New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
@danb

It would be nice to be able to manage WD application guard and windows sandbox from DefenderUI


HVCI

Bitlocker

SCT (Although this might be complex to integrate) It would be nice to see the actual hardening and how to improve it.
 
Last edited:

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
@danb

It would be nice to be able to manage WD application guard and windows sandbox from DefenderUI


HVCI

Bitlocker

SCT (Although this might be complex to integrate) It would be nice to see the actual hardening and how to improve it.
Thank you for the suggestions! I am actually finishing up the next version of DefenderUI, and it will be ready in a couple of days. Then we will look into adding even more features, like you recommended. I will catch up on the other posts when I post the next version of DefenderUI. Have a great weekend!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Hey guys, the next version of DefenderUI is almost ready. It includes a Custom Profile feature so you can save your settings and apply them to the same or different computer whenever you like. It also includes a CLI (Command Line Interface), so that admins from SMB and Enterprise can distribute profiles to their entire network, with a simple click of the mouse.

Now that everything is in place, we will be adding even more new features soon!

Thank you guys!
 

kC77

Level 5
Verified
Well-known
Aug 16, 2021
230
Hey guys, the next version of DefenderUI is almost ready. It includes a Custom Profile feature so you can save your settings and apply them to the same or different computer whenever you like. It also includes a CLI (Command Line Interface), so that admins from SMB and Enterprise can distribute profiles to their entire network, with a simple click of the mouse.

Now that everything is in place, we will be adding even more new features soon!

Thank you guys!
looking forward to it!
 

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
Thank you for the suggestions! I am actually finishing up the next version of DefenderUI, and it will be ready in a couple of days. Then we will look into adding even more features, like you recommended. I will catch up on the other posts when I post the next version of DefenderUI. Have a great weekend!

If it requires a lot of work, maybe the first version clould be just to show the feature status (enable/disable) so people would be aware that these features exists (I think most people isn't aware) and could think about use them or not, even if they aren't configurable from DefenderUI.
 

kC77

Level 5
Verified
Well-known
Aug 16, 2021
230
Any news on the future of DefenderUI?
Will there still be a free version and a pro (with VS light) version?
I love the DUI pro version with the simple VS features, would like to see pro version continued with couple of extra features:
ive flirted between DUI standard with VS Pro ... but keep coming back to DUI Pro only, as its simplicity and basic extra protection of VS is ideal for me.

would like to see:
  • edit/view of white/blacklists and optionally a log of events
  • tamper protection on/off - ability to hide the DUI features that require tamper protection to be off.
  • dynamic postures... maybe change the icon colour when its active/inactive, as it is now, its impossible to know when its activated/used (can be seen in windows event viewer)
  • auto reactivation - option to set a lower value than 5 minutes
  • better pop up (that small bar at the bottom is easy to miss) - just bolt on VS pop ups, they are perfect.
  • update notifications and approval.... the last updates just silently updated at application exit/launch... would prefer to be notified, and click yes or decline etc.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Thank you guys for the feedback, I will read though it soon and we will figure out what changes we should make.

Here is the latest version (1.02). There were tons of changes and optimizations. The biggest new feature is the Custom Profiles feature. You can save a Custom Profile to the cloud by clicking the Save Custom Profile icon at the top of the screen. Then if you want to apply this profile to other computers, you can just type in the code and click the Download Custom Profile button. It is kind of like the old "cheat codes" in old video games ;).

Or businesses that utilize command line tools can do this...

C:\Program Files\DefenderUI\DefenderUI.exe -RecommendedProfile
C:\Program Files\DefenderUI\DefenderUI.exe -InteractiveProfile
C:\Program Files\DefenderUI\DefenderUI.exe -AggressiveProfile
C:\Program Files\DefenderUI\DefenderUI.exe -DefaultProfile

Or for Custom Profiles...
C:\Program Files\DefenderUI\DefenderUI.exe -CustomProfile AAAAA
(Where AAAAA is the Custom Profile Code).

This is not labeled as a beta and should be stable, but please let me know if you notice any bugs. Once DefenderUI is finalized, we will implement the changes into DefenderUI Pro. I am guessing this will be 2-3 weeks.

DefenderUI 1.02
SHA-256: 2065697cca58c47a41cbe1bd147791d30fab4cfbc657a975a267a5d5b4098d03

Thank you guys!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
If it requires a lot of work, maybe the first version clould be just to show the feature status (enable/disable) so people would be aware that these features exists (I think most people isn't aware) and could think about use them or not, even if they aren't configurable from DefenderUI.
Great point! I will look at these new features and see which ones we are able to implement into DefenderUI. Thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Any news on the future of DefenderUI?
Will there still be a free version and a pro (with VS light) version?
The standard version of DefenderUI will probably be free for a very long time. The Pro version will be free for quite a while, but eventually we will probably sell it for maybe half the price of VS. Thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
I love the DUI pro version with the simple VS features, would like to see pro version continued with couple of extra features:
ive flirted between DUI standard with VS Pro ... but keep coming back to DUI Pro only, as its simplicity and basic extra protection of VS is ideal for me.

would like to see:
  • edit/view of white/blacklists and optionally a log of events
  • tamper protection on/off - ability to hide the DUI features that require tamper protection to be off.
  • dynamic postures... maybe change the icon colour when its active/inactive, as it is now, its impossible to know when its activated/used (can be seen in windows event viewer)
  • auto reactivation - option to set a lower value than 5 minutes
  • better pop up (that small bar at the bottom is easy to miss) - just bolt on VS pop ups, they are perfect.
  • update notifications and approval.... the last updates just silently updated at application exit/launch... would prefer to be notified, and click yes or decline etc.
Thank you, I appreciate that! In a few weeks I will start working on DefenderUI Pro and see which of these suggestions we can implement.
 

