Working on the Internet, especially with a high connection speed, requires adherence to certain security measures. In particular, you need to monitor traffic and prevent uncontrolled network activity on your computer.
Instructions
Step 1
When a computer is connected to the network, a connection icon appears in the system tray in the form of two connected computers. If you do not have such an icon, open the network connection property: "Start - Control Panel - Network Connections". Select your connection, right-click it and check the box "When connected, display the icon in the notification area."
Step 2
It is the connection icon in the tray that allows you to visually control the exchange of information with the Internet. In the event that you do not open or download anything, you have not started updating the operating system or antivirus program, but the computer continues to actively interact with the network, you urgently need to figure out the reasons for this. It is possible that your computer is infected with a Trojan horse or has been hacked, and now illegal actions are being taken from your ip-address.
Step 3
Try to understand which application is using traffic. If you are running a browser, close it and assess the situation by the connection icon in the tray. In the event that it continues to show activity, close all running programs one by one.
Step 4
If all applications are closed, but the computer continues to communicate with the network, open a command prompt: "Start - All Programs - Accessories - Command Prompt" and evaluate the current situation using the command netstat –aon. Enter it in the command line, press Enter, you will get a list of current network connections. The "Status" column reflects the current status of the connection - it exists at the current moment, it is already completed, or the program that opened the port is in a waiting state.
Step 5
Pay attention to the established connections, they are marked as ESTABLISHED. The last column - PID - contains the so-called process IDs. The tasklist command will help you determine which program a particular identifier belongs to. Enter it into an already open command prompt window, press Enter. You will receive a list of running processes, with their identifiers next to the name of the processes. By comparing the PIDs from the first table with the ids of the second, you can understand which processes they belong to.
Step 6
The next step is to take turns shutting down the active processes and looking at the activity of the connection. You can close processes in two ways - in the Task Manager (Ctrl + alt="Image" + Del) or in the command line. In the first case, open the Task Manager, click "View - Select Columns". Check the box "Process ID". You will now see PIDs next to the process names.
Step 7
Select one of the active network processes in the command line window, find it in the Task Manager. Right-click, select "End Process". After that, see if the network activity has stopped. If not, close the second active network process, etc. You can also close them directly from the command line by running: taskkill / pid 1234, where instead of 1234 substitute the PID of the process you want to terminate.
Step 8
Sometimes the computer does not work too actively with the network, but it still exchanges some packets uncontrollably. To find out what IP-addresses it connects to, use the BWmeter program. It allows you to view and log all the necessary information on established connections.
