TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the owning process name, remote address and state of TCP connections. TCPView provides a conveniently presented subset of the Netstat program that ships with Windows NT/2000/XP.
TCPView requires Windows 98, Windows Me, Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003 and Windows Vista.
Using TCPView
When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows NT, 2000 and XP systems TCPView shows the name of the process that owns each endpoint.
By default, TCPView updates every second, but you can use the View|Update Speed menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.
You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.
If you want to see who owns the domain registered for a remote address, select the item containing the name and choose Whois from the context menu or the File menu.
You can save TCPView's output window to a file using the Save menu item.