How to find out where the Internet is spent. What programs use the Internet? Syncing iCloud services eats up mobile data

The situation with mobile traffic on the iPhone has recently become increasingly frightening. In our recent article, many readers confirmed the existence of the problem. Where does the traffic go?

It is impossible to give a definite answer to this question - it all depends on the specific device, operator and installed applications. However, it is possible to detect mobile Internet consumption channels without installing third-party applications.

To do this, go to the “Cellular” section of the iPhone or iPad settings. All your applications are located here, as well as data on their mobile Internet consumption (in fact, many people know about this). But the “System Services” section deserves special attention. In it you can find out how much traffic is consumed, for example, by Siri, Push notifications or tethering mode.

This data can help you determine whether you should turn off notifications for some apps or location-based services that determine your location. All this works in the background and not only consumes traffic, but also negatively affects the battery life of the device.

It will make the most sense if you turn off , which causes mobile Internet consumption to increase significantly. Owners of completely unlimited packages are in no danger, but limited packages are in no danger.

An urgent problem for owners of tariffs with a limit on the speed or volume of information (as well as USB modems) or “low-speed Internet”. It seems that there is Internet, but the speed is not enough even to open pages on the Internet. If you are used to it and have come to terms with it, then you can continue to ignore it. But still, I think everyone will be interested in what programs or applications use Internet traffic.
By the way, sometimes in this way you can recognize and see some unfamiliar process or application that you do not know, and this could be a virus or spyware that sends your data (or monitors your actions) and sends it to someone through Internet.

There are several ways to find out what is eating up your Internet traffic.

1) Via standard . But there is one big drawback - only in Windows 8 it shows on the tab Processes in the column Net.

This is not the case in other editions (versions) of Windows. More precisely, there is, but it’s not what you need.

2) Through various firewalls that provide .
But there is also a catch here - not everyone provides this opportunity, and there are also paid options. Although I use it and am satisfied. By the way, it shows that he uses the Internet too. Like all firewalls in principle.

3) Through third-party special programs.
I consider this option to be the best and most effective, because it is suitable for all versions of the OS and you do not need to pay, because all programs are free.

The first program that deserved universal recognition is TCPView from .

The positive thing is that it does not require installation (portable) and takes up little space (284 kb). The only negative thing about it is that it does not have a Russian-language interface. But figuring it out won’t be too difficult.

After running the file, the main window looks like this:

It immediately displays all programs that use the Internet, with characteristics such as the port used, and others.
In addition, you can save this list to a text file, and also customize the display.
When you right-click on a process, you can find out the process properties (Process Properties), end it (End Process), close the connection (Close Connection), copy (Copy) and find out what the system thinks about it (Whois...) (it didn’t work for me )

The second program is NetWorx

It does everything the same as the previous program, namely it tracks and shows which programs are accessing the Internet. The most important and pleasant difference is that it is Russified and has many functions.

After installation and/or launch, the program is minimized and when you right-click on the icon, the following menu appears:

In fact, the main thing we need is to find out which programs are eating up the Internet. It's on the menu Tools - Connections

In it you can also find out which applications are using and you can end the process by right-clicking on it.

I think the disadvantage is that you cannot find out the properties of the file, and therefore you can only guess what kind of file it is and where it is located.
This is probably why it includes many functions, such as:
- General statistics in which you can find out how much was received/sent per day/week/month or from other users (if there are several accounts).
- Graph of current speed.
- Measure the speed of your Internet connection.
- Set up a limit (quota) for the use of Internet traffic. You determine how much you can spend per hour/day/week/month, and then the program will notify you about the limit.
- You can make traces or ping a route. In simple words - write the IP address or url of the site, and the program determines how long it takes to send/receive a response and request. In general, this is for more advanced users.

Well, that's all. You have figured out the main task, namely how to find out which programs and applications are consuming your Internet connection and know what to do.

In the “PID” section we look at which program is consuming resources.

Also, if you right-click on a process, a set of functions will appear. Process Properties – process properties, End Process – end the process, Copy – copy, Close Connection – close the connection, Whois – what the system advises.

The third method is to use Windows OS components

Click “Start”, “Control Panel”.

For Windows XP. Open the “Security Center”.

Click "Automatic update".

In the new window, check the box next to “Disable” and “OK”.

For Windows 7. Open Windows Update.

Click “Setting parameters”.

