A Notification Says Windows Explorer Is Trying to Listen on a Port

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Typically, this problem occurs when you open Windows Explorer and see a Windows Security Alert dialog box (referred to throughout this documentation as a notification) that displays a message informing you that Explorer.exe is attempting to listen on a port. If you are a member of the Administrators group, the notification will ask if you want to unblock Explorer.exe. If you are not a member of the Administrators group, the notification will tell you to contact your Administrator if you want to unblock Explorer.exe.

Cause

When you see this notification, it usually means that Windows Explorer (Explorer.exe) is hosting a secondary program and the program it is hosting is trying to listen for incoming traffic on one or more ports. Because Explorer.exe is hosting the program, the program is running as a separate process within Explorer.exe. For this reason, Windows Firewall cannot determine the name of the program's executable (.exe) file. Instead, it can determine only that a process within Explorer.exe is attempting to listen for incoming traffic.

Solution

To fix this problem, trying using the tasklist command to identify the program that is attempting to listen for incoming traffic. If you can identify the program, try to add it to the exceptions list.

To identify a program that is running within Windows Explorer

1. Start Windows Explorer and wait for the Windows Firewall notification telling you that Explorer.exe is attempting to listen on a port.

2. At the command line, type tasklist /m, and press ENTER.

3. See if there is an .exe file listed with the modules that are running in Explorer.exe.

If there is an .exe file associated with Explorer.exe, try adding it to the exceptions list, and then shut down and restart Windows Explorer to see if you still get the Windows Firewall notification. If there is more than one .exe file, add the .exe files to the exceptions list one at a time and test Windows Explorer each time to determine which .exe files you need to add to the exceptions list. You might not need to add them all.

To add a program to the exceptions list

1. Open Windows Firewall, and then click the Exceptions tab.

2. On the Exceptions tab, click Add Program, and then follow the instructions that appear on your screen.

If there are no .exe files running in Explorer.exe, you can try to determine which ports the program is using and then add those ports to the exceptions list.

To determine the ports that are being used by Windows Explorer

1. Start Windows Explorer and wait for the Windows Firewall notification telling you that Explorer.exe is attempting to listen on a port.

2. At the command line, type tasklist /m, and press ENTER.

3. Look up the process ID (PID) that is associated with Explorer.exe.

4. At the command line, type netstat -a -o -n, and then press ENTER.

5. Use the program’s PID to determine the ports on which the program is listening.

After you determine the ports that Explorer.exe is using, try adding the ports to the exceptions list.

To add a port to the exceptions list

1. Open Windows Firewall, and then click the Exceptions tab.

2. Click Add Port.

3. In Name, type a friendly name for the port exception.

4. In Port number, type the port number used by the program.

5. Click either TCP or UDP to specify the type of port that corresponds to your port number.

6. Repeat steps 2 through 5 if your program uses multiple ports and the ports are not enabled in the exceptions list.