# How to disable Windows Defender in Windows 10 1909



## daerragh (Jan 6, 2020)

Hi. I'm using Win 10 Pro version, so I opened gpedit.msc, navigated to "Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus" to enable 2 policies: "Turn off Windows Defender Antivirus" and "Disable Realtime Protection".

In previous versions of Win 10 (before 1903) this completely settled the problem. However, in the latest Win 10 1909, the Defender process MsMpEng.exe is still running and periodically I get Windows notifications that "Windows Defender has performed a scan and found no threats". So, in all, these both policies in gpedit.msc have managed to disable the realtime protection, but Win Def still scans the PC periodically.

I'd like to disable Win Def so that even its process won't be running. Can it be done in gpedit.msc?
I also can't disable Win Def in services.msc (WinDefend service) because its configuration window is all greyed out. Can it be disabled in Sc.exe (the command line tool to manage services)? If so, how?


----------



## Assimilator (Jan 6, 2020)

Why would you even disable it?


----------



## Bill_Bright (Jan 6, 2020)

Because it is ill-advised to run without an antimalware solution installed, I don't believe it is possible to disable Windows Defender without installing a 3rd party security solution. Plus, I note now it is called Microsoft Defender because it is much more than just a malware scanner for Windows, the OS. For example, the built in firewall is part of Microsoft Defender.

If you don't want Microsoft Defender, the antimalware scanner, running full time, simply install a 3rd party scanner. Microsoft Defender's scanner will happily step out of the way. 

That said, I agree with Assimilator and would wonder why. I use Defender, with no problems or regrets.


----------



## DeathtoGnomes (Jan 6, 2020)

Assimilator said:


> Why would you even disable it?


Good question. 

@ OP, If the settings dont work out for ya have a look thru the Task Scheduler.


----------



## daerragh (Jan 6, 2020)

I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.


----------



## thesmokingman (Jan 6, 2020)

Okay...


----------



## 64K (Jan 6, 2020)

I like Defender. I wouldn't think of disabling it. Some people say that you can use your rig online with no Antivirus program as long as you are careful but my experience has been different. I was on a reputable gaming site many years ago and had AVG Free running and clicked on a seemingly harmless flash video and picked up a virus. An AVG scan wouldn't remove it and for the first and only time even MalwareBytes couldn't remove it. I used MSconfig to stop it from running on startup but it just kept coming back. There was a tutorial online how to remove it but that didn't work either. I had to wipe the drive and reload the OS. I switched the antivirus program to another.

There are nasties out there even on reputable sites.


----------



## lexluthermiester (Jan 6, 2020)

daerragh said:


> I don't need AV, that's why I want it disabled.


Ok, since you've been properly warned and want to anyway, here's how;
You need to use either a WinPE boot drive or a Linux live disc with NTFS support(most have such).
Open the file manager and rename all of the following folders to encase them in brackets.
For example; C:\Program Files\Windows Defender  -> C:\Program Files\[Windows Defender]

The list of folders to rename is as a follows;
C:\Program Files\Windows Defender
C:\Program Files (x86)\Windows Defender
C:\ProgramData\Microsoft\Windows Defender

This will disable Windows Defender in a reversible way. This can be done with any program or app that is undesired which Windows will not let you remove.

You can also use a utility call WinAeroTweaker which has a function to disable Windows Defender, but this can easily be re-enabled by the OS. Renaming the folders can not be reversed by the OS very easily.


----------



## biffzinker (Jan 6, 2020)

There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.

If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.

*Edit:*
Go to Settings, scroll down, click Update & Security
Click Windows Security in the left panel then Click Virus & Thread Protection
Scroll down to virus & threat protection settings, and click manage settings
Scroll down to Tamper Protection, and toggle off.


----------



## daerragh (Jan 6, 2020)

biffzinker said:


> There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.
> 
> If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.



How do I do this?


----------



## lexluthermiester (Jan 6, 2020)

daerragh said:


> How do I do this?


It will not work if Windows, or an update, turns it back on and reenables WD. 

The only way to keep it disabled is to change the folder names. 

I have been and currently do this myself. Granted I use a third party antimalware suite because I have more trust in them and their apps don't make irritating and intrusive changes without asking first. I delete the folders listed above and a few more because I have no intention of ever allowing WD and it's associated services to run on my personal systems. Unlike others, I do not trust Microsoft and do not run Windows in a default configuration.


----------



## biffzinker (Jan 6, 2020)

lexluthermiester said:


> It will not work if Windows, or an update, turns it back on and reenables WD.


It's stayed off for me even after updates have been applied.



daerragh said:


> How do I do this?


I added a edit to my reply above yours that should point you in the right direction.


----------



## notb (Jan 6, 2020)

daerragh said:


> I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.


Have you considered a possibility that you didn't have a virus for years exactly because a security suit is built into your system? Into most systems "around" you?

You know sites you browse. Lets challenge that. What do you know about virustotal.com? Do you know who is behind this site?


----------



## lexluthermiester (Jan 6, 2020)

biffzinker said:


> It's stayed off for me even after updates have been applied.


Weird. I've watched it get re-enabled, depending on the update applied.


----------



## daerragh (Jan 6, 2020)

biffzinker said:


> There's a anti-tamper setting turned on that prevents Windows Defender from being disabled, and other settings tampered with by a rouge app.
> 
> If you toggle that setting off then you can completely disable Windows Defender with the existing Group Policy change.
> 
> ...



Thanks a lot! Disabling the tamper protection and enabling the two policies in gpedit.msc from the first post did the trick and now even MsMPEng.exe (the main defender process) is not running = approximately 100MB RAM saved and a bit quicker boot time . Good thing is the Windows Firewall is still running as intended.


----------



## lexluthermiester (Jan 6, 2020)

daerragh said:


> Thanks a lot! Disabling the tamper protection and enabling the two policies in gpedit.msc from the first post did the trick and now even MsMPEng.exe (the main defender process) is not running = approximately 100MB RAM saved and a bit quicker boot time . Good thing is the Windows Firewall is still running as intended.


Glad you have a solution you're happy with. You will have to watch it though as future updates are applied. If it does become a problem, the folder renaming method will work in a way only you can reverse.


----------



## daerragh (Jan 6, 2020)

lexluthermiester said:


> You will have to watch it though as future updates are applied.


I'll keep an eye on them.

TPU forums are the best. You are always the quickest to respond.


----------



## matthewmatics (Jan 6, 2020)

This worked great for me. I deleted them. I was just messing around seeing what I could get away with.....I had the OS stripped pretty dang good and no issues!









						How to delete a service in Windows - gHacks Tech News
					

Remove a Service in Windows 11/10/7 and lower using 3 easy ways: cmd command, Windows registry edit, free Autoruns software. Click here to learn how.



					www.ghacks.net
				




Oddly, I didn't mess with defender though. I saw no reason but I will probably kill it too just to see...


----------



## oobymach (Jan 6, 2020)

To disable defender use shutup 10, get it here.






						O&O ShutUp10++ – Free antispy tool for Windows 10 and 11
					

With the freeware O&O ShutUp10++, unwanted Windows 10 and 11 features can be disabled and the transfer of sensitive personal data onto Microsoft prevented.




					www.oo-software.com
				




Apply all settings, restart pc.

To stop security center run regedit and edit the following 2 locations

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc

Change the Start dword value to 4 on both to disable security center.

To get rid of the security center warning message do the following

1   Tap on the Windows-key, type gpedit.msc, and hit the Enter-key. This starts the Group Policy Editor on the system.
2   Use the sidebar to go to User Configuration > Administrative Templates > Start Menu and Taskbar.
3   Locate Remove Notifications and Action Center there. If the list is not sorted alphabetically, click on the "setting" column title to do so. This makes it easier to find the policy.
4   Double-click on the policy.
5   Set it to enabled.
6   Restart the PC


----------



## lexluthermiester (Jan 6, 2020)

oobymach said:


> Use shutup 10, get it here.
> 
> 
> 
> ...


That's a good one too!


----------



## matthewmatics (Jan 6, 2020)

Shut up 10 doesn't hold at least one setting...I can't remember which one though.  A update may have fixed it?


----------



## Bill_Bright (Jan 6, 2020)

Yeah, I used to think I was smarter than all the bad guys and that I could never ever, not once slip up and accidentally click on something I shouldn't, or that the most trusted sites could never be hacked. 

Good luck.


----------



## matthewmatics (Jan 6, 2020)

I look forward to that ^^ .LOL. It keeps us current.


----------



## rtwjunkie (Jan 6, 2020)

daerragh said:


> I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.


Except for the fact that known safe sites occasionally end up with drive-by infections.

Anyway, I hope this solution works for you.


----------



## notb (Jan 6, 2020)

rtwjunkie said:


> Except for the fact that known safe sites occasionally end up with drive-by infections.


Similarly, I assume he opens e-mails just from people he trusts.
Did they also disable Defender? Do they also open just the sites they trust? 

It's like some anti-vaccine movement.


----------



## SomeOne99h (Jan 6, 2020)

rtwjunkie said:


> Except for the fact that known safe sites occasionally end up with drive-by infections.
> 
> Anyway, I hope this solution works for you.


