- Mar 29, 2018
- 7,613
@Tutman No member of this forum is happy when another member reports an infection incident.
DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender
- Thread starter danb
- Start date
- Apr 17, 2020
- 542
Thanks much! It infected all 3 of my family PC's. We didn't know about it for months. They were able to control the pc and open web pages and talk via the text to voice built in app among other things. They could HEAR us and would respond when we talked to them. None of the PC's have a mic or a camera. I still can't figure out how they did that. And since theyBut please use the report option if it starts feeling too personal, rude or harsh.
If you want, your warm welcome to share a little more of your story. I'm personal for example curious how it finally was solved or when you noticed the problem was gone. Write that in your profile or in another thread if you're comfortable with it. Thanks anyway for your brave share. It's a interesting one.
I do have one more thing I would like to share, as it's a 100% free service for anyone in a similar situation can try to use.
Windows Malware Removal Help & Support
Get help removing adware, malware, spyware, ransomware, trojans, and viruses from Windows PCs. Follow the instructions in the pinned topics first. For security purposes, only authorized members may respond to requests for assistance.malwaretips.com
could hear us they heard me tell my wife our master password for the password manager and then they had it ALL! We had to delete our main email accounts and lucky after months and months we are mostly stable now and had to retrieve access to all our sites. We tried to reformat and reinstall windows and then they would show up again and still have access but more limited. Finally we wiped the drives and deleted partition and reinstalled windows at least 3 times. We are still very cautious but it seems to be gone. I am sure the reason we could not remove them is because we switched to SSD's instead of HD and I hear that RATS can make windows think there are bad sectors on SSD's and hide in the memory blocks and possibly reinstall themselves? I think this would have been less of an issue if we just had regular spinner HD's.
BTW I recommend NEVER use protonmail or gmail accounts if possible. I like to never got my google act deleted. Because they took it over and they just would put the password back in that they "remembered" aka changed it to and they would have it back again from me. And I would delete the account and they would re-activate it. A complete joke of security from that company! Also with protonmail and google gmail you can have mulitple instances of access at one time. So I would be in it and they would also!!!
I tried proton after deleting my main email when I thought system was disinfected and found out it was horrible as I said can have mulitple access. I know use Mailfence and
recommend them completely!
(Feel free to move this post to a new thread if needed!)
Last edited:
- Apr 17, 2020
- 542
Appreciate it! I would hope not. I didn't say they would.... just a warning from @upnorth maybe from previous experience on his part?
- May 29, 2018
- 2,728
I can agree about google accounts, i had problem in past with adware corrupting google account, and what an hassle it was getting rid of it..but that was years ago
I used to be in clan communities ( video games) and it was daily occur to see someone getting ratted, doxed & hacked (all words possible)
So i can believe how horrible it is when someone is on your computer , taking over it or less worse taking over single account
After all there is still good people here in world
And for now, just secure every online account with 2 factor authentication, even it feels that noone is going after you that 1 minute to set it up might save you from hours of recovering account back
You might be paranoid about antivirus, using multiple of them.. i can understand that and the reason behind it ^ but it might affect and wil affect into antivirus working correctly. I would take full suite of antivirus and good email provider ( i dont know wich the one is you are using as it says nothing to me ) wich you have done already
Btw sorry for little offtopic i just realised im in defenderui topic, but about defenderui...the free version newest one is working fine for me
I used to be in clan communities ( video games) and it was daily occur to see someone getting ratted, doxed & hacked (all words possible)
So i can believe how horrible it is when someone is on your computer , taking over it or less worse taking over single account
After all there is still good people here in world
And for now, just secure every online account with 2 factor authentication, even it feels that noone is going after you that 1 minute to set it up might save you from hours of recovering account back
You might be paranoid about antivirus, using multiple of them.. i can understand that and the reason behind it ^ but it might affect and wil affect into antivirus working correctly. I would take full suite of antivirus and good email provider ( i dont know wich the one is you are using as it says nothing to me ) wich you have done already
Btw sorry for little offtopic i just realised im in defenderui topic, but about defenderui...the free version newest one is working fine for me
- Jul 27, 2015
- 5,458
As long the OP ( @danb ) don't disapprove, and I highly doubt he will because you @Tutman is also a genuine active user of his software, there is no real reason for it to be moved. It's also a very short remark/sidenote within 2 or 3 posts. It's an interesting story what can happen if one gets infected. But in general it's always better to try stay on topic as much as possible as it's always more and better helpful for both the developer and the users, and even the guests that reads it.
