How to disable Windows Defender in Windows 10 1909

[lexluthermiester]

Any firewall is Swiss cheese at default

Incorrect, and if you taken the time to test many of them you would not think so. Even the inbuilt Windows Firewall has improved greatly in the last few years. Granted, it's not perfect, but it's hardly swiss-cheese.

 

[Bill_Bright]

Any firewall is Swiss cheese at default

No they aren't! That would be silly. Most (including that included in Windows) are perfectly fine in their default settings. If not, 100s of millions (billion+) computers would already be hacked.

If anything, after market firewalls may be too aggressive in their default settings.

No firewall is perfect but firewall technologies are nothing special (or proprietary) either. In fact, it is simple to block ports which is why even basic, rudimentary firewalls like TinyWall are so effective.

Windows Firewall is actually a very robust and flexible firewall, easily and highly customizable for those that like to tinker simply by entering the "Advanced Security" menu . It is a powerful, two-way, stateful-packet inspection (SPI), packet-filtering firewall. Actually, beginning with XP SP2 when the integrated FW was upgraded from one-way to two-way, Windows Firewall has been very effective and more than adequate for most users. In fact, IMO MS making it two-way is why ZoneAlarm started branching out into anti-spyware and then full security suites - people stopped using their firewall because it just was not needed.

Again - it is easy to block ports (against unauthorized in or out access) from within the OS. The methods are not proprietary.

The ONLY thing that makes 3rd party firewalls like ZoneAlarm or Comodo firewalls stand out is their extra bloat... err... extra features nobody... err... very few people ever need. In other words, marketing fluff.

 

[c2DDragon]

Incorrect, and if you taken the time to test many of them you would not think so. Even the inbuilt Windows Firewall has improved great in the last few years. Granted, it's not perfect, but it's hardly swiss-cheese.

Windows Firewall is actually a very robust and flexible firewall...

Windows Firewall is actually very bad at doing his job.
I invite you do test it using this leaktest : https://www.grc.com/lt/leaktest.htm
Download the test then test for leaks you will be notified your firewall has been penetrated.
The Windows Firewall settings are supposed to block everything that is not in the list of the authorized apps but it doesn't actually block everything that is not in this list. It's just the worst firewall you can rely on.

 

[Jetster]

Doesn't Windows 10 automatically disable Defender if you install a Anti virus ?

 

[Bill_Bright]

I have a lot of respect for Steve Gibson but his LeakTest app cannot be trusted for this. If you Google this, you will see this has been going on for many years - and not just with Windows Firewall. If you look here, you will see this poster's firewall failed LeakTest even after he unplugged the Ethernet cable!

Do you seriously think these firewall developers would allow their programs to be so easily by-passed since 2002 if really a problem?

It should also be noted why LeakTest reported they failed. It reported they failed because LeakTest was able to get "out". Not "in". That is a HUGE distinction. Did LeakTest sneak past my router, past my firewall, past my anti-malware solution and past me on the way "in" when I intentionally downloaded it? NO!!!! I opened the doors and invited it in. I intentionally saved it to my computer. And I intentionally ran it. I let it in, and out!

But what happens if you create a simple rule in Windows Firewall to block LeakTest? This is what happens:

If you want to use Steve Gibson to test your port security, use his ShieldsUP! Windows Firewall passes no problem.

Doesn't Windows 10 automatically disable Defender if you install a Anti virus ?

It disables its real-time scanner. It does not disable every feature. For example, if you install Malwarebytes, Windows Firewall remains active - and that's a good thing. BTW, you can go into Malwarebytes control panel and tell it not to register itself with Windows Security Center. Then Windows Defender and Malwarebytes can run at the same time. This is not a problem because both play well together without conflicts or hogging resources.