CCleaner site got hacked and then put malware into their app, even though it is owned by Avast!, the popular freeware anti-virus (and yes, at that time it was owned by avast not by Piriform). Not only that, hackers tried to do that again in 2019! 
*From wikipedia:*
((After Piriform was acquired by Avast, in September 2017, CCleaner 5.33 was compromised by the incorporation into the distributed program of the Floxif trojan horse that could install a backdoor, enabling remote access to 2.27 million[33] infected machines.[34][35] Forty of the infected machines received a second-stage payload that appears to have targeted technology companies Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu.[36][37] On 13 September, Piriform released CCleaner 5.34 and CCleaner Cloud 1.07.3191, without the malicious code.[38]
On October 21, 2019, Avast disclosed a second security breach during which hackers tried again to insert malware inside CCleaner releases. This attempt was unsuccessful.[39]))

reference: https://en.wikipedia.org/wiki/CCleaner#Malware_infection

(Just to say it is a legit news. I was there at that time when the first hack happend and it made the web panic about it)

*EDIT:* You can use Malwarebytes free edition, it has manual scan. Once you close it, nothing runs out of it. https://www.malwarebytes.com/mwb-download/thankyou/


----------



## c2DDragon (Jan 6, 2020)

I just googled "disable windows defender"








						How to permanently disable Windows Defender Antivirus on Windows 10
					

If you must permanently disable Windows Defender Antivirus on Windows 10, use this guide to learn the steps on how to do it.




					www.windowscentral.com
				



If you did the gpedit.msc move go for the regedit move :

Use the *Windows key + R* keyboard shortcut to open the *Run* command.
Type *regedit*, and click *OK* to open the Registry.
Browse the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
Right-click on the *Windows Defender* (folder) key, select *New*, and click on *DWORD (32-bit) Value*.



Name the key *DisableAntiSpyware* and press *Enter*.
Double-click the newly created key and set the value from *0* to *1*.
Click *OK*.



Right-click on the *Windows Defender* (folder) key, select *New*, and click on *Key*.
Name the key *Real-Time Protection* and press *Enter*.



Right-click on the *Real-Time Protection* (folder) key, select *New*, and click on *DWORD (32-bit) Value*.
Name the key *DisableBehaviorMonitoring* and press *Enter*.
Double-click the newly created key and set the value from *0* to *1*.
Click *OK*.



Right-click on the *Real-Time Protection* (folder) key, select *New*, and click on *DWORD (32-bit) Value*.
Name the key *DisableOnAccessProtection* and press *Enter*.
Double-click the newly created key and set the value from *0* to *1*.
Click *OK*.



Right-click on the *Real-Time Protection* (folder) key, select *New*, and click on *DWORD (32-bit) Value*.
Name the key *DisableScanOnRealtimeEnable* and press *Enter*.
Double-click the newly created key and set the value from *0* to *1*.
Click *OK*.



After completing the steps, simply restart your computer to disable the Windows Defender Antivirus permanently.
If you change your mind, you can always revert the changes using the same instructions, but on *step No. 3*, right-click the *DisableAntiSpyware* key, and select *Delete*. Then inside the *Windows Defender* (folder) key, right-click the *Real-Time Protection* (folder) key and select *Delete* to remove key and its content. Finally, restart your device to complete reverting the changes.

You don't need third party programs to do this or else you are just lazy 
Third party programs tend to let you think they can block telemetry. Ok but they tend to break the store and many things you could find useful by deleting them...
You want a good thing for your paranoia obsessions ?  Get a firewall (the windows one is just crap) and lose some time asking for ANY connections. It's time consumming the first days but once you got your firewall rules set up without having your system broken you are gold.
Also you don't need to have a 24/7 antivirus if you think you know what you are doing. Once a month download a trial from Kaspersky or Bitdefender (depends if you are more Russia or USA) and scan the whole system to be sure it's fine. A good program I know too is Rogue Killer. Take the free version (no autoupdate, no custom scan) and run it once a month if you feel your computer is in danger 
Some people want to cut all the microsoft telemetry but take 24/7 antispyware/antivirus which spy them all day long...that's nonsense.
I won't judge if you want to feel safe but the question is, is everything really safe with 24/7 programs scanning all your datas ? I still can't answer this. Up to you.

Edit : about firewalls I use NetLimiter 4 Pro and it's doing the job. Many firewalls can do the job, it's just a bit of work being harassed by connections demands, checking what the services asking for internet are doing and all but it's a good move in my opinion.


----------



## matthewmatics (Jan 6, 2020)

^^^That won't hold...it will revert. At least it did for me in the past..


----------



## biffzinker (Jan 7, 2020)

rtwjunkie said:


> Except for the fact that known safe sites occasionally end up with drive-by infections.


Adblocking neuters the possibility of a drive-by infection from taking hold unless you whitelist the site. Never know maybe I'm placing to much trust in TPU's ads they display for having the site whitelisted.

I do check periodically check with a offline scanner for the possible infection, and nothing has turned up although it could be evading detection.


----------



## c2DDragon (Jan 7, 2020)

matthewmatics said:


> ^^^That won't hold...it will revert. At least it did for me in the past..


Unlike the policies, the regedit is THE powerful stuff, if it reverts because of a major update, just do it again it doesn't bite.


----------



## steen (Jan 7, 2020)

Another annoying thing with 1909 is that excluded files/folders can still be flagged as malware when memory resident. Good for most, PITA for hacks...


----------



## lexluthermiester (Jan 7, 2020)

matthewmatics said:


> ^^^That won't hold...it will revert. At least it did for me in the past..


I've had that experience as well. Changing the folder names is much easier and more effective than the process detailed above, and more easily reversed.


----------



## c2DDragon (Jan 7, 2020)

lexluthermiester said:


> I've had that experience as well. Changing the folder names is much easier and more effective that the process detailed above, and more easily reversed.


If you change the folder's name it implies you took ownership of the folder so...it's not that good if you want to reverse the process xD
We are talking about registry keys you can just delete.
About group policies if they just don't act, you also can force them if they don't "work" :
gpupdate /force
You can disable cortana and a lot of nasty stuff there, you can easily revert the changes.
Clearly if you took everything OFF in the security panel, did the gpedit stuff & the registry edition (it's just adding keys you can remove them) there is no need to break folders'  permissions.


----------



## lexluthermiester (Jan 7, 2020)

c2DDragon said:


> If you change the folder's name it implies you took ownership of the folder so...it's not that good if you want to reverse the process xD


Not if you do it from outside a running session of Windows. If you do it from a bootable USB drive, no Windows User session is started and folder permissions are ignored.



c2DDragon said:


> We are talking about registry keys you can just delete.


Registry keys can be restored during an update, whether automatic or manual.


----------



## c2DDragon (Jan 7, 2020)

lexluthermiester said:


> Not if you do it from outside a running session of Windows. If you do it from a bootable USB drive, no Windows User session is started and folder permissions are ignored.


It's a lot more of effort than adding 4 registry keys but well it's up to you after all.


> Registry keys can be restored during an update, whether automatic or manual.


And can be added again but I understand some could be pissed to do the process again.


----------



## mdbrotha03 (Jan 7, 2020)

daerragh said:


> I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.



No joke I had a bud in Afghanistan during the deployment that said the same thing.  Turns out he had a crap ton of infected files.


----------



## DeathtoGnomes (Jan 7, 2020)

c2DDragon said:


> I just googled "disable windows defender"
> 
> 
> 
> ...


I use Tinywall.


----------



## 64K (Jan 7, 2020)

biffzinker said:


> Adblocking neuters the possibility of a drive-by infection from taking hold unless you whitelist the site. Never know maybe I'm placing to much trust in TPU's ads they display for having the site whitelisted.
> 
> I do check periodically check with a offline scanner for the possible infection, and nothing has turned up although it could be evading detection.



W1zzard is good about maintaining this site and he doesn't allow just any kind of ad. I don't block ads here and on one gaming site. Everywhere else I use Adblocker to block ads but more and more sites are getting to where you can't access the article you are looking to read unless you turn off Adblocker. There may be a way around this but I don't know what that would be.


----------



## Drone (Jan 7, 2020)

Windows Defender is more than A/V protection, even when you install another a/v product Windows will still continue to download defender definition updates.


----------



## Bill_Bright (Jan 7, 2020)

notb said:


> Similarly, I assume he opens e-mails just from people he trusts.


Except spammers spoof legitimate email addresses as SOP (standard operating procedure). So opening only from trusted addresses is no guarantee it is safe either. In fact, if one of your "trusted"   contacts or organizations is compromised and your email address is stolen, there's a good chance you will receive malicious content that appears to be from your contact. 


> It's like some anti-vaccine movement.


That's another good way to look at it. I also look at it like the cocky young driver who believes he or she is such a good driver that they could never cause or even get into an accident, and therefore, don't need insurance. 


biffzinker said:


> Adblocking neuters the possibility of a drive-by infection from taking hold unless you whitelist the site


Except neutering is permanent, can't be bypassed or undone. Adblocking ensures none of that and works only with browsers. They don't do anything with emails, email attachments, downloads, direct connections (via infected USB devices), or hacking via networks.


Drone said:


> Windows Defender is more than A/V protection


Exactly.


64K said:


> W1zzard is good about maintaining this site and he doesn't allow just any kind of ad.


But even he can't keep his third eye open 24/7/365. Nor can he protect posters from all malicious links 24/7 other posters post, or ensure sites referenced in posts and articles/reviews remain safe.


