Solução
Use o parâmetro -b
:
-b Displays the executable involved in creating each connection or
listening port. In some cases well-known executables host
multiple independent components, and in these cases the
sequence of components involved in creating the connection
or listening port is displayed. In this case the executable
name is in [] at the bottom, on top is the component it called,
and so forth until TCP/IP was reached. Note that this option
can be time-consuming and will fail unless you have sufficient
permissions.
Observação O comando netstat -b
falhará, a menos que seja executado a partir de um prompt de comando elevado.
Solução alternativa
Filtre a lista de processos e encontre o PID de seu interesse:
tasklist | findstr /c:"PID"
Solução alternativa
Você pode usar Tcpvcon.exe
. Não são necessários direitos de administrador.
Tcpvcon usage is similar to that of the built-in Windows
netstat
utility.
Usage: tcpvcon [-a] [-c] [-n] [process name or PID]
-a Show all endpoints (default is to show established TCP connections).
-c Print output as CSV.
-n Don't resolve addresses.