 

[c2DDragon]

I invited you to test it to show you the Windows Firewall, by default, is letting anything go out without you could even notice.
As you said, you did create a rule to block it. It shouldn't even go out without your persmission. It should be blocked by default, that's the purpose of a firewall.
Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.
Many programs you could intentionaly let in can spread data.
Windows Firewall is the contrary of user-friendly in my opinion and it's not safe to let data go out like this, like it's designed by default.
Neither it's safe to say Windows Firewall is enough.

 

[moproblems99]

I invited you to test it to show you the Windows Firewall, by default, is letting anything go out without you could even notice.
As you said, you did create a rule to block it. It shouldn't even go out without your persmission. It should be blocked by default, that's the purpose of a firewall.
Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.
Many programs you could intentionaly let in can spread data.
Windows Firewall is the contrary of user-friendly in my opinion and it's not safe to let data go out like this, like it's designed by default.
Neither it's safe to say Windows Firewall is enough.

There is always a fine line between usability and security. 98% of people would not know why their stuff didn't work if rules were set that way on installation. Wouldn't look good for Microsoft would it?

 

[c2DDragon]

There is always a fine line between usability and security. 98% of people would not know why their stuff didn't work if rules were set that way on installation. Wouldn't look good for Microsoft would it?

You can see there is, by default, a notification telling the user a program is blocked. Many programs installed by default in any fresh Windows are whitelisted. We got the UAC prompt, there is a notification system from the firewall for inbound connections, there could have left the people decide what they want out too. Maybe they prefer to have a lot of data analyzed by Windows Defender.

 

[Bill_Bright]

It shouldn't even go out without your persmission.

You are missing the point. In the year 2020 with modern Windows (W7 and newer), we should not have to give permission to every program we intentionally download and install. That is too aggressive. If you want that sort of required interaction, fine. But it just is not needed.

It should be blocked by default, that's the purpose of a firewall.

NO!!! The purpose of a firewall is to block unauthorized access attempts. When you, an authorized user of that machine, intentionally visit a site, intentionally download and run a program (that is scanned on the way in and found to be safe), that is not an unauthorized access.

Now if LeakTest demonstrated some malicious activity, that would be different. But it doesn't.

Windows Firewall, by default, is letting anything go out without you could even notice.

No its not. Just because it let LeakTest out, that does NOT, by any means, mean it will let "anything" go out.

And again, this program was deemed safe via my browser, router, two real-time anti-malware solutions (Windows Defender and Malwarebytes Premium) and the firewall on the way in.

If you are that worried about unauthorized "outgoing" access attempts, I suggest you re-evaluate your incoming/real-time protection. I have full confidence in mine.

Again, if what you are suggesting were true, many 100s of millions of Windows Firewall users, as well as most 3rd party firewall users, would be compromised. Ain't happening. Remember, as the documentation for Leaktest reports, most personal firewalls fail this test.

Show us the evidence because LeakTest alone is not it. If it was, why doesn't the much more thorough ShieldsUP! from the same Steve Gibson report problems?

Another good test is this one from Hacker Target. Enter the IPv4 IP address assigned to you by your ISP. If you don't know it, use WhatIsMyIP.

Also, Shield Check.

Any malicious programs can go out wihout your permission if you don't block all the outgoing traffic then do your own rules.

No. Sorry, but that is just nonsense! I am afraid you don't understand computer security software at all - or maybe you are one to not run with any security? Or maybe you just let "any malicious program" run on your systems. I don't. If any try, I block them via Windows Firewall, my browser, and my anti-malware programs BEFORE they can come in.

If you don't trust Windows Firewall, don't use it. No skin off my back. But please stop spreading FUD by suggesting to others it is not safe. If is.

 

[thesmokingman]

I know what files I download (from very trusted sources), what sites I browse, which emails don't trust, and if I'm unsure I use virustotal.com to check some files that I dl from less trusty sources. I assure you, I'm without any AV and didn't have a virus/malware running on the system in many years. I don't need AV, that's why I want it disabled.

Hubris...