Check the “Do not check for updates” checkbox.

Programs and system elements will not access the network. However, to prevent the service from turning back on, we take the following steps (acceptable for Windows XP Windows 7).

In the “Control Panel” go to the “Administration” section.

We are looking for “Security Center” or “Windows Update”. Click “Disable service”.

The fourth method is to control the antivirus program

The New version of Nod 32 has an additional function - traffic control. Launch ESET NOD32 Smart Security 5 or higher. Go to the “Utilities” section and select “Network Connections”.

We close our browsers and look at the list of programs and elements that consume Internet resources. The connection and data transfer speed will also be displayed next to the software name.

In order to limit a program’s access to the network, right-click on the process and select “Temporarily block network connection for a process.”

The speed of your Internet connection will increase.

Sooner or later the question arises: where does the money go on the Internet? Often users require information that fully provides step-by-step instructions for obtaining information - what traffic is used for when connecting to the Internet via DRO. This technology will be useful in determining the cause of increased traffic consumption.

Instructions

You need to run the cmd.exe command line. To do this, select “Run” from the Start menu.

In the window that opens, in the line with the blinking cursor you need to type cmd.exe. Press enter. A standard interpreter window has opened: you can skip this step and go straight to the next step in the command line of your file manager, for example FAR. 111111

Next you need to type the network command netstat.exe /? (you can just netstat /?). You can launch it by pressing the “Enter” key. As a result, we get a list with hints, namely what results the network program can produce when using certain keys. In this case, we will be interested in more detailed information about the activity of network ports and specific application names.

Next, we need to check whether some attacker is currently scanning our machine. Enter in the command line: Netstat -p tcp –n or Netstat -p tcp –n. Here we need to draw your attention to the fact that the same external IP address is not repeated very often (1st IP is the local address of your machine). In addition, an intrusion attempt can also be indicated by a huge number of records of this type: SYN_SENT, TIME_WAIT from one IP. Frequent replays of network ports 139, 445 of the TCP protocol, and 137, and 445 of the UDP protocol from an external IP can be considered unsafe.

Then we can consider that we are lucky, no external intrusion was noticed, and we continue to look for the “bad application” that is eating up traffic.

Type the following: Netstat –b (administrator rights are required here). As a result, a huge protocol will be uploaded with statistics on how all your applications work on the Internet: This segment of the protocol shows that the uTorrent.exe program (a client for downloading and distributing files on the BitTorrent network) distributed files to two machines on the network from open local ports 1459 and 1461.

It is up to you to decide whether to stop this application. Perhaps there is some point in removing it from startup. The activity of other legal programs that work with network services has already been detected here: Skype, Miranda, and the second one works through the secure https protocol.

The final goal of this analysis should be to identify applications that are unfamiliar to you, which, without your knowledge, connect to the Internet network (it is not known what they transmit). Next, you should already use various methods of dealing with “harmful” applications, starting with disabling them from startup and ending with scanning them with special utilities.

Where does the traffic go? How to find a “leak” using the simplest means.

They say that there are two mysteries in nature: where does dust come from, and where does the money go? In the same way, the Internet has its own mystery: where does the traffic “flow”? Of course, in stationary conditions, with modern high-speed lines, this problem has lost its relevance - but as soon as we go on vacation, to nature, to the countryside, where the only way to connect to the Internet is cellular communication, this problem arises in full force. We buy a package of 1-2-4-8 gigabytes from the operator, it seems like we didn’t do anything, but it was used up ((. Where did it go? And is it possible to somehow find the “source of the leak” using “improvised means”?
In general, if you are going “out in nature” and will be using the Internet with limited traffic, it is very advisable in advance install a traffic control program. For example, completely free NetLimiter Monitor. Then, looking at its statistics, we will see, for example, that traffic incoming and outgoing is consumed by the FireFox browser (in the first example) ... or only incoming traffic is consumed by the Miranda instant messaging program. Everything is simple and transparent.

