New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

[Ulryk von Pizdeshturhau]

Hey guys, here are the latest versions of DefenderUI. In DefenderUI Pro there was a bug in the training mode and in the file insight of the user prompt, but it is fixed now and running really great. DefenderUI had a small bug in the PUA setting that created a mismatch when selecting the Default Profile, but it is fixed as well. So there should not be any bugs in DefenderUI, WDAC Lockdown, or CyberLock, but if you guys find anything please let me know, thank you!

DefenderUI 1.34

https://defenderui.com/Download/InstallDefenderUI.exe

SHA-256: aff0e8a5112aa26c64a4dc3b698ded747ab5d2a319427a77f8b7ccb1150f44a6

DefenderUIPro 1.34

https://defenderui.com/Download/InstallDefenderUIPro.exe

SHA-256: 2cc79f4a85cd42064c0575fc4a30672a8d72c334699a0d8b0c5f3b6917263a22

DefenderUISilent 1.34

https://defenderui.com/Download/InstallDefenderUISilent.exe

SHA-256: 877a5cfa3aed10ffc7cfbcae6fcd28e4e09832a59d48e81c28b9f9bc492af395

Got error with 1.34 Pro

 

[danb]

View attachment 287838

Got error with 1.34 Pro

Please try to uninstall DefenderUI Pro, then disable your AV or other security software, then reinstall, thank you!

 

[Ulryk von Pizdeshturhau]

Please try to uninstall DefenderUI Pro, then disable your AV or other security software, then reinstall, thank you!

I did that but the problem still exists, I installed DefenderUI but not the Pro version and there is no problem. The problem only occurs in the Pro version.

 

[danb]

Can you please try to install Pro again, then check the Windows Event Viewer Windows Logs / Application for DefenderUI Errors?

 

[Ulryk von Pizdeshturhau]

Can you please try to install Pro again, then check the Windows Event Viewer Windows Logs / Application for DefenderUI Errors?

Yes , got 3 errors in event viewer

- System

  - Provider

   [ Name]  Application Error
   [ Guid]  {a0e9b465-b939-57d7-b27d-95d8e925ff57}
 
   EventID 1000
 
   Version 0
 
   Level 2
 
   Task 100
 
   Opcode 0
 
   Keywords 0x8000000000000000
 
  - TimeCreated

   [ SystemTime]  2025-03-25T17:54:46.1489515Z
 
   EventRecordID 22242
 
   Correlation
 
  - Execution

   [ ProcessID]  7516
   [ ThreadID]  4912
 
   Channel Application
 
   Computer DESKTOP-XXXXXXXXXXXXXXXX
 
  - Security

   [ UserID]  S-1-5-21-1857673584-1200040737-4178758337-1000
 

- EventData

  AppName DefenderUIService.exe
  AppVersion 1.0.0.0
  AppTimeStamp 67e05a3e
  ModuleName KERNELBASE.dll
  ModuleVersion 10.0.26100.3470
  ModuleTimeStamp cdfc8fa1
  ExceptionCode e0434352
  FaultingOffset 00000000000cab6a
  ProcessId 0xd5c
  ProcessCreationTime 0x1db9daeb70d21c3
  AppPath C:\Program Files\DefenderUI\DefenderUIService.exe
  ModulePath C:\WINDOWS\System32\KERNELBASE.dll

  IntegratorReportId 1b1b5b10-ba0e-4862-94c4-25a89310a6b7
  PackageFullName
  PackageRelativeAppId

- System

  - Provider

   [ Name]  .NET Runtime
 
  - EventID 1026

   [ Qualifiers]  0
 
   Version 0
 
   Level 2
 
   Task 0
 
   Opcode 0
 
   Keywords 0x80000000000000
 
  - TimeCreated

   [ SystemTime]  2025-03-25T17:54:46.0214157Z
 
   EventRecordID 22241
 
   Correlation
 
  - Execution

   [ ProcessID]  3420
   [ ThreadID]  0
 
   Channel Application
 
   Computer DESKTOP-XXXXXXXXXXXXXXXXX
 
   Security
 

- EventData

   Aplikacja: DefenderUIService.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.ServiceProcess.TimeoutException w System.ServiceProcess.ServiceController.WaitForStatus(System.ServiceProcess.ServiceControllerStatus, System.TimeSpan) w DefenderUIService.DefenderUIService.�() w DefenderUIService.DefenderUIService.Main(System.String[])

- System

  - Provider

   [ Name]  DefenderUIService
 
  - EventID 0

   [ Qualifiers]  0
 
   Version 0
 
   Level 2
 
   Task 0
 
   Opcode 0
 
   Keywords 0x80000000000000
 
  - TimeCreated

   [ SystemTime]  2025-03-25T17:52:46.2021635Z
 
   EventRecordID 22240
 
   Correlation
 
  - Execution

   [ ProcessID]  7360
   [ ThreadID]  0
 
   Channel Application
 
   Computer DESKTOP-RQ97GPU
 
   Security
 

- EventData

   Nie można uruchomić usługi. System.Reflection.TargetInvocationException: Obiekt docelowy wywołania zgłosił wyjątek. ---> System.DllNotFoundException: Nie można załadować biblioteki DLL 'SQLite.Interop.dll': Nie można odnaleźć określonego modułu. (Wyjątek od HRESULT: 0x8007007E) w System.Data.SQLite.UnsafeNativeMethods.sqlite3_config_none(SQLiteConfigOpsEnum op) w System.Data.SQLite.SQLite3.StaticIsInitialized() w System.Data.SQLite.SQLiteLog.Initialize() w System.Data.SQLite.SQLiteConnection..ctor(String connectionString, Boolean parseViaFramework) w �.�(String �, String �) w DefenderUIService.DefenderUIWCF..ctor() --- Koniec śladu stosu wyjątków wewnętrznych --- w System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) w System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) w System.ServiceModel.Description.ServiceDescription.CreateImplementation(Type serviceType) ...

