I attempted to install a software package on a server and the installation failed due to an existing application using the desired port.  Since it was a non-standard port, I didn't know what was using the port but I needed to find it and either kill it or move it.

Let's say for example, we're looking for the process living on port 3389 (the remote desktop / terminal services port).  First, we run:

netstat -ano | findstr :3389

The return should present you with several lines.  One of them should look like this:

TCP   192.168.1.100:3389    0.0.0.0    LISTENING    [processid]

In my case, the processid was listed as 1516.

Now I know I have something listening on 3386 and the application is using processid 1516.  I can pull up task manager or I can run the following from a command line:

tasklist /fi "PID eq [processid]"

Or in my case, since my processid is 1516:

tasklist /fi "PID eq 1516" 

The output should look something like this:

Image Name                     PID Session Name        Session#    Mem Usage

========================= ======== ================ =========== ============

svchost.exe                   1516 Services                   0     77,996 K

____

In the case of my application installation, I figured out the conflicting application and I moved its port to allow for my new application which wouldn't allow for a port change.  This could also be handy for identifying the PID for a virus or malware which found its way on your machine.