----------



## theFOoL (Jan 7, 2020)

Has anyone bothered to search *LINK*


----------



## notb (Jan 7, 2020)

rk3066 said:


> Has anyone bothered to search *LINK*


But is that a site you trust?


----------



## DeathtoGnomes (Jan 7, 2020)

notb said:


> But is that a site you trust?


I am leary about that site, but i do trust Windows 10 Forums


----------



## theFOoL (Jan 7, 2020)

Yes guys that site is Safe... I wouldn't link it if it wasn't


----------



## Bill_Bright (Jan 7, 2020)

rk3066 said:


> Yes guys that site is Safe...


Since any site can be hacked, it is difficult to declare it is safe and always will be safe - especially since, just like here at TPU, it is likely the site owners and administrators didn't develop the site software. TPU uses XenForo, for example. All we can really say is the owners/administrators here at TPU make this site "trustworthy".

All I can say about Windows Central is my years of experience with it say, it is trustworthy too.


----------



## Assimilator (Jan 7, 2020)

I guess OP doesn't use condoms either.


----------



## candle_86 (Jan 7, 2020)

i hope you don't take your computer to other peoples networks, no point in spreading the infections around


----------



## Prime2515102 (Jan 7, 2020)

I haven't had a virus detection on my computer in at least 10 years and I still would never run Windows without an antivirus running. For that, I would have to have complete faith in the ability of the administrators of every web site I visit to keep their servers 100% safe 24/7/366 ('cause of leap year) and that's just never going to happen. And of course there is the aforementioned email thing...


----------



## oobymach (Jan 8, 2020)

I would recommend a personal firewall or similar software but not windows, the very first thing a hacker learns on is windows defender and firewall because it's what he/she has immediate access to. Go with one of these, at least you'll have some protection that's a better choice than windows.






						Top 10 BEST Free Firewall Software For Windows [2021 List]
					

Are You looking for a Free Firewall to protect your computer or device? Read this review to select the best Free Firewall Software for complete protection.




					www.softwaretestinghelp.com


----------



## candle_86 (Jan 8, 2020)

oobymach said:


> I would recommend a personal firewall or similar software but not windows, the very first thing a hacker learns on is windows defender and firewall because it's what he/she has immediate access to. Go with one of these, at least you'll have some protection that's a better choice than windows.
> 
> 
> 
> ...



Your aware a firewall is entirely about how you set it up right? Any firewall is Swiss cheese at default


----------



## lexluthermiester (Jan 8, 2020)

candle_86 said:


> Any firewall is Swiss cheese at default


Incorrect, and if you taken the time to test many of them you would not think so. Even the inbuilt Windows Firewall has improved greatly in the last few years. Granted, it's not perfect, but it's hardly swiss-cheese.


----------



## Bill_Bright (Jan 8, 2020)

candle_86 said:


> Any firewall is Swiss cheese at default


 No they aren't! That would be silly. Most (including that included in Windows) are perfectly fine in their default settings. If not, 100s of millions (billion+) computers would already be hacked.

If anything, after market firewalls may be too aggressive in their default settings.

No firewall is perfect but firewall technologies are nothing special (or proprietary) either. In fact, it is simple to block ports which is why even basic, rudimentary firewalls like TinyWall are so effective.

Windows Firewall is actually a very robust and flexible firewall, easily and highly customizable for those that like to tinker simply by entering the "Advanced Security" menu . It is a powerful, two-way, stateful-packet inspection (SPI), packet-filtering firewall. Actually, beginning with XP SP2 when the integrated FW was upgraded from one-way to two-way, Windows Firewall has been very effective and more than adequate for most users. In fact, IMO MS making it two-way is why ZoneAlarm started branching out into anti-spyware and then full security suites - people stopped using their firewall because it just was not needed.

Again - it is easy to block ports (against unauthorized in or out access) from within the OS. The methods are not proprietary.

The ONLY thing that makes 3rd party firewalls like ZoneAlarm or Comodo firewalls stand out is their extra bloat... err... extra features nobody... err... very few people ever need. In other words, marketing fluff.


----------



## c2DDragon (Jan 8, 2020)

lexluthermiester said:


> Incorrect, and if you taken the time to test many of them you would not think so. Even the inbuilt Windows Firewall has improved great in the last few years. Granted, it's not perfect, but it's hardly swiss-cheese.





Bill_Bright said:


> Windows Firewall is actually a very robust and flexible firewall...


Windows Firewall is actually very bad at doing his job.
I invite you do test it using this leaktest : https://www.grc.com/lt/leaktest.htm
Download the test then test for leaks you will be notified your firewall has been penetrated.
The Windows Firewall settings are supposed to block everything that is not in the list of the authorized apps but it doesn't actually block everything that is not in this list. It's just the worst firewall you can rely on.


----------



## Jetster (Jan 8, 2020)

Doesn't Windows 10 automatically disable Defender if you install a Anti virus ?


----------



## Bill_Bright (Jan 8, 2020)

I have a lot of respect for Steve Gibson but his LeakTest app cannot be trusted for this. If you Google this, you will see this has been going on for many years - and not just with Windows Firewall. If you look here, you will see this poster's firewall failed LeakTest even after he unplugged the Ethernet cable! 

Do you seriously think these firewall developers would allow their programs to be so easily by-passed since 2002 if really a problem?

It should also be noted why LeakTest reported they failed. It reported they failed because LeakTest was able to get "out". Not "in". That is a HUGE distinction. Did LeakTest sneak past my router, past my firewall, past my anti-malware solution and past me on the way "in" when I intentionally downloaded it? NO!!!! I opened the doors and invited it in. I intentionally saved it to my computer. And I intentionally ran it. I let it in, and out!

But what happens if you create a simple rule in Windows Firewall to block LeakTest? This is what happens:






If you want to use Steve Gibson to test your port security, use his ShieldsUP! Windows Firewall passes no problem.



Jetster said:


> Doesn't Windows 10 automatically disable Defender if you install a Anti virus ?


It disables its real-time scanner. It does not disable every feature. For example, if you install Malwarebytes, Windows Firewall remains active - and that's a good thing. BTW, you can go into Malwarebytes control panel and tell it not to register itself with Windows Security Center. Then Windows Defender and Malwarebytes can run at the same time. This is not a problem because both play well together without conflicts or hogging resources.


----------



## c2DDragon (Jan 8, 2020)

I invited you to test it to show you the Windows Firewall, by default, is letting anything go out without you could even notice.
As you said, you did create a rule to block it. It shouldn't even go out without your persmission. It should be blocked by default, that's the purpose of a firewall.
Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.
Many programs you could intentionaly let in can spread data.
Windows Firewall is the contrary of user-friendly in my opinion and it's not safe to let data go out like this, like it's designed by default.
Neither it's safe to say Windows Firewall is enough.


----------



## moproblems99 (Jan 8, 2020)

c2DDragon said:


> I invited you to test it to show you the Windows Firewall, by default, is letting anything go out without you could even notice.
> As you said, you did create a rule to block it. It shouldn't even go out without your persmission. It should be blocked by default, that's the purpose of a firewall.
> Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.
> Many programs you could intentionaly let in can spread data.
> ...



There is always a fine line between usability and security.  98% of people would not know why their stuff didn't work if rules were set that way on installation.  Wouldn't look good for Microsoft would it?


----------



## c2DDragon (Jan 8, 2020)

moproblems99 said:


> There is always a fine line between usability and security.  98% of people would not know why their stuff didn't work if rules were set that way on installation.  Wouldn't look good for Microsoft would it?


You can see there is, by default, a notification telling the user a program is blocked. Many programs installed by default in any fresh Windows are whitelisted. We got the UAC prompt, there is a notification system from the firewall for inbound connections, there could have left the people decide what they want out too. Maybe they prefer to have a lot of data analyzed by Windows Defender.


----------



## Bill_Bright (Jan 8, 2020)

c2DDragon said:


> It shouldn't even go out without your persmission.


You are missing the point. In the year 2020 with modern Windows (W7 and newer), we should not have to give permission to every program we intentionally download and install. That is too aggressive. If you want that sort of required interaction, fine. But it just is not needed. 


c2DDragon said:


> It should be blocked by default, that's the purpose of a firewall.


NO!!! The purpose of a firewall is to block unauthorized access attempts. When you, an authorized user of that machine, intentionally visit a site, intentionally download and run a program (that is scanned on the way in and found to be safe), that is not an unauthorized access. 

Now if LeakTest demonstrated some malicious activity, that would be different. But it doesn't. 


c2DDragon said:


> Windows Firewall, by default, is letting anything go out without you could even notice.


No its not. Just because it let LeakTest out, that does NOT, by any means, mean it will let "anything" go out. 

And again, this program was deemed safe via my browser, router, two real-time anti-malware solutions (Windows Defender and Malwarebytes Premium) and the firewall on the way in. 

If you are that worried about unauthorized "outgoing" access attempts, I suggest you re-evaluate your incoming/real-time protection. I have full confidence in mine.

Again, if what you are suggesting were true, many 100s of millions of Windows Firewall users, as well as most 3rd party firewall users, would be compromised. Ain't happening. Remember, as the documentation for Leaktest reports, most personal firewalls fail this test.

Show us the evidence because LeakTest alone is not it. If it was, why doesn't the much more thorough ShieldsUP! from the same Steve Gibson report problems? 

Another good test is this one from Hacker Target. Enter the IPv4 IP address assigned to you by your ISP. If you don't know it, use WhatIsMyIP. 