 

[danb]

Very interesting, thank you for the info!

Do you have the following files in the C:\Program Files\DefenderUI\ directory?

SQLite.Interop.dll
System.Data.SQLite.dll

Another good test would be to see if CyberLock works on your system or not. If you need a license, please email me at support at cyberlock.global, thank you!

 

[Ulryk von Pizdeshturhau]

Very interesting, thank you for the info!

Do you have the following files in the C:\Program Files\DefenderUI\ directory?

SQLite.Interop.dll
System.Data.SQLite.dll

Another good test would be to see if CyberLock works on your system or not. If you need a license, please email me at support at cyberlock.global, thank you!

Yes i have these files, now im using DefenderUI (not Pro)

 

[Ulryk von Pizdeshturhau]

Another good test would be to see if CyberLock works on your system or not. If you need a license, please email me at support at cyberlock.global, thank you!

I have license for VooDooShield/Cyberlock but I don't use it at the moment. I installed cyberlock now and it works, but my problem is with DefenderUI Pro. I don't need to use the pro version of Defender UI, I currently have the non-pro version installed and I'm also happy. I'm glad I could report a bug.

 

[danb]

Thank you for letting me know... this is a very odd error, especially since both CyberLock and DefenderUI Pro use the exact same dll's that your computer is having an issue with (that is why I was curious if CyberLock was working on your machine). Hopefully if anyone else has an issue with it they will let us know.

Yeah, CyberLock + DefnderUI Free is better overall anyway. If I think of something else we can try I will let you know, thanks again!

 

[rashmi]

@danb, Why not DefenderUI with Windows security features, including WDAC and Smart Firewall (CL), and DefenderUI Pro with Windows security and CyberLock features?

 

[Ulryk von Pizdeshturhau]

Thank you for letting me know... this is a very odd error, especially since both CyberLock and DefenderUI Pro use the exact same dll's that your computer is having an issue with (that is why I was curious if CyberLock was working on your machine). Hopefully if anyone else has an issue with it they will let us know.

Yeah, CyberLock + DefnderUI Free is better overall anyway. If I think of something else we can try I will let you know, thanks again!

Thank You

 

[badboy]

I have been using DefenderUI Pro for some time. Very good software, but there are problems: when detecting activity and showing a warning, the program can sometimes "analyze" endlessly through its databases. I just know what I'm running, so I just "allow" it. Second point: there are some translation errors in Ukrainian and Russian.

Overall -- a great program, but there are some rough edges.

 

[oldschool]

but there are problems: when detecting activity and showing a warning, the program can sometimes "analyze" endlessly through its databases. I just know what I'm running, so I just "allow" it.

Indeed, there are occasional issues, which is also true for other 3rd party apps, and one reason I keep coming back to a 'Windows Security only' setup. But, to each his own ... as they say.

As an aside, I think the problem you mention was less evident, or non-existent, when VS used Virus Total for its lookup function. But that ship has sailed, and is now history..

 

[simmerskool]

As an aside, I think the problem you mention was less evident, or non-existent, when VS used Virus Total for its lookup function. But that ship has sailed, and is now history..

I am not (was not) aware the VT ship sailed -- I do not get that many popup warnings but I thought in addition to CL VoodooAi and reputation database, it also looked at VT...? I recall clearly when it analyzes a file it gives you the option for a 2d opinion, and that link opens to VT with the file's sha256. I like the explorer right click "CL Scan" feature and miss it greatly on machines where I do not have CL installed, although CL is installed on most of my win10 machines (hardware & VM) except 2 where I have AppGuard running, ie, I do not run CL & AG together.
Just did CL scan on a file: CL says Safe > VoodooAi Safe > WhitelistCloud Safe > "get second opinion" opens default browser to VT 0/72. CL= Terrific app.

 

[rashmi]

Very good software, but there are problems: when detecting activity and showing a warning, the program can sometimes "analyze" endlessly through its databases. I just know what I'm running, so I just "allow" it.

I also have the same experience with CyberLock. I have not witnessed CyberLock successfully analyze any "unknown" files. The "analyzing" status for unknown files never completes.

 

[simmerskool]

I also have the same experience with CyberLock. I have not witnessed CyberLock successfully analyze any "unknown" files. The "analyzing" status for unknown files never completes.

not sure that statement is entirely accurate in reference to its coding and general usage although it may be your experience. Are you referring to the seconds countdown "clock" in the upper right of a popup window? if so, I think you may be misinterpreting it somewhat...

 

[oldschool]

I am not (was not) aware the VT ship sailed -- I do not get that many popup warnings but I thought in addition to CL VoodooAi and reputation database, it also looked at VT...? I recall clearly when it analyzes a file it gives you the option for a 2d opinion, and that link opens to VT with the file's sha256.

@danb previously had the VT API incorporated directly into VS to give a result. This used to be available free of charge until VT changed the terms making it a paid only service, which is when it was removed from VS. What you have now is a link for users to make the check at the VT website. So think "local", as in "incorporated into", vs "non-local" implementations. Now the user has to take the initiative to make the check.