Users of the Windows operating system can always monitor the network activity on the connection icon in the system tray. In a properly configured system this indicator is "alive" only when you open some page. If you do not open new pages in your system does not update the antivirus program or the operating system, the connection icon should show zero activity.
The volume of the consumed traffic is easy to recognize in the connection properties. Just hover your cursor on the indicator of network activity in the tray and you will see the amount of received and transmitted data during the current session . To view this information in more detail, click the icon with the right mouse button and select menu item "State".
If you are using a USB modem and connect to the Internet using the installed modem program, you can watch it the statistics of consumed traffic per day, week, month, year. The statistics at any time you can reset and start counting again.
In that case, if the network activity of the computer is very spontaneous and a little to you, you should understand the reasons for this. To understand what address is connected to the computer, which programs are responsible for these connections, what is the volume of traffic they consume. Incomprehensible activity may indicate a compromised computer or infecting it with Trojans.
View current connections. To do this, open a command prompt: start - All programs - Accessories - Command prompt and type netstat –aon. Press Enter, you will see a table of network connections. If your computer has a connection to another machine, you will see its ip in the "External address". Active compounds will be determined as ESTABLISHED.
You can try to determine which program connects to the network, this will help the last column is the PID. It shows the process IDs of the processes. Type in the same window, the tasklist command, you will see a table of processes. In the first column are indicated the names, second identifiers (PID). Matching IDs from both tables, you will easily understand what the program shows network activity.
If in the course of the search traffic continued to be consumed, take turns to disable suspicious processes. To disable the process, use the command: taskkill /pid ****where the asterisks insert the PID subject to the closing process. For the sample run Notepad, re-enter the command tasklist to "Notepad" appeared in the processes list. Find its process – notepad.exe and close with the above commands.
Great help in the study of traffic can provide specialised programmes – for example, BWmeter. With this utility you will be able to keep track of all the addresses that connect your computer. You can also write to a log for later analysis.