Discussion in 'Windows 8' started by pisthai, Jun 6, 2014.
You need to login to view this posts content.
Forget to mention that I tested on Windows 8.1 4 machines which are all connected with Explorer to MS. 1 machine with Windows 8 are NOT connected and same with an old XP machine!
That said, it could be possible that those connection is happens only since Windows 8.1! In older Windows machines like Windows 7 there's also an connection using an hidden account but Explorer!
One mystery connection: System Idle (you know, PID 0) connected to 126.96.36.199, which is said to be Twitter? I don't have any twitter apps installed, and how can it come from Idle??
Several WWAHost connections, also some to twitter starting with 199, I'm beginning to think 199 always reports twitter for some reason.
But no explorer.exe...
EDIT: The address of Idle always changes when I'm refreshing, I think it just always reports the IP of the last process that went into the idle state.
Also just did a windows update check and now I have 2 explorers connected to 188.8.131.52, but that's probably just the WU server.
more then likely its for the MS ACCOUNT
stuff like ONE drive, email, IM, skpy
i have noticed that same thing theres maybe two or three that goto
livecomm uses a few that is the live email client or aol or google address is what you will see
after a lil looking it sounds like its windows push service
i think its more to do with one drive
are all of the systems you tested using MS account and or have one drive active
Hope they like your daughter's facebook pics!
ET calling home
Thanks for the tip on TCP-Monitor 2.2
I was curious and downloaded the program and ran it. I have a spare hard drive with Win-8 installed on it to see if I want to switch over from Windows 7. Now I'm not so sure I want to make the switch.
When I first ran TCP-Monitor it showed many connections coming and going, but it stabilized and I got a screen capture of what Windows 8.1 was doing:
Looking up the IP address I found this:
I can kinda understand Microsoft, but Akamai? What's up with that. I know that you have to download and install the Akamai downloader sometimes to download files from Microsoft. But that's not the case, it just connected. And I didn't have to install anything. I noticed that both of them have reserved blocks of IP addresses.
Now I'm sure everything is on the up and up here, and I'm sure no personal information is sent to either Microsoft or Akamai. /sarc
You might miss all this activity, because after a while it all goes away. You have to start up TCP-Monitor right away as soon as Windows 8.1 starts, or you will miss it.
To see what Windows 7 did, I started it up, ran TCP-Monitor and here's what showed up. Pretty much nothing. Nothing on startup, and nothing after Windows 7 started. This is the entire activity.
I'd be curious as to what other people discover.
To add some useful information as well... Currently I'm running 8.1. Local account, I never ever signed into any microsoft account on this PC, not even for the sake of a single application. TCP monitor for me shows only 2 established connections: Firefox and Dropbox. I'm using both currently, so it's perfectly normal. No microsoft stuff, no big brother anywhere. It must be related to online accounts if you have any. As always said, avoid metro crap, there's nothing you can't do without them.
For several reasons I've to use MS Accounts for my work! As I wrote, I didn't have any problem with legal stuff because that's what I use. I'm just a bit careful about what's 'going' out of my computer without permission!
So far, I found that the other MS connections like Skype, WU and so didn't sending data out. With Explorer it's a different 'game'! Within the last 1 hour, it had send near 700MB on packages to 2 different MS IP's. one in Singapore and 1 in Bombay!! At the moment I've limit the amount of outgoing traffic to the MS IP Ranges to an max 128kb/s. I would like to know if there will be any problems coming up while done that and if not, I'll even set that down to 64kb/s! I could do that in my Smoothwall quite easy.
While try to open the captured packages to find out what kind of data were send, those were crypted and therefore not readable.
So let me get this straight...
You're surprised because your Online account that you log into Microsoft is... Online?
Maybe you read my post's again starting by post 1?!
Don't bring something in what were not told please! Thanks!
That's actually a lot of traffic, maybe you can check if there was something synced with OneDrive.
No, I didn't use OneDrive at all!
You need to login to view this posts content.
use wintoolkit to remove file manager from windows
its should solve this
I don't understand either. Your logging in to an ONLINE MS account. Of course there's a connection.
Wouldn't things be constantly synced? Email, Store??
Login as a Local user & see what happens..
Live Tiles also consumes traffic
Funny those answers from those knowledgeable users, isn't it?!
As the upload at my home is limited to 2MBps, the transfer of 700MB within an hour is quite much and that's the problem! I realized that my the transfer of data from and to my computer even not stopped as I stopped the work on that computer. In meantime, I blocked 47 IP's, which all seems to be from MS, for to get more that 14.4kbps from my machine and tomorrow I'll set that down to 9kbps! On Tuesday I'll have an meeting with the techies from my ISP about that too!
Last 4 hour no new IP was shown up, so let see what will happen till tomorrow!
That everything you do on the Internet will consume traffic, even an first class student will know. Simply the point is that just one tools is trigger that heavy traffic: Windows Explorer and just to the same destination, or to be precise: to an destination of the same Owner (MS)!