 

[c2DDragon]

You are missing the point. In the year 2020 with modern Windows (W7 and newer), we should not have to give permission to every program we intentionally download and install. That is too aggressive. If you want that sort of required interaction, fine. But it just is not needed.
NO!!! The purpose of a firewall is to block unauthorized access attempts. When you, an authorized user of that machine, intentionally visit a site, intentionally download and run a program (that is scanned on the way in and found to be safe), that is not an unauthorized access.

You either didn't read anything or else you just ignore it for whatever reasons. Your firewall is just accepting outgoing connections by default it's a fact. It could be from ANYTHING on your computer that you didn't block it making a rule.

Now if LeakTest demonstrated some malicious activity, that would be different. But it doesn't.
No its not. Just because it let LeakTest out, that does NOT, by any means, mean it will let "anything" go out.

And again, this program was deemed safe via my browser, router, two real-time anti-malware solutions (Windows Defender and Malwarebytes Premium) and the firewall on the way in.

If you are that worried about unauthorized "outgoing" access attempts, I suggest you re-evaluate your incoming/real-time protection. I have full confidence in mine.

Again, if what you are suggesting were true, many 100s of millions of Windows Firewall users, as well as most 3rd party firewall users, would be compromised. Ain't happening. Remember, as the documentation for Leaktest reports, most personal firewalls fail this test.

It's just a program that ping a website and it worked because your firewall didn't block it.
I have nothing to worry about my computer security.

Show us the evidence because LeakTest alone is not it. If it was, why doesn't the much more thorough ShieldsUP! from the same Steve Gibson report problems?

Another good test is this one from Hacker Target. Enter the IPv4 IP address assigned to you by your ISP. If you don't know it, use WhatIsMyIP.

Also, Shield Check.
No. Sorry, but that is just nonsense! I am afraid you don't understand computer security software at all - or maybe you are one to not run with any security? Or maybe you just let "any malicious program" run on your systems. I don't. If any try, I block them via Windows Firewall, my browser, and my anti-malware programs BEFORE they can come in.

Pictures of default settings worth more than words I guess. It's in french but you can check your settings it will be the same.
This means if your computer is infected, your antimalware fails, data will be leaked.

If you don't trust Windows Firewall, don't use it. No skin off my back. But please stop spreading FUD by suggesting to others it is not safe. If is.

I don't trust this firewall, as I wrote previously (but you didn't read anything I guess) I use another firewall.

 

[Bill_Bright]

You are still assuming any malicious software is going to get by all our defenses coming in, remain totally undetected while running once in, then be able to phone home, again without being detected.

20 years ago, I might make that assumption. But not today.

Regardless, that is all beyond the scope of this thread. I'm moving on.

 

[c2DDragon]

You are still assuming any malicious software is going to get by all our defenses coming in, remain totally undetected while running once in, then be able to phone home, again without being detected.

20 years ago, I might make that assumption. But not today.

Regardless, that is all beyond the scope of this thread. I'm moving on.

I was just saying the windows firewall let outgoing traffic, from everything which is not blocked by a rule of the user, move out without telling users anything. It's a fact if you don't change those settings.
If you think nothing can beat your computer security I just have nothing to say, you believe what you want to believe, I won't judge.

 

[moproblems99]

Your firewall is just accepting outgoing connections by default it's a fact. It could be from ANYTHING on your computer that you didn't block it making a rule.

That's because in most cases, you put that software there. Obviously, there are exceptions but allowing out by default is the correct posture. For 99% of the time, it will be fine.

Besides, any good malware will obfuscate their phone homes behind other services anyway.

 

[Bill_Bright]

If you think nothing can beat your computer security I just have nothing to say, you believe what you want to believe, I won't judge.

I never said or implied that - nor would I. That's why I already have multiple layers of security protecting my computers from incoming threats and from malicious activity running on my computers. That's why I keep my security and my OS current. And that is why I have trained and disciplined myself, my family, and my clients to not be "click-happy" on unsolicited links, downloads, attachments, and popups.