Sort of, or more a heads up because either we like it or not, all forums/sites, platforms etc will always have some amount of people that can't behave and act like normal adults. That's also the reason for the advice about the existing report option. It's there so we the staff can hopefully help members faster, as it's impossible for us to read and catch everything.
- Apr 24, 2016
- 7,256
Okay, I can understand and sympathize (with) you, but DefenderUI Pro has no use in this config.
Main AVs are KSC Free and WiseVector, no need for controlling Defender (DefenderUI Pro).
System is locked down with Hard_Configurator.
You can (but not need) use VoodooShield (Free or Pro) for extra protection and seeing thru its logs and alerts what's happening software wise on your system.
DefenderUi Pro does something similar to Hard_Configurator and DefenderUI Pro is not compatible with VoodooShield, according to @danb because they are doing the same thing.
My conclusion is that you can use all that, but do not use DefenderUI Pro.
EDIT: I would also skip WiseVector and use Kaspersky Security Cloud Free, and VoodooShield as active protection and use Hard_Configurator to harden your system.
For further protection use Microsoft Edge with uBlock Origin and have a look at the available blocking modes of uBlock Origin.
Last edited:
- Aug 22, 2013
- 886
1. use a secure DOH capable router and a doh, route all the traffic through it ( I would suggest NextDns and a Mikrotik router)
2. Always use a secure password manager ( aka Bitwarden or similar)
3. Always use a 2FA app the one like Authy to protect your google/Microsoft or other sensitive accounts. its free and very effective in cases like yours.
4. Password protect your admin rights in windows if you are using an admin account so that nothing gets installed with admin rights without human intervention.
5.Use a linux live cd to format your hard drives or ssd if you are in doubt a persisting infection.
- Apr 17, 2020
- 542
Yep I do always use 2 factor now. And I WAS using Bitwarden and it was compromised. 
I did delete the account though. The reason I use Wisevector as secondary along with KSC is because I believe when I was testing it back December last year it detected the initial RAT attempt! ( If you look at my post in Wisevector thread about an alert I received. ) But scan
after scan with different AV never detected anything EXCEPT Wisevector intially DID!! I should have kept using it. It does not conflict or use much memory or processor to have it running in real time along with KSC. And good idea about the linux cd to format the drive!
BTW last comment on the subject unless @danb approves. After reformatting and getting my systems back and finally recouping all my online accounts etc... I used Tinywall for about 6 months so I had FULL control on firewall. But it became tedious when I need to update programs to try to whitelist and family members getting annoyed and having to switch to allow or auto learn to let updates through for programs, steam, games etc.. And that defeated the purpose when you allow all! SO I now use Glasswire Elite and I can check virus total and search whois for ANYthing outbound with a simple click.
The hacker was not amused when they became locked out of our systems and resorted to Swatting us and having the PD come to our house often and finally he gave up and stopped.
I did delete the account though. The reason I use Wisevector as secondary along with KSC is because I believe when I was testing it back December last year it detected the initial RAT attempt! ( If you look at my post in Wisevector thread about an alert I received. ) But scanafter scan with different AV never detected anything EXCEPT Wisevector intially DID!! I should have kept using it. It does not conflict or use much memory or processor to have it running in real time along with KSC. And good idea about the linux cd to format the drive!
