In linux if you want to know what files are being used, all you have to do is run the lsof command which shows a list of all open files and the processes that opened them. So if you want to figure out what program is using that insane amount of RAM you can run lsof and grep by the process ID to find it.
In windows however there is no such command so we have to use alternative methods. If you are trying to identify a TCP connection you can try running “netstat -bv” (Without the quotes). It will give you the executable behind process, something like:
TCP fury:2433 imap.perfora.net:imap ESTABLISHED 2724
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\WS2_32.dll
C:\Program Files\Mozilla Thunderbird\nspr4.dll
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\kernel32.dll
[thunderbird.exe]
For Windows XP and 2000 systems you can also download Fport, which is a free tool that will show you what programs on your system are opening which ports.
Hope this helps.
– Suramya
Got it, great!
Comment by rao — November 26, 2007 @ 6:40 AM
Thanks for that my dear friends!
Comment by Jason — February 23, 2023 @ 6:07 PM
nice
Comment by James — March 18, 2023 @ 6:29 AM