If malware is trying to connect to the Internet, your security has already failed and the damage is done. Malware does not need outbound access to corrupt your system. If malware were that smart to get past all your security on the way in, and is that smart to avoid detection while running, it is smart enough to open blocked ports, imitate a legitimate program, or piggy back on the communications setup by a legitimate program.

And once again - most 3rd party firewalls fail Gibson's LeakTest in their default settings. Does that mean they must automatically be avoided and replaced by another firewall? Of course not. Just enable outbound blocking, then be ready to be bombarded by outbound access requests.

 

[c2DDragon]

I never said or implied that - nor would I. That's why I already have multiple layers of security protecting my computers from incoming threats and from malicious activity running on my computers. That's why I keep my security and my OS current. And that is why I have trained and disciplined myself, my family, and my clients to not be "click-happy" on unsolicited links, downloads, attachments, and popups.

If malware is trying to connect to the Internet, your security has already failed and the damage is done. Malware does not need outbound access to corrupt your system. If malware were that smart to get past all your security on the way in, and is that smart to avoid detection while running, it is smart enough to open blocked ports, imitate a legitimate program, or piggy back on the communications setup by a legitimate program.

And once again - most 3rd party firewalls fail Gibson's LeakTest in their default settings. Does that mean they must automatically be avoided and replaced by another firewall? Of course not. Just enable outbound blocking, then be ready to be bombarded by outbound access requests.

Prevention > Protection for me.
By the way if you spend 1 hour judging which service/program can safely have an access granted you can learn what you machine is doing.
Then when some stuff tries to connect for any reason you can stay master of the situation.
You sure will lose time granting access to the stuff but you will be able to learn the OS more if you take time to check what the services are doing and why. If you don't care well that's another problem.
Many zombies PC run around the world cause people don't care or are not even able to tell there is outgoing traffic.
Judging by your aggressivity and the arrogance I did feel from your previous posts I was sure you were thinking your computer was heavily protected and you were thinking I had no clue what I am doing with mine. Please next time let's just discuss the way it's meant to be in this community.

 

[lexluthermiester]

Windows Firewall is actually very bad at doing his job.
I invite you do test it using this leaktest : https://www.grc.com/lt/leaktest.htm
Download the test then test for leaks you will be notified your firewall has been penetrated.
The Windows Firewall settings are supposed to block everything that is not in the list of the authorized apps but it doesn't actually block everything that is not in this list. It's just the worst firewall you can rely on.

Normally, I'd rather shoot myself than use the Windows Firewall(not because it's not a decent firewall, but because I don't trust Microsoft), but I had to take this challenge. Tested it on a spare machine.Fresh install of Win10, default settings and funny enough I got the same result as Bill. I'll leave it at that.

 

[Bill_Bright]

For the record, I was wrong when I said Windows Defender blocked outgoing access by default. I failed to follow my own advice and do my homework first . I think I was flashing back to early days when the complaint was that Windows Firewall was only a one-way firewall. Either way, I should have verified my facts first. So my apologies for that.

Prevention > Protection for me.
By the way if you spend 1 hour judging which service/program can safely have an access granted you can learn what you machine is doing.
Then when some stuff tries to connect for any reason you can stay master of the situation.

I agree, but this can easily be accomplished with any firewall. It really is simple to enable outgoing connection blocking with Windows Firewall - a couple clicks and done. It really is simple to customize access on a case by case access. So to suggest otherwise is simply misleading.

If you don't care well that's another problem.

You keep suggesting I, and others who use Windows Firewall don't care about security. That's nonsense. Maintaining major sensitive and secure IS/IT communications networks has been a major part of my life since the early 70s. I take security and "practicing safe computing" very seriously. And for what its worth, none of my personal systems, or any system I am responsible for has ever been compromised - EXCEPT once almost 30 years ago when a work computer was hit via the "sneakernet". A co-worker brought in an infected floppy disk from home, forgot he left it in the drive, then the next day the computer was rebooted. Never again.

