Ask Leo! by Leo A. Notenboom

My internet connection status shows millions of packets when I'm not doing anything; do I have a virus?

Helping people with computers... one answer at a time.

Ask Leo! » Networking » Windows Networking

A lot of network traffic can mean several things. It can mean that you're doing a lot on the internet or it could mean that some malware is.

by , © 2004

My internet connection status shows millions of packets when I'm not doing anything; do I have a virus?

Maybe, maybe not.

Okay, that wasn't very helpful. But to be frank I can't give you a definite yes or no. But we can do a little investigation to determine if what you're seeing is expected or a sign of a real problem.

I'll start with the obvious: you are running anti-virus software, right? And you do have the latest and greatest virus signatures for it, right?

If the answer to either of those was "no", then get thee to an anti-virus tool immediately, get it up to date, and do that scan. 99% of the time a good anti-virus tool will answer your "do I have a virus" question properly.

If anti-virus tools say you're clean then we start investigating. First, understand what the numbers in your connection status mean. Have a look at mine (from Start-> Settings-> Network Connections-> Local Area Network):

LAN Status Image

You'll note that I have 2 million packets sent, and almost 4 million received. That's count of the number of packets since that connection was made. You can see that the connection has been connected for almost three days. So the longer you stay connected the larger those numbers will get.

What's more interesting is how quickly they're changing as you do nothing. Chances are they'll grow even if you're doing nothing simply because you may be running some internet aware software - say an instant messaging program, mail program, or something else. But if they seem to be growing quickly there's activity that might be worth investigating.

In a previous article, How can I tell what internet activity is happening on my machine? I discussed several tools and techniques to see what's transpiring over your internet connection. I'll jump right to the tool mentioned at the end of that article, Sysinternals' TDIMon. Run it, log the output to a file, and then after running it for a minute or so turn it off and view the file in notepad. You should see lots of internet activity. Much of it you'll recognize as your own or perhaps as discussed in that article, expected standard windows tools. But if there's a program there that you don't recognize that seems to be doing a lot then it's probably time to understand just what it is. For that I've outlined several techniques in What's This DLL? that will work with .EXE files as well. That research should help you determine if you have a problem or not.

Article C1901 - March 7, 2004

Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Recent Comments
57 Comments

Hi, when I start my PC in Local Area Connection Status shows what I have 200000 send and 423000 received. Can u tell me what`s the problem? Couze I can`t play on-line games. They frozen all the time.But when I restart my PC LACS shows for example 400000 send and 200000 received and games works fine (but that happen not all the time) please HELP

Posted by: Rober696 at June 3, 2009 12:15 PM

when i starts internet connection automatically received byte are increasing without opening any sites.even i stopped antivirus updating automatically.

Posted by: rajesh at October 27, 2009 6:24 PM

i m getting more received packets dn sent packets
how to resolve it

Posted by: ajmal at December 1, 2009 5:46 AM

my internet connection 200k sent 27k recieved is this a virus? could you help me fix this its not normal cause im using broadband and its the first time it showed like this what should i do?

Posted by: Sky768 at October 7, 2010 10:11 PM

I have sent 43,843,217,918 and received 11,034,474,329. Is there something wrong, the connection is less than a day.

Posted by: hallo at May 4, 2012 11:39 AM
See all 57 comments...
Post a comment on "My internet connection status shows millions of packets when I'm not doing anything; do I have a virus?":





Remember Me?

(You may use HTML tags for style)

Before commenting, please...

  • READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.

  • Comment only on the article. Use the search box at the top of the page if you have a question about something else.

  • NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

  • Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.

  • Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.

  • I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/my_internet_connection_status_shows_millions_of_packets_when_im_not_doing_anything_do_i_have_a_virus.html