Also, Shield Check.


c2DDragon said:


> Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.


No. Sorry, but that is just nonsense! I am afraid you don't understand computer security software at all - or maybe you are one to not run with any security?   Or maybe you just let "any malicious program" run on your systems. I don't. If any try, I block them via Windows Firewall, my browser, and my anti-malware programs BEFORE they can come in.

If you don't trust Windows Firewall, don't use it. No skin off my back. But please stop spreading FUD by suggesting to others it is not safe. If is.


----------



## thesmokingman (Jan 8, 2020)

daerragh said:


> I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.



Hubris...


----------



## c2DDragon (Jan 8, 2020)

Bill_Bright said:


> You are missing the point. In the year 2020 with modern Windows (W7 and newer), we should not have to give permission to every program we intentionally download and install. That is too aggressive. If you want that sort of required interaction, fine. But it just is not needed.
> NO!!! The purpose of a firewall is to block unauthorized access attempts. When you, an authorized user of that machine, intentionally visit a site, intentionally download and run a program (that is scanned on the way in and found to be safe), that is not an unauthorized access.


You either didn't read anything or else you just ignore it for whatever reasons. Your firewall is just accepting outgoing connections by default it's a fact. It could be from ANYTHING on your computer that you didn't block it making a rule.



Bill_Bright said:


> Now if LeakTest demonstrated some malicious activity, that would be different. But it doesn't.
> No its not. Just because it let LeakTest out, that does NOT, by any means, mean it will let "anything" go out.
> 
> And again, this program was deemed safe via my browser, router, two real-time anti-malware solutions (Windows Defender and Malwarebytes Premium) and the firewall on the way in.
> ...


It's just a program that ping a website and it worked because your firewall didn't block it.
I have nothing to worry about my computer security.


Bill_Bright said:


> Show us the evidence because LeakTest alone is not it. If it was, why doesn't the much more thorough ShieldsUP! from the same Steve Gibson report problems?
> 
> Another good test is this one from Hacker Target. Enter the IPv4 IP address assigned to you by your ISP. If you don't know it, use WhatIsMyIP.
> 
> ...


 




 
Pictures of default settings worth more than words I guess. It's in french but you can check your settings it will be the same.
This means if your computer is infected, your antimalware fails, data will be leaked.


Bill_Bright said:


> If you don't trust Windows Firewall, don't use it. No skin off my back. But please stop spreading FUD by suggesting to others it is not safe. If is.


I don't trust this firewall, as I wrote previously (but you didn't read anything I guess) I use another firewall.


----------



## Bill_Bright (Jan 8, 2020)

You are still assuming any malicious software is going to get by all our defenses coming in, remain totally undetected while running once in, then be able to phone home, again without being detected. 

20 years ago, I might make that assumption. But not today. 

Regardless, that is all beyond the scope of this thread. I'm moving on.


----------



## c2DDragon (Jan 8, 2020)

Bill_Bright said:


> You are still assuming any malicious software is going to get by all our defenses coming in, remain totally undetected while running once in, then be able to phone home, again without being detected.
> 
> 20 years ago, I might make that assumption. But not today.
> 
> Regardless, that is all beyond the scope of this thread. I'm moving on.


I was just saying the windows firewall let outgoing traffic, from everything which is not blocked by a rule of the user, move out without telling users anything. It's a fact if you don't change those settings.
If you think nothing can beat your computer security I just have nothing to say, you believe what you want to believe, I won't judge.


----------



## moproblems99 (Jan 8, 2020)

c2DDragon said:


> Your firewall is just accepting outgoing connections by default it's a fact. It could be from ANYTHING on your computer that you didn't block it making a rule.



That's because in most cases, you put that software there. Obviously, there are exceptions but allowing out by default is the correct posture.  For 99% of the time, it will be fine.

Besides, any good malware will obfuscate their phone homes behind other services anyway.


----------



## Bill_Bright (Jan 8, 2020)

c2DDragon said:


> If you think nothing can beat your computer security I just have nothing to say, you believe what you want to believe, I won't judge.


I never said or implied that - nor would I. That's why I already have multiple layers of security protecting my computers from incoming threats and from malicious activity running on my computers. That's why I keep my security and my OS current. And that is why I have trained and disciplined myself, my family, and my clients to not be "click-happy" on unsolicited links, downloads, attachments, and popups. 

If malware is trying to connect to the Internet, your security has already failed and the damage is done. Malware does not need outbound access to corrupt your system. If malware were that smart to get past all your security on the way in, and is that smart to avoid detection while running, it is smart enough to open blocked ports, imitate a legitimate program, or piggy back on the communications setup by a legitimate program. 

And once again - most 3rd party firewalls fail Gibson's LeakTest in their default settings. Does that mean they must automatically be avoided and replaced by another firewall? Of course not. Just enable outbound blocking, then be ready to be bombarded by outbound access requests.


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> I never said or implied that - nor would I. That's why I already have multiple layers of security protecting my computers from incoming threats and from malicious activity running on my computers. That's why I keep my security and my OS current. And that is why I have trained and disciplined myself, my family, and my clients to not be "click-happy" on unsolicited links, downloads, attachments, and popups.
> 
> If malware is trying to connect to the Internet, your security has already failed and the damage is done. Malware does not need outbound access to corrupt your system. If malware were that smart to get past all your security on the way in, and is that smart to avoid detection while running, it is smart enough to open blocked ports, imitate a legitimate program, or piggy back on the communications setup by a legitimate program.
> 
> And once again - most 3rd party firewalls fail Gibson's LeakTest in their default settings. Does that mean they must automatically be avoided and replaced by another firewall? Of course not. Just enable outbound blocking, then be ready to be bombarded by outbound access requests.


Prevention > Protection for me.
By the way if you spend 1 hour judging which service/program can safely have an access granted you can learn what you machine is doing.
Then when some stuff tries to connect for any reason you can stay master of the situation.
You sure will lose time granting access to the stuff but you will be able to learn the OS more if you take time to check what the services are doing and why. If you don't care well that's another problem.
Many zombies PC run around the world cause people don't care or are not even able to tell there is outgoing traffic.
Judging by your aggressivity and the arrogance I did feel from your previous posts I was sure you were thinking your computer was heavily protected and you were thinking I had no clue what I am doing with mine. Please next time let's just discuss the way it's meant to be in this community.


----------



## lexluthermiester (Jan 9, 2020)

c2DDragon said:


> Windows Firewall is actually very bad at doing his job.
> I invite you do test it using this leaktest : https://www.grc.com/lt/leaktest.htm
> Download the test then test for leaks you will be notified your firewall has been penetrated.
> The Windows Firewall settings are supposed to block everything that is not in the list of the authorized apps but it doesn't actually block everything that is not in this list. It's just the worst firewall you can rely on.


Normally, I'd rather shoot myself than use the Windows Firewall(not because it's not a decent firewall, but because I don't trust Microsoft), but I had to take this challenge. Tested it on a spare machine.Fresh install of Win10, default settings and funny enough I got the same result as Bill. I'll leave it at that.


----------



## Bill_Bright (Jan 9, 2020)

For the record, I was wrong when I said Windows Defender blocked outgoing access by default. I failed to follow my own advice and do my homework first   . I think I was flashing back to early days when the complaint was that Windows Firewall was only a one-way firewall. Either way, I should have verified my facts first. So my apologies for that.





c2DDragon said:


> Prevention > Protection for me.
> By the way if you spend 1 hour judging which service/program can safely have an access granted you can learn what you machine is doing.
> Then when some stuff tries to connect for any reason you can stay master of the situation.


I agree, but this can easily be accomplished with any firewall. It really is simple to enable outgoing connection blocking with Windows Firewall - a couple clicks and done. It really is simple to customize access on a case by case access. So to suggest otherwise is simply misleading.



c2DDragon said:


> If you don't care well that's another problem.


You keep suggesting I, and others who use Windows Firewall don't care about security. That's nonsense. Maintaining major sensitive and secure IS/IT communications networks has been a major part of my life since the early 70s. I take security and "practicing safe computing" very seriously. And for what its worth, none of my personal systems, or any system I am responsible for has ever been compromised - EXCEPT once almost 30 years ago when a work computer was hit via the "sneakernet". A co-worker brought in an infected floppy disk from home, forgot he left it in the drive, then the next day the computer was rebooted. Never again.

What I have learned over the decades is that we don't need multiple deadbolts on our doors to keep the bad guys out. I have learned that a layered approach to security is best, but we don't need layer after layer after layer after layer. 

We don't need to drive around in an Abrams tank to remain safe. But we do need to have a late model car with current safety features and keep it current and properly maintained. AND most importantly, we need to drive defensively. 

If we were back in XP days, I would agree with you 100%. In fact, back then I used ZoneAlarm and I made sure I controlled everything coming in and going out. But that just is not necessary today. Today's Windows users do NOT need to be security experts to keep their computers secured. If they stick with the defaults, keep their computers updated, and avoid risky behavior, odds are they will be safe. 

Bad guys are lazy opportunists. They go for the easy pickings. If they encounter any resistance, they move on - unless they are specifically targeting you. And in that case, you have bigger issues to worry about.



c2DDragon said:


> Judging by your aggressivity and the arrogance


Arrogance? Come on! Don't start being insulting now. That's being arrogant! If I was arrogant about security, I would think I am smarter than the bad guys. And I made it clear way back on Monday, in my 2nd post in this thread that I was not smarter than the bad guys, that I could slip up and let something slip by. So stop degrading the thread with personal insults. That gets no one anywhere.

