uppercut7141
asked on
Process explorer and process monitoring
I'm having an issue reaching the internet and was told Process monitoring and process explorer would be a good tool with assistance in troubleshooting why I can't get out. I'ts not a physicall issue or switch issue. I just don't know how to read the inforamtion or verify what I should be looking for at the moment.
help!
help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Using TCPView
When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.
By default, TCPView updates every second, but you can use the Options|Refresh Rate menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.
You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.
You can save TCPView's output window to a file using the Save menu item.
Using Tcpvcon
Tcpvcon usage is similar to that of the built-in Windows netstat utility:
Usage: tcpvcon [-a] [-c] [-n] [process name or PID]
-a Show all endpoints (default is to show established TCP connections).
-c Print output as CSV.
-n Don't resolve addresses..
http://technet.microsoft.com/en-us/sysinternals/bb897437
When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.
By default, TCPView updates every second, but you can use the Options|Refresh Rate menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.
You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.
You can save TCPView's output window to a file using the Save menu item.
Using Tcpvcon
Tcpvcon usage is similar to that of the built-in Windows netstat utility:
Usage: tcpvcon [-a] [-c] [-n] [process name or PID]
-a Show all endpoints (default is to show established TCP connections).
-c Print output as CSV.
-n Don't resolve addresses..
http://technet.microsoft.com/en-us/sysinternals/bb897437
http://technet.microsoft.com/en-us/sysinternals/bb896645
Process Explorer v15.31
http://technet.microsoft.com/en-us/sysinternals/bb896653
Let me know if you did not get anything after reading these article ..