When I try to reproduce the block with Windows Disk Cleanup, it does not trigger dismhost for some reason. I am pretty sure that rule is correct, but I can for sure fix it if I can reproduce the block. Is there anything special that you do when you launch disk cleanup? Thank you!For me Windows update works (Windows 10 Pro). After I reset the whitelist I had to allow dismhost.exe. It appears when I want to clean temporary files (disk cleaning). Thank you!
There was one more rule that needed to be added for Windows Updates, so here is the latest. If dismhost is still being blocked, please let me know how you trigger the block so I can reproduce it on my system. Other than that I think we are close.
DefenderUIPro 0.98 beta
BTW, the Microsoft Update debacle did not appear to be fixed today so I played around with it a little and found that if you delete the contents of the C:\ProgramData\Package Cache directory, then check for updates, it seems to have fixed the issue.
DefenderGuard, as you guys can guess, is a component to further protect MD. One of the main features that I always wanted in MD was one that auto reactivated MD when the user disables it, so that is why the feature was initially developed. It currently does not monitor the registry for changes to MD, but DG is a work in progress and we can always add whatever new features and protections as we go. Thank you!@danb Could you elaborate on how DefenderGuard works?
As far as I'm aware, malware can disable Defender by either adding entries like DisableScanOnRealtimeEnable/BehaviorMonitoring, etc. to the registry, by deleting the registry entries that allow Defender to function, or by adding itself to Defender's exclusions (if any of these have already been mitigated by Tamper Protection then please excuse my ignorance).
I'm curious to know how DefenderGuard works in reactivating Defender, and if/how it would do so if any of these scenarios occurred.
Yes, when Tamper Protection is enabled there are a handful of features in DefenderUI that will not work, and MD Real-time protection is one of these features. So since MD Real-time protection is disabled, then Disable All is disabled as well. And this prompt is basically asking you if you want DefenderUI to take you to the place in MD where you can disable Tamper Protection. So if you click No, then nothing happens, but if you click Yes, DefenderUI will take you to the place in MD where you can disable Tamper Protection. Thank you!@danb Excuse my inaccurate use of terms here... as temporarily, I have DUI uninstalled.
When I "disable all" I get a pop-up instructing me to change a Windows Security setting. The wording is quite unclear as to what/why/when I do this... or undo this.
Can you explain what this is about, and why I must manually change a security setting when selecting "disable all" and exactly what is the difference between the "yes" and "no" buttons on that pop-up? Each time I've done this, I have zero ideal of what I'm doing, and its effect on my PC security. Thank you.
I'm still confused. After installing .98, I set the application to "Aggressive Profile". Doing so did not require me to disable Tamper Protection.Yes, when Tamper Protection is enabled there are a handful of features in DefenderUI that will not work, and MD Real-time protection is one of these features.
It's hard to say for sure because that is a flag that is set by Inno Setup (the software a lot of developers use to build their installers). I googled to see if I could find where Inno Setup looks in the registry, but could not find anything.Thanks for that explanation @danb ... I have a somewhat related question... an issue with my PC, not your app... When attempting to clean install .98, I get this...
Since I'm running Win10 Home x64 20H2, I'm curious where the installer program looks, so perhaps I can fix this once and for all (it has happened with other installations). Apologies for the semi-OT post.
Yes, most of the features in DefenderUI do not require Tamper Protection to be disabled. The only features that do require Tamper Protection to be disabled are: Real-time Protection, Behavior Monitoring, Scan all downloaded files and attachments, Script scanning and Threat Default Actions. So there are the only features that are not available, and this applies to all profiles. Thank you!I'm still confused. After installing .98, I set the application to "Aggressive Profile". Doing so did not require me to disable Tamper Protection.
Which features in DefenderUI am I missing with the "aggressive" setting that would require me to disable WD Tamper Protection? Thanks!
Yes, most of the features in DefenderUI do not require Tamper Protection to be disabled. The only features that do require Tamper Protection to be disabled are: Real-time Protection, Behavior Monitoring, Scan all downloaded files and attachments, Script scanning and Threat Default Actions.
DefenderUI Pro version 0.98 bêta fixed my slowdown problems on both my machines. Thanks to Dan
We can go either way on this, and whatever makes the most sense to the end user is great with me. The reason Threat Default Actions are greyed out when Tamper Protection is enabled is because the Threat Default Actions settings are completely unavailable when Tamper Protection is enabled. Whereas with Scan Scripts, for example, the toggle button displays the current setting, but when the user clicks the toggle button, they get a prompt to let them know that it is not adjustable when Tamper Protection is enabled. So basically, it works exactly like it does in CD, except DefenderUI also has a prompt to let you know that the settings has not been changed, and that you have to disable Tamper Protection in order to adjust these settings.Thanks. So a followup. On my system, Tamper Protection is enabled. However, on DefenderUI, all the features you listed, except for Threat Default Actions, show as enabled (I assume they are active when shown in blue). So maybe they aren't affected by Tamper Protection? Or there is something I've yet to grasp?
Thanks. That installer ran fine, but also, I was able to trigger the standard installer after rebooting. So I'll have to puzzle this out.