Aggressive? I prefer to call it robustly defending against misleading information with vigor. But if you prefer aggressive, that's fine. And yes, you are being misleading by suggesting users of Windows Firewall (and apparently every firewall that does not have outgoing access blocked by default) are unsafe. Evidence proves that is simply false and suggesting otherwise is simply spreading FUD. So yeah, I get aggressive when posters distort the facts and spread FUD.


----------



## c2DDragon (Jan 9, 2020)

I was not insulting you, you didn't pay attention to the end of the sentence "the arrogance I did feel from your previous posts". That's what I did feel.
I won't insult anybody who disagrees with me. Please.

I don't think I spread FUD. That's what you think and that's insulting. Did I say people are unsafe ? Saying it's safer to block doesn't mean your computer is at heavy risks, doomed and everything will burn before you can do anything, if you don't block 

Windows defender and the windows firewall are easily customable by the malwares cause the bad guys (I like the term ) have them too so they can easily do smart scripts and take everything down. I prefer having another firewall.
Majority of users don't even look where they download things so you know.

It's just safer to control. I don't believe I am wrong neither that people have to be experts to judge if the "non-already in the already built whitelist" programs can have their outgoing access granted or not, because as I wrote and you can see it while using this firewall, there is already a notification for the user to decide if he/she wants to accept the incoming connexions, I don't see why they didn't push the user to do the same for the outgoing ones.

Now you say there is no need to block outgoing ones, it's your point of view.


----------



## DailymotionGamer (Jan 9, 2020)

Reading some of these comments , wow. Some of yall are asking "why would you disable it? lol why wouldn't you?
I disable Windows firewall, and defender, removed that notification nonsense that pops up about the security center, etc. I'm using windows 10 (pro for workstations). I always removed all that junk, even when i was using windows 7.  You don't need any of that. Its just a system hog taking up resources.


----------



## DeathtoGnomes (Jan 9, 2020)

Anyone that says Window Firewall is easy to manage is nuts, its got a steep learning curve for those persistent on learning to create and manipulate rules. What they dont tell you is that when you do manage to create a rule, WF will ignore it and/or bypass it if you are trying to block certain things from m$.

This rule for example, if I chane this to Block, windows will create another as Allow. (tried several times)



For those NOT trained in security, people with a very basic knowledge of windows are better off using an aftermarket firewall. The "aggressive" nature of them forces the user to learn more about blocking and allowing more than WF ever will (without truly screwing everything up). The other thing about aftermarket firewalls is that they will show the crap that m$ deems necessary to have a connection to the internet, when windows works just fine if they dont. Another positive about aftermarket firewalls is that it/they will give you more power over privacy, like blocking Nvidia's telemetry data and windows update.


----------



## Bill_Bright (Jan 9, 2020)

DeathtoGnomes said:


> Anyone that says Window Firewall is easy to manage is nuts, its got a steep learning curve for those persistent on learning to create and manipulate rules.


I like nuts. I totally disagree with everything you said. For one, there is nothing to manage. It is as easy as managing fragmentation on your hard drives. It is as easy as managing your Page File. Just let Windows do it. It knows how very effectively. If you disagree, show us some evidence that Windows Firewall is allowing the 100s of millions of Window Firewall users to be compromised.

You are wrong about the learning curve. It is super easy. It just took just a few seconds - to include browsing to the file location - to create a rule for LeakTest. I contend for anyone who has never dug around a Firewall menu system and created rules in any firewall, the learning curve is a bit steep. Heck, even just changing default browsers imposes a learning curve. Any time you are not familiar with something, it takes some getting used to. Then it typically becomes intuitive.

That said, Microsoft does not pretend Windows Firewall is anything more than a basic firewall. Why? Because the vast majority of users don't need anything more than a basic firewall.



DeathtoGnomes said:


> For those NOT trained in security, people with a very basic knowledge of windows are better off using an aftermarket firewall.


That's just silly and I totally disagree. For those NOT trained in security and for those with a very basic knowledge of Windows, they are MUCH better off just letting Windows manage it. It works! You would have a non-expert, with "very basic" knowledge of Windows - someone who therefore knows little to nothing about firewalls in the first place, try to figure out what to get, how to install it and then learn a something totally new? That makes no sense at all. If someone is that inexperienced with Windows, they likely have no need for any rules anyway.

Firewall technologies are nothing special. The method to block a port is NOT proprietary. It takes no special coding.



c2DDragon said:


> Windows defender and the windows firewall are easily customable by the malwares


What a bunch of bullcrap!  



> cause the bad guys ... have them too


Yeah right. Because everybody knows the badguys can't get their hands on ZoneAlarm, Comodo or Avira.   How absurd can you get?

I'm done here. This is just shameless, pointless, Microsoft bashing now - not an intelligent debate.


----------



## DeathtoGnomes (Jan 9, 2020)

As someone extensively trained by m$, naturally you defend its decisions that m$ knows better and scoffs anyone who wants to take it off the beaten path.


Bill_Bright said:


> For one, there is nothing to manage.


yea m$ feeds that line of garbage to everyone about everything. "windows will do it for you", now it can tell me when eat, drink, shit, and sleep too? No thanks.  Keep on thinking this is windows bashing, its not, its disagreeing with your "law".

EDIT: If I was to call up my mother or sister and ask them "hey I need you to create a firewall rule to block iTunes ( for whatever shady reason)" the first word they'll say is "WHAT", then they'll ask whats windows firewall.... Enter the steep learning curve. Once something is learned, then you can say "oh thats easy".  Atleast ZoneAlarm had pop ups that asked what you wanted to do.


----------



## Bill_Bright (Jan 9, 2020)

It is not my law. It is just the facts. If you disagree, then show us the facts! Show us the evidence! Show us where all these WF users are being compromise because they use WF. Show us where all these WF compromised WF computers are phoning home because WF isn't blocking the malicious code that some how got on these machines.

Show us where I am wrong. I already admitted once I made a mistake. I'm man enough to admit it again. Just show us!


----------



## oobymach (Jan 9, 2020)

Bill_Bright said:


> No they aren't! That would be silly. Most (including that included in Windows) are perfectly fine in their default settings. If not, 100s of millions (billion+) computers would already be hacked.
> 
> The ONLY thing that makes 3rd party firewalls like ZoneAlarm or Comodo firewalls stand out is their extra bloat... err... extra features nobody... err... very few people ever need. In other words, marketing fluff.


Some of those extra features like anti ransomware are a must in these times imo.

The free versions often use less resources than windows so I would recommend using one, especially if you're planning on disabling windows security but extra security isn't a bad idea.

I've seen hacking take place and years ago pinged the british secret service mi6, I googled the ip addresses I found in my router after it happened, one gave me a physical address in the uk, I googled the address and it came back as the MI6 building, did I mention I broke national security at one point lol? Shortly after that my routers internals were compromised so to speak and it stopped recording traffic. The pictures I had of an incident were also deleted remotely, lmao, been on watch lists ever since.


----------



## Bill_Bright (Jan 9, 2020)

oobymach said:


> Some of those extra features like anti ransomware are a must in these times imo.


Okay. I agree. But most anti-malware solutions already include ransomware protection - including Windows Defender.


oobymach said:


> I've seen hacking take place and years ago pinged the british secret service mi6, I googled the ip address I found in my router and it gave me the physical address in the uk, I googled the address and it came back as the MI6 building, did I mention I broke national security at one point lol?


Okay. I don't understand the point but, okay.


----------



## oobymach (Jan 9, 2020)

Bill_Bright said:


> Okay. I agree. But most anti-malware solutions already include ransomware protection - including Windows Defender.
> Okay. I don't understand the point but, okay.


The point was that a skilled hacker can get through windows defense like it was nothing, and your router basically offers no defense at all even with security features.


----------



## moproblems99 (Jan 9, 2020)

oobymach said:


> The point was that a skilled hacker can get through windows defense like it was nothing, and your router basically offers no defense at all even with security features.



Sorry but skilled hackers aren't targeting your firewall.


----------



## oobymach (Jan 9, 2020)

moproblems99 said:


> Sorry but skilled hackers aren't targeting your firewall.


The ones employed by my government (CSE) like Americas NSA have access to everything you do electronically anyway, why hack when people go out of their way to tell everyone else what they're doing? People like me who know things I'm not supposed to. Like the uk's satellite recovery program, and the feral human virus. (BTW, that just broke national security again).


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> What a bunch of bullcrap!
> 
> Yeah right. Because everybody knows the badguys can't get their hands on ZoneAlarm, Comodo or Avira.   How absurd can you get?
> 
> I'm done here. This is just shameless, pointless, Microsoft bashing now - not an intelligent debate.


Impossible to have any debate because of your reactions, nothing more.
A basic hacker will not try to code a malware for all existent types of protections when most basic users (the easy targets) don't use them but just the preinstalled one...your reaction is absurd.
It's not bashing, you think it is so, is it ? Ok, intelligent reaction, once again.


----------



## moproblems99 (Jan 9, 2020)

oobymach said:


> The ones employed by my government (CSE) like Americas NSA have access to everything you do electronically anyway, why hack when people go out of their way to tell everyone else what they're doing? People like me who know things I'm not supposed to. Like the uk's satellite recovery program, and the feral human virus. (BTW, that just broke national security again).



