New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Oops, sorry about that. I was moving stuff around and forgot to put it where it goes. It is fixed in this version, along with a few small bugs in the exceptions. Light mode is a little better now... I am still working on it. I should just hire an artist to choose the colors.

DefenderUI 0.71 beta
SHA-256: 3ed81908d79fe3307ae86731b73e11cab3798856bfc8cd99f91e6bf2b1502311

BTW, I am delaying the auto upgrade a few hours each time, just to make sure it does not download the previous cached version and put DefenderUI into an infinite install loop. I purge the cache, but even when I do it can still take some time.

Thank you!
Hi Dan,

It seems that the Signature update interval in the Advanced settings doesn't work anymore.
I'm not getting the latest updates every 2 hours.
Was no problem with version 0.70.

Before you add any more features can you see if you can get Block history, Protected folders and Allow app to work in Basic, Controlled folder access?
 
Last edited:

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Hi Dan,

It seems that the Signature update interval in the Advanced settings doesn't work anymore.
I'm not getting the latest updates every 2 hours.
Was no problem with version 0.70.

Before you add any more features can you see if you can get Block history, Protected folders and Allow app to work in Basic, Controlled folder access?
I will take a look at the Signature update interval. Nothing changed in this code that I can remember, so it should be an easy fix. BTW, how are you checking to see if the Signature update fires every two hours? Please let me know so I can confirm that it is fixed.

The Block History (now part of the Defender Security Log) is finished and I am going to finish the other CFA stuff tonight or tomorrow.

BTW, there was a bug in the Scan and Exceptions treeview / datagridview features for Windows 11, but that is fixed now as well. Once I am finished with everything I will test on Windows 11 again to make sure everything is working. Thank you!
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
キャプチャ.PNG

This is good news for me:)(y)I want that day to come soon!!
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
436
I will take a look at the Signature update interval. Nothing changed in this code that I can remember, so it should be an easy fix. BTW, how are you checking to see if the Signature update fires every two hours? Please let me know so I can confirm that it is fixed.

The Block History (now part of the Defender Security Log) is finished and I am going to finish the other CFA stuff tonight or tomorrow.

BTW, there was a bug in the Scan and Exceptions treeview / datagridview features for Windows 11, but that is fixed now as well. Once I am finished with everything I will test on Windows 11 again to make sure everything is working. Thank you!

Should it not be an option to open Windows Security from within Defender GUI? I could not find any now and had to go through MS icon in tray.

Light mode looks nice but the text is to light and the background is also to light. With bigger difference between them it would not be so hard on the eyes.

I see that it will come in Swedish, i guess you already have a translator?
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
I will take a look at the Signature update interval. Nothing changed in this code that I can remember, so it should be an easy fix. BTW, how are you checking to see if the Signature update fires every two hours? Please let me know so I can confirm that it is fixed.

The Block History (now part of the Defender Security Log) is finished and I am going to finish the other CFA stuff tonight or tomorrow.

BTW, there was a bug in the Scan and Exceptions treeview / datagridview features for Windows 11, but that is fixed now as well. Once I am finished with everything I will test on Windows 11 again to make sure everything is working. Thank you!
I check if the signatures are updated every two hours by looking at Last update at the Home tab next to the button Update signatures.
Then I look in the VoodooShield User Log there should be an am_deta_patch_xxx.exe and mpsigstub.exe listed.
No such things in the VoodooShield User Log means there was no update.

Thanks for the update on the CFA stuff (y)
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
436
I will take a look at the Signature update interval. Nothing changed in this code that I can remember, so it should be an easy fix. BTW, how are you checking to see if the Signature update fires every two hours? Please let me know so I can confirm that it is fixed.

The Block History (now part of the Defender Security Log) is finished and I am going to finish the other CFA stuff tonight or tomorrow.

BTW, there was a bug in the Scan and Exceptions treeview / datagridview features for Windows 11, but that is fixed now as well. Once I am finished with everything I will test on Windows 11 again to make sure everything is working. Thank you!

I just got a program i wanted to install blocked and quarantined by MD, and it was the same tidious procedure to unblock and restore even though i use DUI. Am i missing something maybe or will ease of handling that come as a future feature?

Regarding "Threat Default Actions", it says Default, as an option for every item, me and many others i am sure do not know what the Default mode is so it says, nothing. Some info there to enlighten would be nice.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Hey guys, here is the latest! CFA is not quite finished yet, but I should be able to finish it tomorrow or the next day. There are quite a few new features in this version, they should be quite obvious. A few that are probably not so obvious is that the Real-time, Cloud-delivered protections and the Controlled folder access (ransomware protection) labels are now links that point directly to the specific areas in MD. We will be able to do this with a lot of the other labels the next couple of days. I have some really cool ideas about how to handle Tamper Protection that should work extremely well and is even more "by the rules".

DefenderUI 0.74 beta
SHA-256: 6a9c83297690ac21596cc38cede5998d7315ea6a2c3464538ab0db148dd538da

It's been a very long few days so I am going to step away from the computer and relax. I will catch up on the posts I missed asap, thank you!
 

