RAGGATIP Posted September 24, 2010 Share Posted September 24, 2010 Hi all,I would like to know how to establish which service is connecting to an IP address address. I can see in Comodo that svchost.exe has established a connection but cannot find out exactly which service it is that's connecting.Thanks in advance Link to comment Share on other sites More sharing options...
Tripredacus Posted September 24, 2010 Share Posted September 24, 2010 You may be able to find out more info using Process Explorer and Process Monitor. You can set ProcMon to use filters and enable extra information. Link to comment Share on other sites More sharing options...
cluberti Posted September 24, 2010 Share Posted September 24, 2010 +1 - Process Monitor can give you the Process ID (PID) and the callstack of the svchost making the request (just use the network filter in procmon), and Process Explorer can give you more information about that PID and what is running in it (if the stack from procmon doesn't already make it incredibly obvious). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now