How to stop explorer.exe outbound connections on Windows 8.1

3

I've got this annoying outbound TCP connection from explorer.exe to 111.221.29.122 using port 443 (Windows 8.1). Apparently this is some kind of push notification service as describes here:

https://security.stackexchange.com/questions/87505/why-is-windows-explorer-making-external-connections

I have disabled everything I could think of, including these notification things, automatic updates and what not. I even tried to brutally kill the outbound connection. Nothing helps. It's amazing how so many programmers work their keyboards to get us all into the cloud while some of us desperately want some basic privacy...

Rhetoric aside, how do I make explorer.exe stop opening sockets without my consent?

UPDATE: Attached below is what I see. Do you see this on your Windows 8.1?

Dima

Posted 2015-06-15T20:12:48.677

Reputation: 248

Have a look at this site: http://www.windows8tricks.net/2011/12/disable-application-push-notification-windows-8/ ... it has some registry tweaks you can do to turn off Push Notifications ..

– txtechhelp – 2015-06-15T20:22:34.430

@txtechhelp, these instructions appear to be outdated as I don't have these registry keys, besides I've disabled all push notifications from "Change PC Settings/Search and apps/Notifications", so it's probably not about notifications and something else lingering there. – Dima – 2015-06-16T05:34:46.827

Answers

0

If you search for "notifications" in your start screen, you will find the notifications settings page. Here you can turn off the notifications altogether or for specific apps.

As the other answer says, this is an internal Windows function and the IP address belongs to Microsoft.

Whilst you could indeed block all outbound access to that address, I think you will find that it is actually an inbound connection. That too can be blocked but it is easier to turn off notifications.

UPDATE: To actually block the connection, open Windows firewall and add 2 new rules. Inbound and Outbound. Create customer rules, accept the defaults until you get to the Scope page and set the remote IP address to 111.221.29.122 and the action to Block. Accept the rest of the defaults and give it a meaningful name and description so you can find what you did in the future to undo it again.

Julian Knight

Posted 2015-06-15T20:12:48.677

Reputation: 13 389

I've disabled all notifications through "Change PC Settings/Search and apps/Notifications", I have also tried to disable an individual per app settings as well, no reaction. The connection stays active. Yes it is apparently a MS server.. So what, it is my computer after all. I tried to prevent exlorer.exe using public network by means of firewall, but that blocked all browsers as well. No luck so far. – Dima – 2015-06-16T05:29:01.940

Regarding the UPDATE - I wish it was just one IP address to block.. The explorer.exe keeps connecting to a range of addresses and I don't know how big is this range. Right now it's hooked onto 111.221.29.76. I think it grabs a new address as soon as it gets hold of the public internet access. I think it's bizarre.. – Dima – 2015-06-16T21:49:41.497

That isn't bizarre at all, it is common practice for a global service. You would have to block the whole subnet but that might well have other implications. I recommend that you forget about it and move on. Even if you spend loads of time trying to "fix" this, it is integral to Windows and might well change in the next release which is only a month and a half away. – Julian Knight – 2015-06-16T23:08:25.947

It's bizarre because it's against any common sense concerning privacy, not because they use the entire subnet to "ring home". This is what spyware and malware do.. – Dima – 2015-06-17T06:08:22.667

It uses a large subnet to ensure continuity of service. That malware does the same thing is a convergence of design and not bizarre. – Julian Knight – 2015-06-17T06:11:48.630

I am looking for a way to DISCONTINUE this service. The car which goes sideways when you expect it go forward is based on bizarre convergence of design. The computer talking to other computers without user's consent is a computer running bizarre software. Julian, if you have any practical suggestion please share, it turns into useless rant... – Dima – 2015-06-17T08:17:00.147

Sorry you don't like the advice but it is what it is. This is how Windows works, if you don't like it, the advice is to change to something else. Don't know what else I can suggest sorry. – Julian Knight – 2015-06-17T08:26:22.877

Asked: 2015-06-15T20:12:48.677

Viewed: 4 382 times

Active: 2019-12-27T15:00:45.273