While doing some troubleshooting on my Windows XP workstation at home, I had a need to determine what network connections my computer currently was using and what processes were attached to them. Sure, I could run ‘netstat’, but that will only tell me what connections I have. If I spot anything out of the ordinary, it doesn’t tell me what ‘process’ is using that connection. That’s when I hit Google and found this gem of a site, http://www.sysinternals.com/ntw2k/utilities.shtml
The utility I actually needed was called TCPView, but the owner of this site has authored a slew of other very cool utilities, much like the ones I use everyday in a Linux environment.
- Handle – This handy command-line utility will show you what files are open by which processes, and much more.
- RegMon – This monitoring tool lets you see all Registry activity in real-time. It works on all versions of WinNT/2K, Windows 9x/Me and Windows 64-bit.
- Process Explorer – Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.