What I have learned over the decades is that we don't need multiple deadbolts on our doors to keep the bad guys out. I have learned that a layered approach to security is best, but we don't need layer after layer after layer after layer.

We don't need to drive around in an Abrams tank to remain safe. But we do need to have a late model car with current safety features and keep it current and properly maintained. AND most importantly, we need to drive defensively.

If we were back in XP days, I would agree with you 100%. In fact, back then I used ZoneAlarm and I made sure I controlled everything coming in and going out. But that just is not necessary today. Today's Windows users do NOT need to be security experts to keep their computers secured. If they stick with the defaults, keep their computers updated, and avoid risky behavior, odds are they will be safe.

Bad guys are lazy opportunists. They go for the easy pickings. If they encounter any resistance, they move on - unless they are specifically targeting you. And in that case, you have bigger issues to worry about.

Judging by your aggressivity and the arrogance

Arrogance? Come on! Don't start being insulting now. That's being arrogant! If I was arrogant about security, I would think I am smarter than the bad guys. And I made it clear way back on Monday, in my 2nd post in this thread that I was not smarter than the bad guys, that I could slip up and let something slip by. So stop degrading the thread with personal insults. That gets no one anywhere.

Aggressive? I prefer to call it robustly defending against misleading information with vigor. But if you prefer aggressive, that's fine. And yes, you are being misleading by suggesting users of Windows Firewall (and apparently every firewall that does not have outgoing access blocked by default) are unsafe. Evidence proves that is simply false and suggesting otherwise is simply spreading FUD. So yeah, I get aggressive when posters distort the facts and spread FUD.

 

[c2DDragon]

I was not insulting you, you didn't pay attention to the end of the sentence "the arrogance I did feel from your previous posts". That's what I did feel.
I won't insult anybody who disagrees with me. Please.

I don't think I spread FUD. That's what you think and that's insulting. Did I say people are unsafe ? Saying it's safer to block doesn't mean your computer is at heavy risks, doomed and everything will burn before you can do anything, if you don't block

Windows defender and the windows firewall are easily customable by the malwares cause the bad guys (I like the term ) have them too so they can easily do smart scripts and take everything down. I prefer having another firewall.
Majority of users don't even look where they download things so you know.

It's just safer to control. I don't believe I am wrong neither that people have to be experts to judge if the "non-already in the already built whitelist" programs can have their outgoing access granted or not, because as I wrote and you can see it while using this firewall, there is already a notification for the user to decide if he/she wants to accept the incoming connexions, I don't see why they didn't push the user to do the same for the outgoing ones.

Now you say there is no need to block outgoing ones, it's your point of view.

 

[RadeonProVega]

Reading some of these comments , wow. Some of yall are asking "why would you disable it? lol why wouldn't you?
I disable Windows firewall, and defender, removed that notification nonsense that pops up about the security center, etc. I'm using windows 10 (pro for workstations). I always removed all that junk, even when i was using windows 7. You don't need any of that. Its just a system hog taking up resources.

 

[DeathtoGnomes]

Anyone that says Window Firewall is easy to manage is nuts, its got a steep learning curve for those persistent on learning to create and manipulate rules. What they dont tell you is that when you do manage to create a rule, WF will ignore it and/or bypass it if you are trying to block certain things from m$.

This rule for example, if I chane this to Block, windows will create another as Allow. (tried several times)



For those NOT trained in security, people with a very basic knowledge of windows are better off using an aftermarket firewall. The "aggressive" nature of them forces the user to learn more about blocking and allowing more than WF ever will (without truly screwing everything up). The other thing about aftermarket firewalls is that they will show the crap that m$ deems necessary to have a connection to the internet, when windows works just fine if they dont. Another positive about aftermarket firewalls is that it/they will give you more power over privacy, like blocking Nvidia's telemetry data and windows update.

 

[Bill_Bright]

Anyone that says Window Firewall is easy to manage is nuts, its got a steep learning curve for those persistent on learning to create and manipulate rules.

