Which services are communicating on Vista?

What I want to know is which services are engaging in network communication. How they are changing over time. Network Monitor 3.3 tracks data packets back to executables but has an "unknown" category that carries a lot of data.  TCPView gives a dynamic list of Process, Protocol, Address  and Port in real-time. In the batch files below I pipe uniq tcpvcon output of process IDs  to tasklist /SVC and have FC detect what has changes.  Tasklist /SVC is slow however.

@echo off
@for /f %%i in ('tcpvcon -a -c ^| gawk -F"," '{print $3}' ^| sort ^| uniq') do @(tasklist /NH /FO CSV /SVC /FI "PID eq %%i") >&1>> temp1
@for /f %%i in ('tcpvcon -a -c ^| gawk -F"," '{print $3}' ^| sort ^| uniq') do @(tasklist /NH /FO CSV /SVC /FI "PID eq %%i") >&1>> temp2
fc temp1 temp2 > &1>> diff


@echo off
:top
del temp1
del temp2
@for /f %%i in ('tcpvcon -a -c ^| gawk -F"," '{print $3}' ^| sort ^| uniq') do @(tasklist /NH /FO CSV /SVC /FI "PID eq %%i") >&1>> temp1
@for /f %%i in ('tcpvcon -a -c ^| gawk -F"," '{print $3}' ^| sort ^| uniq') do @(tasklist /NH /FO CSV /SVC /FI "PID eq %%i") >&1>> temp2
fc temp1 temp2
goto top

Some relatively simple Powershell also helps detect which services are communicating:

$global:svchost = get-wmiObject win32_process -filter "name='svchost.exe'"

$global:win32_handle = $svchost | foreach { gwmi -query "Select * from win32_service where processID = $($_.handle)" }

$global:Sort_handle = $win32_handle | sort processID, Name

$global:Sort_svchost = $svchost | sort processID

$Sort_handle | format-table processID,name,state, startmode,Started,AcceptStop,Description -AutoSize

$Sort_svchost | format-table ProcessID,ThreadCount,HandleCount,WS,VM,KernelModeTime,ReadOperationCount,ReadTransferCount,OtherTransferCount -Autosize