Because skilled hackers are targeting specific individuals of value.  The average drive-bys are being conducted by those with significantly less skills.  99.99995% (maybe higher) of tpu users do not fit the interesting category no matter how hard they try.


----------



## Bill_Bright (Jan 9, 2020)

oobymach said:


> The point was that a skilled hacker can get through windows defense like it was nothing, and your router basically offers no defense at all even with security features.


What does that have to do with the price of rice in China in the summertime after it rains?

This thread has absolutely nothing to do with our routers. And there is nothing to suggest it is harder to hack a port blocked by ZoneAlarm than it is with Windows Firewall or any other firewall.



> The ones employed by my government (CSE) like Americas NSA have access to everything you do electronically anyway, why hack when people go out of their way to tell everyone else what they're doing? People like me who know things I'm not supposed to. Like the uk's satellite recovery program, and the feral human virus. (BTW, that just broke national security again).


Tin Futures.


c2DDragon said:


> Impossible to have any debate because of your reactions, nothing more.


Its impossible to have any debate when you are spewing unsubstantiated nonsense! I ask again, where are all these infected systems that got infected because they use Windows Firewall?


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> Its impossible to have any debate when you are spewing unsubstantiated nonsense! I ask again, where are all these infected systems that got infected because they use Windows Firewall?


Never heard of botnets ? Zombie computers ? Ok.


----------



## Bill_Bright (Jan 9, 2020)

c2DDragon said:


> Never heard of botnets ? Zombie computers ? Ok.


Of course I have. And you believe that only computers using Windows Firewall have be compromised for that purpose? Okay. But that's not spewing more unsubstantiated nonsense, right?


----------



## moproblems99 (Jan 9, 2020)

c2DDragon said:


> Never heard of botnets ? Zombie computers ? Ok.



In fairness, most of those are likely iot devices.


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> Of course I have. And you believe that only computers using Windows Firewall have be compromised for that purpose? Okay. But that's not spewing more unsubstantiated nonsense, right?


The less protected ones are compromised. You think Windows Firewall is fine ? Ok, good on you.
I think it's not enough. There are better defenses than this firewall. You want to defend it and that I have to make a book about how not enough this firewall is or what ? I don't know why I would lose more time showing what I've already shown about my opinion.
Now stop being so mean and accept people's opinion without being like this please. It sucks and it's just garbage to read.
If it's nonsense to not follow your opinion so be it.


----------



## Bill_Bright (Jan 9, 2020)

c2DDragon said:


> and that I have to make a book about how not enough this firewall is or what ?


Gee whiz. No book. Just show us some evidence. If what you claim is even remotely true, show us (show for yourself) the evidence. 



c2DDragon said:


> I don't know why I would lose more time showing what I've already shown about my opinion.


It's not about your opinion or my opinion. It is about the facts! It is about what is true and what is not true. You don't like it, that's fine! I have no problem with that. But you claiming people are not safe, or that they are easy targets because they use WF - that's stating a fact, not opinion. You are not entitled to your own set of facts.


----------



## matthewmatics (Jan 9, 2020)

I gotta laugh at some of this.....I purposely set up machines and delete services and run zero 3rd party software and then abuse the crap out of them on the internet (torrents, porn, bad bad surfing, etc....FOR TESTING!!! LOL) and then I see what happens and usually it is nothing worse than a control alt delete whatever it is or crash the machine and zero happens beyond that. That is literally the worst I see out here in the real world these days. I feel bad for ransomware victims (at least the level I have witnessed) that actually pay! LMAO!


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> Gee whiz. No book. Just show us some evidence. If what you claim is even remotely true, show us (show for yourself) the evidence.
> It's not about your opinion or my opinion. It is about the facts! It is about what is true and what is not true. You don't like it, that's fine! I have no problem with that. But you claiming people are not safe, or that they are easy targets because they use WF - that's stating a fact, not opinion. You are not entitled to your own set of facts.


Remember this ? https://support.microsoft.com/en-in...pecific-firewall-ports-to-prevent-smb-traffic
"Malicious users can use the Server Message Block (SMB) protocol for malicious purposes."
"Enterprise perimeter firewalls should block unsolicited communication (from the Internet) and outgoing traffic (to the Internet) to the following SMB-associated ports..."
Why did Microsoft recommand to block ports if this firewall is this safe ?
It's about exploits. 
Let everything go out without caring is not safe in my books.


----------



## daerragh (Jan 9, 2020)

Please explain to me one thing about Windows Firewall. I deleted all rules for utorrent and then launched utorrent. Now I get the WF prompt, like the one below. How can I block access in this prompt? Because when I untick private AND public networks in the prompt, the "Allow" button gets greyed out and the only active button is "Cancel". Why the hell there's no "Block access" button? When I click "Cancel", utorrent happily gets network access (I checked). So I can only block an app manually in the advanced WF settings and NOT with the prompt? This is weird.


----------



## Bill_Bright (Jan 9, 2020)

c2DDragon said:


> Remember this ?


Yep, one article from 3 1/2 years ago for "corporate" networks - even though there are zero reported cases of any exploitation related to this - clearly indicates that every body using Windows Firewall is currently at risk - and switching to a 3rd party firewall will save the day!  Never mind the fact the article has NOTHING to do with, and NOT ONCE mentions "Windows Firewall".  

More FUD. 

@daerragh - probably best to start a new thread for that specific issue.


----------



## daerragh (Jan 9, 2020)

Bill_Bright said:


> @daerragh - probably best to start a new thread for that specific issue.



Well, this thread is already one big off-topic about WF and I'm the OP so I ask here.


----------



## c2DDragon (Jan 9, 2020)

Bill_Bright said:


> Yep, one article from 3 1/2 years ago for "corporate" networks - even though there are zero reported cases of any exploitation related to this - clearly indicates that every body using Windows Firewall is currently at risk - and switching to a 3rd party firewall will save the day!  Never mind the fact the article has NOTHING to do with, and NOT ONCE mentions "Windows Firewall".
> 
> More FUD.


Ok buddy.



daerragh said:


> Please explain to me one thing about Windows Firewall. I deleted all rules for utorrent and then launched utorrent. Now I get the WF prompt, like the one below. How can I block access in this prompt? Because when I untick private AND public networks in the prompt, the "Allow" button gets greyed out and the only active button is "Cancel". Why the hell there's no "Block access" button? When I click "Cancel", utorrent happily gets network access (I checked). So I can only block an app manually in the advanced WF settings and NOT with the prompt? This is weird.


If you untick the 2 then click the exit cross "x" doesn't it suppose to add a block rule ?


----------



## daerragh (Jan 9, 2020)

c2DDragon said:


> If you untick the 2 then click the exit cross "x" doesn't it suppose to add a block rule ?



It adds 2 inbound blocking rules, one for TCP and one for UDP (no outbound rules were created, only inbound) but then I can still download with utorrent - it has network access. Shoudn't it have no network access? How come it is still downloading if inbound access is blocked?


----------



## c2DDragon (Jan 9, 2020)

daerragh said:


> I adds 2 inbound blocking rules, one for TCP and one for UDP (no outbound rules were created) but then I can still download with utorrent - it has network access. Shoudn't it have no network access?


By default everything goes OUT with Windows Firewall so this notification is only for inbound connections.


----------



## daerragh (Jan 9, 2020)

c2DDragon said:


> By default everything goes OUT with Windows Firewall so this notification is only for inbound connexions.



I know, but why it's downloading if inbound access is blocked?


----------



## c2DDragon (Jan 9, 2020)

daerragh said:


> I know, but why it's downloading if inbound access is blocked?


That's a mystery I'm sorry I cannot help.


----------



## moproblems99 (Jan 10, 2020)

daerragh said:


> I know, but why it's downloading if inbound access is blocked?



What is downloading?


----------



## c2DDragon (Jan 10, 2020)

moproblems99 said:


> What is downloading?


it's over there now https://www.techpowerup.com/forums/...-windows-firewall-prompt.262800/#post-4185918 and solved, I guess.


----------



## lexluthermiester (Jan 10, 2020)

DeathtoGnomes said:


> Anyone that says Window Firewall is easy to manage is nuts


Let's be fair, it's not easy. But it is much better than it once was.


----------



## c2DDragon (Jan 10, 2020)

lexluthermiester said:


> Let's be fair, it's not easy. But it is much better than it once was.


I gave up with it since Windows 8 but kudos to you for trying


----------



## lexluthermiester (Jan 10, 2020)

c2DDragon said:


> I gave up with it since Windows 8 but kudos to you for trying


Oh I feel you, as a rule I don't and will not use it. However, I enjoy a good challenge and was curious what the result would be. GRC.com has been an excellent place to learn about security issues and hardware in general. So when I saw that post, I wanted to test.


----------



## DeathtoGnomes (Jan 10, 2020)

Bill_Bright said:


> It is not my law. It is just the facts. If you disagree, then show us the facts! Show us the evidence! Show us where all these WF users are being compromise because they use WF. Show us where all these WF compromised WF computers are phoning home because WF isn't blocking the malicious code that some how got on these machines.
> 
> Show us where I am wrong. I already admitted once I made a mistake. I'm man enough to admit it again. Just show us!


