Help determining what application is making TCP connection

Posted on 2011-10-14
Last Modified: 2013-11-29

I started getting a reditrect or two in my browser so I throw MalwareBytes on my workstation and it included the free trial of the pro version. My machine is clean, but that's really irrelevant in regards to my question.

The MB keeps popping up a box saying that it blocked access to: (example). Well, I'm sitting here wondering what I can use to tell me what application (or whatever it is) that is initiating this connection? I thought about WireShark, WinDump, etc, but those will just show me the packets and their SRC and DST and won't really tell me where it's coming from. Is there an app like ProcMon that will do this in the networking world?

I'm not looking for the removal of a threat. I've researched the IP my machine is trying to connect to and even done some scans on it, but that's not the point. I'd like to find a way to tell what application/process that is initiating the connection from my PC.

I'm thinking that the more advanced features of WireShark will do this by looking at the actual data within each packet to perhaps give me some clues, but if there another application that will do that for me, all the better. What is my best bet?
Question by:bbroyles
    LVL 38

    Accepted Solution

    Tcpview from sysinternals (Microsoft)
    LVL 82

    Expert Comment

    by:Dave Baldwin

    Author Closing Comment

    Perfect! Was exactly what I was looking for.......

    Shows the process and the connection as it's initiated. That SysInternals has some great stuff, but don;t recall see that be before. If you want to see active connections and what application is making them on your machine, this is the ticket.

    Now, I want to see what kind of data it's trying to send, but I think got that covered with WireShark

    Good work!.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
    Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
    Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now