pxxb1

Level 9
Verified
Well-known
Jan 17, 2018
436
This is an interesting project that somewhat misses the initial point it was set out to handle. Simple handling of Ms Defender for most basic user means, simplicity in handling blocking of downloads. Now they get blocked and quarantined so you first have to unblock, then, allow on computer, both action is in separate places and the actions are not intuitively figured out.
I and all i now that uses Ms Defender are basic users and has almost nothing to do with Defender on daily basis besides when downloading, with DUI, thoose actions are still as cumbersome as before. So it is a redundant software in that respect. If thoose features where present, it would be a different matter.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
This is an interesting project that somewhat misses the initial point it was set out to handle. Simple handling of Ms Defender for most basic user means, simplicity in handling blocking of downloads. Now they get blocked and quarantined so you first have to unblock, then, allow on computer, both action is in separate places and the actions are not intuitively figured out.
I and all i now that uses Ms Defender are basic users and has almost nothing to do with Defender on daily basis besides when downloading, with DUI, thoose actions are still as cumbersome as before. So it is a redundant software in that respect. If thoose features where present, it would be a different matter.
Thank you for your feedback! Please keep in mind that DefenderUI is not even 8 months old, and there is a lot we are going to do with it.

There is a Protection History / Quarantine link on the Home screen of DefenderUI that takes you directly to the place you need to be to unblock files. I would love to hear suggestions on how we can improve this, along with any other usability suggestions that anyone has. Thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
You should ask the publisher, @Andy Ful to make any comparison.
All of the AV’s are clones of each other. This is nothing new.

There are several apps that control Windows Firewall, but which one was first? I honestly have no idea.

Why did I create DefenderUI?

Because I wanted a better UI for Microsoft Defender.
 

Stronghold

Level 1
May 27, 2022
21
I'm trying to run DefenderUI with Cruel CF but everything gets sandboxed because all commands are executed through PowerShell.
What directory does it use to temporarily place the PowerShell files when executing them?
I could add an exception in CF if I know where they are written to on execution.
I know the commands aren't malicious but Comodo doesn't seem to know that.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
I'm trying to run DefenderUI with Cruel CF but everything gets sandboxed because all commands are executed through PowerShell.
What directory does it use to temporarily place the PowerShell files when executing them?
I could add an exception in CF if I know where they are written to on execution.
I know the commands aren't malicious but Comodo doesn't seem to know that.
There are no files on disk, The DefenderUIService executes the commands directly, so you probably need to create an exception in Comodo for the DefenderUIService.

BTW, using powershell was not my choice, I would have preferred to handle everything through group policy and the registry. But unfortunately, if an app is going to control MD settings, it pretty much has to use powershell, the same way CD does. There MIGHT be a way around it, and I will take a look in a couple of weeks once I finish up some of the other stuff I am working on.

BTW, the WLC servers have been upgraded so it should be super fast now. We used to run everything off a couple of servers, now we have 5 WLC servers and we are going to have 10 soon. So we should be good to go.

Also BTW, have there been any Follina comparison tests on MT or any other security forum? I have seen people running commands from a command prompt, but that is not a valid test by any means. I have tested quite a bit and the results are interesting ;).
 

Stronghold

Level 1
May 27, 2022
21
There are no files on disk, The DefenderUIService executes the commands directly, so you probably need to create an exception in Comodo for the DefenderUIService.

BTW, using powershell was not my choice, I would have preferred to handle everything through group policy and the registry. But unfortunately, if an app is going to control MD settings, it pretty much has to use powershell, the same way CD does. There MIGHT be a way around it, and I will take a look in a couple of weeks once I finish up some of the other stuff I am working on.

BTW, the WLC servers have been upgraded so it should be super fast now. We used to run everything off a couple of servers, now we have 5 WLC servers and we are going to have 10 soon. So we should be good to go.

Also BTW, have there been any Follina comparison tests on MT or any other security forum? I have seen people running commands from a command prompt, but that is not a valid test by any means. I have tested quite a bit and the results are interesting ;).
I'm not sure what kind of exception I would have to add. The DefenderUIService.exe is a Trusted file in the Comodo File List by default since it's signed with the VoodooShield signature, so in theory it should allow it to execute PowerShell commands, but it doesn't, they end up in the tempdir of Comodo's sandbox.

Congratulations on the server upgrades, I tested VoodooShield versions (v2-v3 I think) many years ago but lost my free life time subscription many broken PC's (and account password databases) ago 😂
I always liked your product and must give you credit, and say thank you, for creating a free (very well made) DefenderUI for a Microsoft product!
 
  • Like
Reactions: Nevi and danb

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
I'm not sure what kind of exception I would have to add. The DefenderUIService.exe is a Trusted file in the Comodo File List by default since it's signed with the VoodooShield signature, so in theory it should allow it to execute PowerShell commands, but it doesn't, they end up in the tempdir of Comodo's sandbox.

Congratulations on the server upgrades, I tested VoodooShield versions (v2-v3 I think) many years ago but lost my free life time subscription many broken PC's (and account password databases) ago 😂
I always liked your product and must give you credit, and say thank you, for creating a free (very well made) DefenderUI for a Microsoft product!
Thank you, I appreciate that! I am not sure about Comodo, but if it is not working you might have to tweak something in Comodo.

If you email me your email address, I can look up your account for your lifetime subscription and send you the info. If you have more than one email address that it might be, just send them to me and I can look them up. Our email is support at voodooshield.com.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top