Pointing  out a flaw or a potential problem does not mean "all these WF computers were compromised" nor was malicious code brought up, so please stop exaggerating with that "the sky is falling" crap.

The phoning home as you call it, is now called telemetry data, which cannot be blocked in WF easily, and I reiterate that a 3rd party firewall is better in that sense.


----------



## Bill_Bright (Jan 10, 2020)

DeathtoGnomes said:


> so please stop exaggerating with that "the sky is falling" crap.


  
Look around (and in the mirror!)! I'm NOT the one claiming "the sky is falling". I was NOT the one claiming Windows Firewall is "very bad" and the "the worst firewall". I never called people who found it easy to manage, "nuts". I never claimed it had a "steep learning curve". I never claimed Microsoft cannot be trusted then implied Windows Firewall can't either. I never implied Windows Firewall was so complicated one had to be "trained in security". I never implied only Window Firewall computers can be compromised and drafted into botnets or become Zombie computers. 

All FUD!

And yes, malicious code was brought up several times with claims it could easily gain outgoing access, totally ignoring the fact it some how managed to sneak by all our security coming in undetected, and some how managed to run on the system without being detected by the real-time malware scanners. 

You guys has spent 5 pages of posts spewing FUD and declaring how bad and unsafe Windows Firewall is but have failed to provide any evidence whatsoever that Windows Firewall users are being compromised at greater rates, or that they stopped getting compromised just by installing an aftermarket firewall. 

So, Chicken Little, look in the mirror. Your tinfoil hat has a hole in it. The sky is NOT falling. Windows Firewall is indeed capable of protecting Windows users - and has been doing so for years. Contrary to what some in this thread want everyone to believe, the sky is NOT falling and almost nobody "needs" anything more advanced. 

But, if you just want more control, Microsoft has made it easy to install a 3rd party firewall and then Windows Firewall will gracefully step out of the way. For those users, I would suggest GlassWire. It is so easy, even Henny Penny can use it.


----------



## DeathtoGnomes (Jan 10, 2020)

sigh, again Billy you take it to the extremes with your diatribes all too often blowing conversations out of proportion and always claiming m$ is perfect that can do no wrong. I will never claim windows firewall and defender is a total failure, flawed yes. 


Bill_Bright said:


> But, if you just want more control, Microsoft has made it easy to install a 3rd party firewall


 glad you see this our way finally.


----------



## Bill_Bright (Jan 10, 2020)

DeathtoGnomes said:


> and always claiming m$ is perfect that can do no wrong.


And there you go, Henny, telling falsehoods again, instead of providing any evidence to support your constant FUD.

I never said MS or WF was perfect.  I even admitted and apologized for being wrong about it's outbound defaults.


DeathtoGnomes said:


> glad you see this our way finally.


My point never was about control, but sadly you don't seem to understand what that means. Just like you don't seem to understand the "the sky is falling" suggests impending doom, and how MS telemetry has nothing to do with malware. So again, this is just more of your FUD and spewing misinformation. Apparently, when you are incapable of defending your position with facts, or the truth, so you lash out with falsehoods and inaccurate personal accusations. I feel sorry for you. 

When you and your fellow biased MS haters can show us where WF is causing all these system compromises your FUD implies, or where switching to a 3rd party prevents them, I will pay attention. In the meantime, I will give your FUD comments all the attention they deserve. 

Frankly, I think this thread should be closed.


----------



## Kursah (Jan 10, 2020)

Bill_Bright said:


> Regardless, that is all beyond the scope of this thread. I'm moving on.



Why did you even say this? Please don't answer that, I'm asking so you can have food for thought.



Bill_Bright said:


> Frankly, I think this thread should be closed.



No thanks, we'd rather not if we don't have to. We'd rather members be constructive, without drama and BS, and surely without degrading a topic to the point it needs closed (talking to more than just you Bill).


*To all of you, keep this topic constructive or move along. To those of you involved in degrading this topic, stay tuned...*


----------



## DeathtoGnomes (Jan 11, 2020)

Bill_Bright said:


> My point never was about control,


And thats where we differ, my point is about control, 3rd party software gives that extra bit of control so you dont have to deal with WF or WinDefender, not because its better but because its easier to learn to some people. So if someone thinks disabling WD needs doing for some other software to perform better, its on them if something goes wrong.

IMO, any telemetry is malware related, its the same thing as tracking cookies but with a different name. I am biased but I dont hate m$, if you cant understand that, thats your problem stop being a ****** about it. Henry out ( @Kursah really this time!) .


----------



## R-T-B (Jan 11, 2020)

c2DDragon said:


> it. It shouldn't even go out without your persmission. It should be blocked by default, that's the purpose of a firewall.



Blocked outgoing by default would mean you are basically offline by default...


----------



## lexluthermiester (Jan 11, 2020)

R-T-B said:


> Blocked outgoing by default would mean you are basically offline by default...


Not really. It's a way of making sure that only the traffic you select is making it out of your system. If traffic is blocked by default the user can pick and choose which programs may connect to a network/internet. A good firewall will let you selectively regulate the OS itself without disrupting the network connection. This is part of the methodology that I use.


----------



## biffzinker (Jan 11, 2020)

lexluthermiester said:


> Let's be fair, it's not easy. But it is much better than it once was.


There's always a third party GUI option to make it easier. 

There's this from Malwarebytes:











						BiniSoft.org
					

Windows Firewall Control is a powerful tool which extends the functionality of Windows Firewall by adding outbound notifications and many other features.




					www.binisoft.org


----------



## R-T-B (Jan 11, 2020)

lexluthermiester said:


> Not really.



Functionally in it's default state I mean.  Of course it isn't that from a security perspective, but my point is it'd confuse the heck out of a novice user.


----------



## lexluthermiester (Jan 11, 2020)

biffzinker said:


> There's always a third party GUI option to make it easier.
> 
> There's this from Malwarebytes:


There is that. I haven't tested it yet. I have tested TinyWall and it is a great way for people to both control the Windows Firewall, but also learn how it works as they use it;








						Download TinyWall  - MajorGeeks
					

TinyWall is a free program to harden and control the advanced firewall built into Windows 7 and above. Using the advanced Windows Firewall built into newer Windows versions, TinyWall´s performance impact is negligible.



					www.majorgeeks.com
				











						Download TinyWall 3.2.5
					

Download TinyWall - A non-intrusive firewall software solution that was designed to provide some extra security and process monitoring capabilities, especially for home users




					www.softpedia.com
				



Evorim is also one that I've tested and promote. Well configured it is very solid;








						Download Evorim Free Firewall  - MajorGeeks
					

Free Firewall provides you with all the tools needed to protect against threats from the internet and more. Use your machine with confidence, knowing that you will be notified if any of your apps attempt to access the internet. You have the option to switch modes from Credulous, which allows...



					www.majorgeeks.com
				











						Download Free Firewall 2.6.2
					

Download Free Firewall - Protects your computer against all kinds of threats, preventing suspicious applications from accessing the Internet and sending data back home




					www.softpedia.com
				



I personally prefer Comodo's Firewall as it has much more fine-grained controls;





						Comodo Internet Security 2019 v12.0.0.6882 – Released - News / Announcements / Feedback - CIS
					

Comodo Internet Security 2019 v12.0.0.6882 – Released - News / Announcements / Feedback - CIS



					forums.comodo.com
				



This is the link for the forum page of CIS. It provides for the offline installer version. CIS will install in 30-day premium trial mode, but after 30days will revert to the free version.


----------



## moproblems99 (Jan 11, 2020)

lexluthermiester said:


> Well configured it is very solid;



Basically describes any firewall.  The problem is the configuration part.  Firewalls are very simplistic in what they do.


----------



## lexluthermiester (Jan 11, 2020)

moproblems99 said:


> Basically describes any firewall.  The problem is the configuration part.  Firewalls are very simplistic in what they do.


Oh good grief no. Some firewalls are garbage and no configuration can make them good. McAfee, Panda, BullGuard, ESET and ZoneAlarm are almost useless and should be avoided. BitDefender is another firewall that should be avoided but at least does something, poorly. AVG currently has a firewall that is on PAR with the Windows Firewall, but is easier to use. However, it doesn't allow some fine-grained controls on a per instance basis.


----------



## Ahhzz (Jan 12, 2020)

lexluthermiester said:


> Oh good grief no. Some firewalls are garbage and no configuration can make them good. McAfee, Panda, BullGuard, ESET and ZoneAlarm are almost useless and should be avoided. BitDefender is another firewall that should be avoided but at least does something, poorly. AVG currently has a firewall that is on PAR with the Windows Firewall, but is easier to use. However, it doesn't allow some fine-grained controls on a per instance basis.


Zone Alarm _used_ to be good, and I also used to use Black Ice, but it's long defunct. I'm running with TinyWall right now. Stops everything until you make a rule allowing it...


----------



## Solaris17 (Jan 12, 2020)

Ahhzz said:


> Black Ice



Black Ice Defender man those were the days


----------



## lexluthermiester (Jan 12, 2020)

Ahhzz said:


> I also used to use Black Ice, but it's long defunct.


Oh yeah. That was 11 years ago.


----------



## moproblems99 (Jan 12, 2020)

lexluthermiester said:


> Oh good grief no. Some firewalls are garbage and no configuration can make them good. McAfee, Panda, BullGuard, ESET and ZoneAlarm are almost useless and should be avoided. BitDefender is another firewall that should be avoided but at least does something, poorly. AVG currently has a firewall that is on PAR with the Windows Firewall, but is easier to use. However, it doesn't allow some fine-grained controls on a per instance basis.



