|
Home »
Networking
»
Windows Networking
Summary: A lot of network traffic can mean several things. It can mean that you're doing a lot on the internet or it could mean that some malware is. My internet connection status shows millions of packets when I'm not doing anything; do I have a virus? Maybe, maybe not. Okay, that wasn't very helpful. But to be frank I can't give you a definite yes or no. But we can do a little investigation to determine if what you're seeing is expected or a sign of a real problem. • I'll start with the obvious: you are running anti-virus software, right? And you do have the latest and greatest virus signatures for it, right? If the answer to either of those was "no", then get thee to an anti-virus tool immediately, get it up to date, and do that scan. 99% of the time a good anti-virus tool will answer your "do I have a virus" question properly. If anti-virus tools say you're clean then we start investigating. First, understand what the numbers in your connection status mean. Have a look at mine (from Start-> Settings-> Network Connections-> Local Area Network):
You'll note that I have 2 million packets sent, and almost 4 million received. That's count of the number of packets since that connection was made. You can see that the connection has been connected for almost three days. So the longer you stay connected the larger those numbers will get. What's more interesting is how quickly they're changing as you do nothing. Chances are they'll grow even if you're doing nothing simply because you may be running some internet aware software - say an instant messaging program, mail program, or something else. But if they seem to be growing quickly there's activity that might be worth investigating. In a previous article, How can I tell what internet activity is happening on my machine? I discussed several tools and techniques to see what's transpiring over your internet connection. I'll jump right to the tool mentioned at the end of that article, Sysinternals' TDIMon. Run it, log the output to a file, and then after running it for a minute or so turn it off and view the file in notepad. You should see lots of internet activity. Much of it you'll recognize as your own or perhaps as discussed in that article, expected standard windows tools. But if there's a program there that you don't recognize that seems to be doing a lot then it's probably time to understand just what it is. For that I've outlined several techniques in What's This DLL? that will work with .EXE files as well. That research should help you determine if you have a problem or not. Related:
Article 159 | Posted March 7, 2004 |
Stay Informed Archives Advertisers |
•
Can someone show me how to change it to show how many bytes transfered, not how many packets, in the "internet connection status"?
Or, 1 packet = ?? bytes, anyway?
Posted by: Lipton at May 29, 2007 3:42 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
No. That's apparently information provided by the driver, and it's not
configrable. Ditto for the size of the packets, as I understand it.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
iD8DBQFGXIAfCMEe9B/8oqERAkDqAJ9wc0UNbeT7YrakcenTmfhQ2DNl+gCfSeQA
Posted by: Leo A. Notenboom at May 29, 2007 12:33 PMy8Cgyf/XrCwG8t5Y7BIOaIk=
=0Nma
-----END PGP SIGNATURE-----
I thought finally I have found someone with the same problem, but reading all comments I am not sure anymore.
When I START up my computer I don't have millions of packets I have BILLIONs of packets. Connected since 5 Minutes (34,359,739,466 - sent / 1,455 received).
After a while using the computer I can't start or use any internet application. I still can use other programms but as soon as anything is using the network, the application is frozen.
I can not even start the taskmanager to kill application or shut down. All I can do is close all not frozen applications and switch off.
I ASSUME it has to do with the packages, but I am not sure. Is there any way how I can clean them up.
Repairing the network connection while it is working is possible, but does not solve the problem.
Yes - I have AVG Antivirus with latest pattern file.
Thanks
Posted by: CHS at June 22, 2007 11:58 PMCHS
I had a similar problem as CHS.
Posted by: Ry at August 23, 2007 12:36 PMConnected for 12 minutes: 841,813,598,384 Sent / 9,563 Received.
I've since rebuilt this (very jacked up) system, but I would be curious as to the bytes vs. packets equation, as Lipton asked. I'd like to know the theoretical speed it claims.
i have over 2,000 millions recevied i getting realy scared haha
Posted by: kizza at October 10, 2007 5:57 AMYou rock Leo! I've easily solved my slow internet virus problem with the super combo of TDImon & TCPView, weeding out what's causing the problem. The problem was in C: Windows\Prefetch, where the virus made tones of .pf or something like that files, which caused my laptop to become an email sending bot.
Thanks Leo!
Posted by: TK at November 7, 2007 1:32 PMwhere does the packets stored in our system
Posted by: aparna at November 29, 2007 1:23 AMHi Leo,
Posted by: Sharon at January 24, 2008 8:51 PMI have a problem with my Internet connection after accessing the Internet after about 1/2 hr or so. The Local Area Connection Status showed zero packets sent whenever I encounter this problem and I have to reboot my pc to get it started again. I've been trying to troubleshoot for a very long time and still can't find the root cause. I've changed my network card, rebooted my cable modem, etc and still encountered the same problem. Can I check if the problem is related to the motherboard or is it related to the network card driver? I had 2 network cards (1 DLink & 1 Linksys) and both gave me the same problem.. What else can I do to nail down the culprit? Thanks a lot, Leo..
I was sending "billions and billions" of packets until I updated the network card driver. Now the packets sent and received balance out nicely. In my case I went directly to the Intel website which had more recent drivers than the computer manufacturer. Of course first check for viruses, etc.
Posted by: JAG at August 12, 2008 8:21 PMI did the same, update my driver to the newest version available in the intel website. It works.
Posted by: Rafa at October 8, 2008 8:11 AM