EASTER

Level 4
Verified
Well-known
May 9, 2017
145
As we're nearing official Windows 11 open release this program is a relief. Timing couldn't have been any better.

Oh sure there will be a few snafu settings needed a redo and resolved but that's the expectation every software sports in it's initial beta run debut
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Hey guys,

Here is the latest… we are almost finished! As you will see, there were tons of changes in this version.

AFAIK, the only things we have to finish are…

1) Finish the Tamper Protection warning for Threat Default Actions
2) Finish DefenderGuard
3) Finish Default Security Provider feature. This is almost finished, I just need to figure out the best way to alert the user.

As I mentioned, DefenderUI 2.00 will implement kernel mode hardening tools (blocking LOLbins, scripts, suspicious processes, child processes of web apps, etc...) along with firewall stuff. But before that, here are a couple of quick features we can implement if we like…

1) Right click explorer options for Exclusions and possibly other features. We will have to investigate the potential security implications for this feature, but I think it would be cool.
2) Add Profiles to Tray Icon?
3) Save, export and import Custom Security Profile
4) Run quick scan on Windows startup option
5) Option to update definitions before scanning
6) This sounds silly, but I was thinking of rounding the corners on the DefenderUI Icon as well, and I was curious what you guys thought.

It has been an even longer few days, but I really will catch up soon, please let me know if you find anything, thank you!

DefenderUI 0.76 beta
SHA-256: f2db40ac96558ed53f258a892ad90b25f7837bf29691c323c2e0180cc0e991fd
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
436
Hey guys,

Here is the latest… we are almost finished! As you will see, there were tons of changes in this version.

AFAIK, the only things we have to finish are…

1) Finish the Tamper Protection warning for Threat Default Actions
2) Finish DefenderGuard
3) Finish Default Security Provider feature. This is almost finished, I just need to figure out the best way to alert the user.

As I mentioned, DefenderUI 2.00 will implement kernel mode hardening tools (blocking LOLbins, scripts, suspicious processes, child processes of web apps, etc...) along with firewall stuff. But before that, here are a couple of quick features we can implement if we like…

1) Right click explorer options for Exclusions and possibly other features. We will have to investigate the potential security implications for this feature, but I think it would be cool.
2) Add Profiles to Tray Icon?
3) Save, export and import Custom Security Profile
4) Run quick scan on Windows startup option
5) Option to update definitions before scanning
6) This sounds silly, but I was thinking of rounding the corners on the DefenderUI Icon as well, and I was curious what you guys thought.

It has been an even longer few days, but I really will catch up soon, please let me know if you find anything, thank you!

DefenderUI 0.76 beta
SHA-256: f2db40ac96558ed53f258a892ad90b25f7837bf29691c323c2e0180cc0e991fd

Nice. This is maturing nicely.
Will there be any changes according to my former post, post # 146. For me, and of course many other users, the feature mentioned in post 146 is vital, without it, the daily usage of MD can be tedious.

As for now i can right click the MD icon in the tray and update definitions and run a scan, that makes it easy to handle, but not easy enough. The missing option is obvious, handle downloads. Since that is one of the things a basic user does. Download. DUI definitely makes an improvement of MD, but most of it is extras that a basic user do not care much about. Many of the settings in MD is a "one time" action, beyond that one does not have to engage in it. Perfectl ease. But the daily usage becomes a problem with the lack of this mentioned feature in MD.

So, a most basic addition to MD would be, the mentioned feature. Without it, DUI is, well... not that interesting.
You mentioned in your initial post that you thought that MD was problematic to use and you wanted to ease that. Good. But the average normal user of MD will not benefit much of this soft. So if your aim was to ease the daily usage for basic users, that intention has not reached its goal.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Should it not be an option to open Windows Security from within Defender GUI? I could not find any now and had to go through MS icon in tray.

Light mode looks nice but the text is to light and the background is also to light. With bigger difference between them it would not be so hard on the eyes.

I see that it will come in Swedish, i guess you already have a translator?
I think we have this covered... look at Home / Utility, you should see a Protection History / Quarantine link. If this is not what you mean, let me know and we will see what we can do, thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
I check if the signatures are updated every two hours by looking at Last update at the Home tab next to the button Update signatures.
Then I look in the VoodooShield User Log there should be an am_deta_patch_xxx.exe and mpsigstub.exe listed.
No such things in the VoodooShield User Log means there was no update.

Thanks for the update on the CFA stuff (y)
Please run Get-MpPreference in PowerShell, it will show you the current SignatureUpdateInterval setting.

VS is probably not blocking or logging it because it is is probably auto allowed with VS's command line cloud. Just a guess ;).
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Dan the option to open GUI from desktop icon is working again with this build. Is the Defender security log button still a work in progress? It doesn't seem to do anything at this time.
I am certain the log is working... I have a lot of filters on the log to only show relevant info, so that must be the issue. We can remove some of the filters if needed.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top