I like nuts. I totally disagree with everything you said. For one, there is nothing to manage. It is as easy as managing fragmentation on your hard drives. It is as easy as managing your Page File. Just let Windows do it. It knows how very effectively. If you disagree, show us some evidence that Windows Firewall is allowing the 100s of millions of Window Firewall users to be compromised.

You are wrong about the learning curve. It is super easy. It just took just a few seconds - to include browsing to the file location - to create a rule for LeakTest. I contend for anyone who has never dug around a Firewall menu system and created rules in any firewall, the learning curve is a bit steep. Heck, even just changing default browsers imposes a learning curve. Any time you are not familiar with something, it takes some getting used to. Then it typically becomes intuitive.

That said, Microsoft does not pretend Windows Firewall is anything more than a basic firewall. Why? Because the vast majority of users don't need anything more than a basic firewall.

For those NOT trained in security, people with a very basic knowledge of windows are better off using an aftermarket firewall.

That's just silly and I totally disagree. For those NOT trained in security and for those with a very basic knowledge of Windows, they are MUCH better off just letting Windows manage it. It works! You would have a non-expert, with "very basic" knowledge of Windows - someone who therefore knows little to nothing about firewalls in the first place, try to figure out what to get, how to install it and then learn a something totally new? That makes no sense at all. If someone is that inexperienced with Windows, they likely have no need for any rules anyway.

Firewall technologies are nothing special. The method to block a port is NOT proprietary. It takes no special coding.

Windows defender and the windows firewall are easily customable by the malwares

What a bunch of bullcrap!

cause the bad guys ... have them too

Yeah right. Because everybody knows the badguys can't get their hands on ZoneAlarm, Comodo or Avira. How absurd can you get?

I'm done here. This is just shameless, pointless, Microsoft bashing now - not an intelligent debate.

 

[DeathtoGnomes]

As someone extensively trained by m$, naturally you defend its decisions that m$ knows better and scoffs anyone who wants to take it off the beaten path.

For one, there is nothing to manage.

yea m$ feeds that line of garbage to everyone about everything. "windows will do it for you", now it can tell me when eat, drink, shit, and sleep too? No thanks. Keep on thinking this is windows bashing, its not, its disagreeing with your "law".

EDIT: If I was to call up my mother or sister and ask them "hey I need you to create a firewall rule to block iTunes ( for whatever shady reason)" the first word they'll say is "WHAT", then they'll ask whats windows firewall.... Enter the steep learning curve. Once something is learned, then you can say "oh thats easy". Atleast ZoneAlarm had pop ups that asked what you wanted to do.

 

[Bill_Bright]

It is not my law. It is just the facts. If you disagree, then show us the facts! Show us the evidence! Show us where all these WF users are being compromise because they use WF. Show us where all these WF compromised WF computers are phoning home because WF isn't blocking the malicious code that some how got on these machines.

Show us where I am wrong. I already admitted once I made a mistake. I'm man enough to admit it again. Just show us!

 

[oobymach]

No they aren't! That would be silly. Most (including that included in Windows) are perfectly fine in their default settings. If not, 100s of millions (billion+) computers would already be hacked.

The ONLY thing that makes 3rd party firewalls like ZoneAlarm or Comodo firewalls stand out is their extra bloat... err... extra features nobody... err... very few people ever need. In other words, marketing fluff.

Some of those extra features like anti ransomware are a must in these times imo.

The free versions often use less resources than windows so I would recommend using one, especially if you're planning on disabling windows security but extra security isn't a bad idea.

I've seen hacking take place and years ago pinged the british secret service mi6, I googled the ip addresses I found in my router after it happened, one gave me a physical address in the uk, I googled the address and it came back as the MI6 building, did I mention I broke national security at one point lol? Shortly after that my routers internals were compromised so to speak and it stopped recording traffic. The pictures I had of an incident were also deleted remotely, lmao, been on watch lists ever since.