BTW last comment on the subject unless @danb approves. After reformatting and getting my systems back and finally recouping all my online accounts etc... I used Tinywall for about 6 months so I had FULL control on firewall. But it became tedious when I need to update programs to try to whitelist and family members getting annoyed and having to switch to allow or auto learn to let updates through for programs, steam, games etc.. And that defeated the purpose when you allow all! SO I now use Glasswire Elite and I can check virus total and search whois for ANYthing outbound with a simple click.
The hacker was not amused when they became locked out of our systems and resorted to Swatting us and having the PD come to our house often and finally he gave up and stopped.
- Apr 17, 2020
- 542
I use Adguard instead of ublock origin. And bitfefender traffic light. I may just switch back to Voodoosheild free since it does work but the DefenderUI free and Pro will not working anymore on my system for some reason. They both did weeks ago. I like Hard configurator but was hoping to try DefenderPro so see if it alerts whereas Hard Configurator is silent blocking.
- Apr 17, 2020
- 542
Also per @danb via an email conversation he said it is ok since I have been off topic!
- Apr 24, 2016
- 7,256
The alerts form DefenderUI Pro are more or less the same as VoodooShield because they are now based on the same engine.
If you are not using Microsoft Defender as realtime AV, DefenderUI Free and Pro are useless in your config and it is better to use VoodooShield.
From the DefenderUI website:
DefenderUI
@Tutman If you don't have an old lifetime license for GW I'd rather spend the money on a full (e.g. Kaspersky) Internet security license and tweak the settings more paranoid (if wanted). Yes on GW you see that e.g svchost is clean but how do you know it's not abused by another process (Lolbin or such) ? My knowledge would be not good enough for that.
To be on topic: Like Gandalf said if you are not using MS Defender as main AV better try Voodooshield because the other ones are created to "beef up" MS Defender.
To be on topic: Like Gandalf said if you are not using MS Defender as main AV better try Voodooshield because the other ones are created to "beef up" MS Defender.
- Apr 17, 2020
- 542
Well I am also using SWH (switched from Hard configurator) and the firewall blocking rules so they should block any LOL bins. I don't have funds to get full license of any AV.
But between Kaspersky Cloud free AND Wisevector Stopx AND Andy's SWH AND now voodooshield I think I am safe.
- Apr 17, 2020
- 542
Yes thanks Danb confirmed that to me.The alerts form DefenderUI Pro are more or less the same as VoodooShield because they are now based on the same engine.
If you are not using Microsoft Defender as realtime AV, DefenderUI Free and Pro are useless in your config and it is better to use VoodooShield.
From the DefenderUI website:
DefenderUI
defenderui.com
- Jan 27, 2018
- 1,410
Please tell me your not using SWH, VS, Kaspersky and Wise Vector all at the same time.
- Apr 17, 2020
- 542
Yep for now I sure am! LOL With no slowdown or problems.
- Jan 27, 2018
- 1,410
Glad it works for you, but I know you realize that having too many security programs can cause issues . For instance, they may fight over who is going to block what and in the meantime while they are fighting a nasty may sneak onto your system. I think you could pick 2 of the 4 and be well protected, but what do I know??
- Apr 17, 2020
- 542
You are very well in most cases correct! But I do not know if you scrolled up and read the information as to why I run all these side by side?
@Tutman You mentioned using Glasswire elite (which is expensive). That's why I suggested rather using a full Security suite with tweaked settings instead.
Anyway have a nice and safe weekend
Anyway have a nice and safe weekend
- Aug 17, 2014
- 11,108
Just my suggestion: you will be protected enough with Kaspersky SC free and VoodooShield, optional using SWH as it has no processes running in Real-time...
Wisevector StopX free is probably equal to KSC free, but as you know, no registration into Windows Security Center, WiseVector doesn't work alone to disable WD/MD.
Similar threads
