Defender (Firewall) Blocking Chrome

I cannot get Chrome to access any websites without first turning off my firewall. However, I do not have this issue with Edge or any other application. I have uninstalled Chrome and reinstalled it. I have followed most of the recommendations that I found online. I have not reset (restored defaults) in my firewall. I use Chrome as my default browser and I don't want to turn off my firewall to use it. Do you have any suggestions?
I'm about ready to try Tweaking.com's Windows Repair to see if it can help.

 

not here. any specific settings, or using windows firewall control? -> support!
whats the exact message?
used any hardening tweaks?

 

I've allowed Chrome internet access via the firewall. There is no message other than Chrome cannot access any websites if Defender is enabled. No hardening tweaks. Again, this issue is Chrome unique--Edge works fine as do all other applications.

 

Defender is NOT firewall - and both work independent, although both a part of the windows security.
it has reason when the windows firewall is blocking "chrome.exe". i would think you have a malformed rule, you can reset windows firewall. for Windows Defender you need to check the message why chrome.exe is blocked.

sorry, but without any evidence as a picture or log event there is no clear answer possible

 

Please explain this then:

 

very simple: "Windows Security" contains several features, such as "Windows Defender" / "Microsoft Defender", and the "Windows Firewall with Advanced Security"
There exist no "Windows Defender Firewall" although they claimed to give that name.
its defender, and a firewall, not more, not less. two independant features where are combined in "security"

2016
https://learn.microsoft.com/en-us/w...urity/network-security/windows-firewall/tools

current
https://learn.microsoft.com/en-us/p...ows-server-2012-r2-and-2012/jj717254(v=ws.11)

so at least the firewall (feature) is blocking chrome. check out the rest of my question.

 

Is Chrome set to use a custom DNS provider? If so, maybe an invalid setting there?

Information on the settings, if needed.
https://www.minitool.com/news/how-to-change-dns-server-in-google-chrome.html

I mention it in relation to a firewall as secure DNS would use a different port. Maybe the port is blocked?

 

the firewall only decide on its current rules. as i wrote, its independent of defender.
i ask for logged events, currently no information. no path, no details about source of chrome.exe, could be fain/fake/malware/anything. i still cannot confirm his issue.

 

Windows Firewall does not appear to log by default.
https://learn.microsoft.com/en-us/w...indows-firewall/configure-logging?tabs=intune
Fake Chrome? Maybe.

 

I'm sorry, but I don't know what you mean by logs or path or what details you are looking for. I've uninstalled and reinstalled Chrome that I downloaded from the Chrome homepage. I set Chrome as my default browser and set it to allow within the firewall. If I turn off the firewall, Chrome can access websites. If I turn on the firewall, everything else can access the internet; only Chrome cannot. The message is as follows:

 

Follow up. On the above-mentioned page, I clicked on "running windows network diagnostics". It ran through some type of "fix" and asked if wanted to apply a "hotfix" related to my firewall. I said yes and my Chrome can now access websites. However, when trying to update Google, Help>About Chrome>update, it cannot find the server.

 

i would say, some issue of this combo:

sorry, but i do not trust this crappy software. to be more precisely - none of them, except BD - and for BD the or several web-protection features.
i did no see it earlier but all of those have constant changes, more changes than windows defender - which is disable with BD. Defender is only Defender, an antivirus without any further features. firewall is firewall. anything else is related to BD and other software, you have installed.
installing more of this wont help more, in fact its' less helpful and has impacts to each other.

 

Hi @Alexhousek

how do you have the firewall configured? Is it configured to block inbound and outbound by default?

Anyway, for logs try the Windows Event Viewer.

1. Open Event Viewer as Administrator
2. Go to: Windows Logs-> Security
3. Right-click on Security->Find...
4. Search for keyword "outbound" (no quotes).
5. you want to find Event ID's 5157 which is Windows Filtering Platform blocked connections
6. In the lower pane of Event Viewer look for Application Name path and look for any evidence of chrome-related processes.

Please see attached screen shots.



EDIT

you could even search for chrome. Also to refine your search maybe first from Right-click context menu, select "Filter Current Log" and where you see <All Event IDs> click in the field and type 5157-> OK.

 

@wat0114
The security log isn't going to have any of that. It looks like maybe if you go to:
Applications and Services log/Microsoft/Windows/Windows Firewall with Advanced Security
and check under that section.

 

Hmmm...maybe but I checked and could find nothing about successful connections with Floorp or Edge browsers which n my case I'm using.

The only other place might be to open Windows Firewall with Advanced Security, and under the Active Profile->Windows defender Firewall properties, check where the log file is stored. Probably at: %systemroot%\system32\LogFiles\Firewall\pfirewall.log

Edit

it has to be configured first to:
Log dropped packets-> Yes
Log successful connections-> Yes

 

Actually I think the Event Viewer should reveal Blocked connections for Chrome and other browsers. I used WHHL Firewall hardening Tool to create a Block rule for C:\Program Files\Ablaze Floorp\floorp.exe and the blocked connection attempts were logged:

 

no 5157 here, but firewall is set to allow by default. no additional software like wfc.
thats why i asked for tools. and resetting firewall idd helped so there were rules against chrome.

open this file

(HOSTS is the file, no file extension)

if not firewall, then here.

do not exists here, was asked to create it.

you should perform a clean boot without any other drivers than microsoft
https://support.microsoft.com/en-us...-windows-da2f9573-6eec-00ad-2f8a-a97a1807f3dd

i also mentioned that the bunch of installed "security" software can also cause such side effects.

 

Would make sense. I checked 2 machines and neither had any logs for such things.

 

Right, it has to be configured first for the Active profile before it creates a log file.

https://help.pdq.com/hc/en-us/artic...ll-Activity-in-Windows-Defender-Firewall-Logs

 

Thank you for your suggestions. It might be a day or two until I can look into them and report back.

 

RESULT:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# ---.0.0.1 localhost (deleted first 3 numbers for security)
# ::1 localhost​

 

I'm not sure what you mean by the last line above? What am I supposed to create?

Anyway, there is not firewall folder in the logfiles folder. See below:

 

i miss the test with the clean boot.

 

System Informer neatly shows in real time, if something is blocked by the firewall and by what rule as well.

 

good point