Then I would argue that the firewall is not well configured at its core (IE not user configuration).


----------



## lexluthermiester (Jan 12, 2020)

moproblems99 said:


> Then I would argue that the firewall is not well configured at its core (IE not user configuration).


That would be poor coding, not poor configuration.


----------



## moproblems99 (Jan 12, 2020)

lexluthermiester said:


> That would be poor coding, not poor configuration.



Perhaps, perhaps not.

Edit: They likely piggy backed off a third party library.  Code monkeys are lazy.


----------



## lexluthermiester (Jan 12, 2020)

moproblems99 said:


> Perhaps, perhaps not.


There is a distinct difference between the two.


moproblems99 said:


> Edit: They likely piggy backed off a third party library. Code monkeys are lazy.


All of them? Very unlikely..


----------



## moproblems99 (Jan 12, 2020)

lexluthermiester said:


> There is a distinct difference between the two.
> 
> All of them? Very unlikely..



People don't like to reinvent the wheel so, yes, I bet they are all using libraries and didn't implement, or configure, them well.  I mean IME runs off minix, surely someone as big as Intel could have written everything on their own for IME.  Now think of much smaller software companies trying to make a buck.


----------



## matthewmatics (Jan 14, 2020)

All I can see in those words ^^ are "tweakers banging". LOL.


----------



## Octopuss (Jan 15, 2020)

I don't mind defender, mostly because I don't want to pay for standalone AV again (mostly because you have to pay a subscription), but at the same time I hate how relatively unconfigurable it is.


----------



## R-T-B (Jan 15, 2020)

lexluthermiester said:


> All of them? Very unlikely.



No, he's right.  Can confirm.

Source: I was a code monkey, once, long ago...  it stays with you.


----------



## notb (Jan 15, 2020)

Octopuss said:


> I don't mind defender, mostly because I don't want to pay for standalone AV again (mostly because you have to pay a subscription), but at the same time I hate how relatively unconfigurable it is.


What more would you like to configure and why?

In a perfect world there are no viruses and no malware. No one wants to hack into your PC or steal your data.
Until we achieve that - putting aside the issue of it being realistic - a fairly robust, rigid, universal and widely-available security suite is really the second best option.


----------



## wujo (Jan 15, 2020)

Windows defender won't stop viruses. Better to delete it and install malwarebytes for example


----------



## notb (Jan 15, 2020)

wujo said:


> Windows defender won't stop viruses. Better to delete it and install malwarebytes for example


Actually it will - and isn't half bad at it.
Malwarebytes may be better at malware, but is a lot more focused. It's a good addition to Defender, but surely not a replacement.


----------



## robot zombie (Jan 15, 2020)

wujo said:


> Windows defender won't stop viruses. Better to delete it and install malwarebytes for example


Why though? You can run them together. How bad is the performance hit on a modern machine?


----------



## Solaris17 (Jan 15, 2020)

robot zombie said:


> Why though? You can run them together. How bad is the performance hit on a modern machine?



Im just going to interject here Incase this is in fact the question you are asking. I’m on mobile so forgive line breaks.

you should NOT run multiple active AV on a system. And it has nothing to do with today’s PCs.

that’s a common misconception I don’t think it was ever about PC performance. Though with an HDD you really notice.

the problem lies in the actual engines and the potential to detect each other. Another huge problem is simultaneous file locks. You really just should not do it.

bit this statement has nothing to do with the OP so apologies


----------



## robot zombie (Jan 15, 2020)

Solaris17 said:


> mom just going to interject here Incase this is in fact the question you are asking. I’m on mobile so forgive line breaks.
> 
> you should NOT run multiple active AV on a system. And it has nothing to do with today’s PCs.
> 
> ...


Shows what I know haha.

I get that you generally don't do it, but hasn't mb been the exception for a while? They can be configured to step out of each other's way. I dunno, maybe I've gotten lucky but it's never caused me any of the issues you mentioned.


----------



## Solaris17 (Jan 15, 2020)

robot zombie said:


> Shows what I know haha.
> 
> I get that you generally don't do it, but hasn't mb been the exception for a while? They can be configured to step out of each other's way. I dunno, maybe I've gotten lucky but it's never caused me any of the issues you mentioned.



Like I mentioned active. Do you have the always on malwarebytes or just the scanner? That doesn’t matter. In the case of stepping out of each other’s way, that’s only true for defender and another AV that plays by MS rules of integration.

install norton and MCCaffrey next to each other, vastly different experience.


----------



## robot zombie (Jan 15, 2020)

Solaris17 said:


> Like I mentioned active. Do you have the always on malwarebytes or just the scanner? That doesn’t matter. In the case of stepping out of each other’s way, that’s only true for defender and another AV that plays by MS rules of integration.
> 
> install norton and MCCaffrey next to each other, vastly different experience.


Mmm... definitely. I am also on my phone and at work so I'm not being very clear.

The standard way to run them together is to let Windows defender hand off the real-time protection to mbam. Wd will still update and run scans.

This can all be done as a part of setting up mbam.

Just seemed like a no brainier to me. What I wasn't getting was going through the trouble to actually gut wd when actually they know how to work together out of the box. All it's doing at that point is updating and scanig when the PC isn't in use. No perf hit outside of mbam, which also isn't bad ime.

Or you could keep wd rt protection and run mbam free for its scans. Which is probably a good, lightweight answer for most people.


----------



## biffzinker (Jan 15, 2020)

Someone at my parent's house did something that allowed malware through. Windows Defender stopped, and quarantined one but didn't detect four more hiding in the ProgramData directory that Emsisoft Emergency Kit found. Mom was complaining about all the web browsers having search changed to Yahoo! when she wanted DuckDuckGo.









						Emsisoft - Emergency Kit: Free Portable Malware Scan and Removal
					

Emsisoft Emergency Kit is the ultimate free anti-malware and antivirus tool to scan, detect and remove viruses, keyloggers and other malware threats.




					www.emsisoft.com


----------



## lexluthermiester (Jan 15, 2020)

R-T-B said:


> No, he's right.  Can confirm.
> 
> Source: I was a code monkey, once, long ago...  it stays with you.


I don't buy it. Sorry, I've seen and used way to many firewalls.


----------



## robot zombie (Jan 16, 2020)

biffzinker said:


> Someone at my parent's house did something that allowed malware through. Windows Defender stopped, and quarantined one but didn't detect four more hiding in the ProgramData directory that Emsisoft Emergency Kit found. Mom was complaining about all the web browsers having search changed to Yahoo! when she wanted DuckDuckGo.
> 
> 
> 
> ...


Had a similar experience with that one once... good one to have in your toolkit. But I avoid thier suite like the plague. It works okay, but it's bloat city and the interface wasn't great imo.


----------



## zerocoolroot (Feb 3, 2020)

c2DDragon said:


> I just googled "disable windows defender"
> 
> 
> 
> ...



This procedure does not work for 1909, to disable Real-Time Protection. Only works for 1903 and earlier .. !!


----------



## rtwjunkie (Feb 3, 2020)

robot zombie said:


> Why though? You can run them together. How bad is the performance hit on a modern machine?


Yes, the two of them actually complement each other. Malwarebytes has actually worked with MS to make it so, since MBAM is not an antivirus.  There are a few more that also are good with it as well.

They’ve also worked with Bitdefender so they play nice together, both resident.


----------



## Deleted member 171912 (Feb 3, 2020)

Bill_Bright said:


> Plus, I note now it is called Microsoft Defender because it is much more than just a malware scanner for Windows, the OS. For example, the built in firewall is part of Microsoft Defender.



AV, Defender, is not just scanner. It is anti-malware engine (service). And don't have integrated firewall. Microsoft just used name Defender for firewall already integrated in OS. They want to show users that in OS is also firewall. Just stupid marketing.

You have no chance to defend yourself on Internet without always running anti-malware engine. Only AV scanner is useless.


----------



## R-T-B (Feb 3, 2020)

lexluthermiester said:


> I don't buy it. Sorry, I've seen and used way to many firewalls.



I was only talking about code monkeys being lazy...  lol


----------



## Deleted member 171912 (Feb 3, 2020)

Windows Firewall now stup* named Windows Defender Firewall is advanced firewall with all needed features for desktop. In OS with some modifications is since Windows XP SP2. It is NOT part of AV. Easy config from Control Panel. On/Off using "Turning on or off". Basic configuration using "Allow an app or feature through" and advanced configuration using "Advanced settings" or CLI.


----------



## R-T-B (Feb 3, 2020)

rblc said:


> You have no chance to defend yourself on Internet without always running anti-malware engine.



People always say this.  I must be interneting wrong.



rblc said:


> AV, Defender, is not just scanner. It is anti-malware engine (service). And don't have integrated firewall. Microsoft just used name Defender for firewall already integrated in OS. They want to show users that in OS is also firewall. Just stupid marketing.
> 
> You have no chance to defend yourself on Internet without always running anti-malware engine. Only AV scanner is useless.



Sounds like you are splitting hairs, honestly.  Who cares under what name they bundle it?


----------



## Solaris17 (Feb 3, 2020)

Just realized the OPs question was probably answered long ago. Per usual the back and fourths happen with no end in sight.


----------

