properly. I will try to reinstall one more time. Thanks!

 

[oldschool]

@Gandalf_The_Grey Are you in touch with Dan via email? I see he still hasn't been on here and I can not get Defenderui Pro to work properly. I will try to reinstall one more time. Thanks!

You my email him directly at voodooshield.com.

 

[Tutman]

You my email him directly at voodooshield.com.

Thank you! I will if it is still not working after reinstall. Maybe I need to disable the Hard configurator settings first?

 

[oldschool]

Maybe I need to disable the Hard configurator settings first?

You're welcome. Just to be sure it's not interfering switch H_C off. Andy made it easy! Let us know how it goes.

 

[Tutman]

Still not working. I disabled the HC settings and hit apply and then tried to install and run DefenderUi Pro. It installs fine and the DefenderUI service shows running in task manager. I do not have Voodoosheild installed at all either. I am running Kaspersky Cloud free at this time and Wisevector Stopx but also disabled both of those prior to install also. Still nothing. Just the service running and nothing else will load or show on screen. I emailed @danb on the Voodoosheild site via the support form.

 

[Gandalf_The_Grey]

@Gandalf_The_Grey Are you in touch with Dan via email? I see he still hasn't been on here and I can not get Defenderui Pro to work properly. I will try to reinstall one more time. Thanks!

I'm in contact with Dan at the moment over a bug I found in DerfenderUI Pro and to improve the Dutch translation.
He is working on an updated version, but it will take some time.
Suggest for the moment to use DefenderUI Free with VoodooShield Free/Pro.
That is a rock-solid combination on the laptops of my two children.

 

[Gandalf_The_Grey]

Still not working. I disabled the HC settings and hit apply and then tried to install and run DefenderUi Pro. It installs fine and the DefenderUI service shows running in task manager. I do not have Voodoosheild installed at all either. I am running Kaspersky Cloud free at this time and Wisevector Stopx but also disabled both of those prior to install also. Still nothing. Just the service running and nothing else will load or show on screen. I emailed @danb on the Voodoosheild site via the support form.

DefenderUI Pro is for Microsoft Defender. A sort of combination of ConfigureDefender, Simple Windows Hardening and VoodooShield.
Having Hard_Configurator, Kaspersky Security Cloud Free and Wisevector Stopx on your system makes things very complicated
I think it is best to remove all other security and hardening software before installing DefenderUi Pro.

 

[oldschool]

Having Hard_Configurator, Kaspersky Security Cloud Free and Wisevector Stopx on your system makes things very complicated
I think it is best to remove all other security and hardening software before installing DefenderUi Pro.

Serious overkill!
@Tutman please create your security cofiguration thread so other members may more easily help you in this type of situation.

 

[Tutman]

He is troubleshooting with me via email. Thanks!

 

[Tutman]

Serious overkill!

DefenderUI Pro is for Microsoft Defender. A sort of combination of ConfigureDefender, Simple Windows Hardening and VoodooShield.
Having Hard_Configurator, Kaspersky Security Cloud Free and Wisevector Stopx on your system makes things very complicated
I think it is best to remove all other security and hardening software before installing DefenderUi Pro.

I know it seems that way BUT I use Wisevector for the HIPS and Kaspersky for the main AV and Hard conifgurator for the firewall settings and script blocking. You may say overkill and
me being paranoid but I have reason to be. I was the vicitim of a RAT last spring and it was horrible with this person stalking and mocking us and SWATTING us also.

And I had Norton and then Mcafee installed and then AVG (don't even remember which at the time of attack) but it was NOT detected by the AV before or during the breach. And I also had tried to wipe system and had my main AV and commodo with cruel sister sittings and the hacker was still in the system!

 

[upnorth]

I know it seems that way BUT I use Wisevector for the HIPS and Kaspersky for the main AV and Hard conifgurator for the firewall settings and script blocking. You may say overkill and
me being paranoid but I have reason to be. I was the vicitim of a RAT last spring and it was horrible with this person stalking and mocking us and SWATTING us also.

And I had Norton and then Mcafee installed and then AVG (don't even remember which at the time of attack) but it was NOT detected by the AV before or during the breach. And I also had tried to wipe system and had my main AV and commodo with cruel sister sittings and the hacker was still in the system!

A bit off topic from my part, but important enough to mention. Sad to hear about, but also a story something good can potentially come from as it shows again that no software or configuration is bulletproof, but that is also by itself nothing new. I just find it sad when people still get serious infected, but then it's dead easy for the victim blaming to roll of the bandwagon, so don't be surprised if it hits as well. But please use the report option if it starts feeling too personal, rude or harsh.

If you want, your warm welcome to share a little more of your story. I'm personal for example curious how it finally was solved or when you noticed the problem was gone. Write that in your profile or in another thread if you're comfortable with it. Thanks anyway for your brave share. It's a interesting one.

I do have one more thing I would like to share, as it's a 100% free service for anyone in a similar situation can try to use.

Windows Malware Removal Help & Support

Get help removing adware, malware, spyware, ransomware, trojans, and viruses from Windows PCs. Follow the instructions in the pinned topics first. For security purposes, only authorized members may respond to requests for assistance.

malwaretips.com