All that remains is to look at the amount of traffic and make a decision to disable, permanently or temporarily, the program - an unnecessary traffic consumer. But what if such a program is not installed in advance and you cannot reboot the system (and after installing NetLimiter Monitor this will be required)? Or is there no way to download this or a similar program at all? "Is there no way out?" (tsy). It turns out that not everything is so sad.
Radio amateurs, when it is not possible to use an accurate, “qualitative” meter, often use a “quantitative” one - which is usually called a tester. In our traffic monitoring system, the tester will be the local network/wireless network/modem indicator - in general, interface, through which the computer is connected to the interface. Also, such a tester can serve as an indicator of the amount of incoming/outgoing traffic of the Dashboard of a cellular modem (cellular modem control program).
How to determine which indicator to focus on? There may be several network/wireless/modem indicators in the tray. It's very simple if you exactly If you don’t know which indicator to look at, we can track the one we need by changing activity. Try, for example, loading any website in your browser and see which indicator has become active - it lights up or blinks rapidly. If there is a red cross next to the indicator, you can immediately ignore it. In the example screenshot, the active interface is marked with a green dot, and the non-working interface is marked with a red dot.
Having found the indicator of our connection to the Internet, we can now begin the audit. First, let’s roughly estimate whether there is a “leak” at all. Let's stop accessing the Internet, wait for all sites to load, etc. - and look at our indicator. It shouldn't burn. If it does not ignite for a long time, even for a short time, there is most likely no “non-productive leak”. But, most likely, you will notice that it periodically “flares up”. This means that some program is accessing the Internet. Let's try to find which program (or browser tab) is doing this.
How can we determine which of the heaps of programs that are currently active on the computer are accessing the Internet? Let's use the "Wolf method" from "Well, Wait a minute!" Remember when he ran into a television store while chasing the Hare? To determine where the Hare was hiding, he began to turn off the TVs - and eventually found him. So we will try to find the “hare” or “hares”.
To do this, we will use TaskManager. With the “regular” system TaskManager we unload programs when they “freeze”. Is it possible for them, on the contrary, to introduce programs into a controlled “freeze”? Unfortunately no - the standard system TaskManager cannot do this. But there are a huge number of alternative TaskManagers that can do this. We will not consider all such programs - we will limit ourselves to only two.
The first and quite powerful one is. Despite such a loud name, it is completely safe for the system and very powerful in terms of research and management of running programs and processes. Download and install it - it will help you not only in this matter - many issues of the system's operation can be clarified with its help. If you cannot or do not have the opportunity to install a program (for example, if installation of programs is prohibited or you do not want to add it to the program group), download the portable version. It will allow you to start exploring the system on the go, without unnecessary installations. In addition, you can record the portable version on a flash drive and use it anywhere.
Launch it and let's look at the main window, Processes tab. You will see many programs and processes running on your system. The lower the program is in the window, the later it is launched. The bottommost program in the window is the last one launched.

By the way, this program also indirectly shows which program accesses the Internet (although not only). Look at the I/O Total column. If the program has non-zero numbers in this column, then the program is engaged in data exchange with the “outside world” - in relation to the program memory, of course. If programs related to the Internet (the list will be at the end of the article) have a non-zero figure, feel free to include it in the list of suspects.
Now how are we going to use this program to search for programs that are “active”? Very simple. Starting from the bottom (from the most recent) we will begin to “freeze” Internet programs. To do this, right-click on the program name and select from the menu Suspend Process. After this, we look at our indicator - have access to the Internet stopped? If yes, then we found it All programs that “milk” traffic (most likely, there is more than one of them). If the requests have not stopped - but the “tempo” of blinking has changed - then the “frozen” program is almost certainly one of those “those”. If nothing has changed, “unfreeze” the program by right-clicking on the program name and selecting Resume Process.

Once the “list of accused” is ready, we will evaluate what to do with it. If the list includes only instant messaging and communication programs - for example, Skype (skype.exe), ICQ (icq.exe), Qip (qip.exe), Miranda (miranda32.exe) - then you need to think about whether it’s worth keeping them constantly active. The fact is that these programs constantly exchange data over the Internet - and this cannot be avoided. Some consume little traffic (for example - ICQ, Qip, Miranda), others - somewhat more (for example Skype) - but there will be an exchange in any case. So if you want to save money on these programs, close them when you are not using them. Or “freeze” it for “downtime” with TaskManager. But, by the way, any of these programs consumes very little traffic - so if you have a not entirely limited traffic package, you can leave these programs running constantly.
Another group of programs that can consume traffic even in a “resting state” are browsers. Such as Internet Explorer(iexplorer.exe), Mozilla FireFox(firefox.exe), Mozilla SeaMonkey(seamonkey.exe), Opera(opera.exe), Google Chrome(chrome.exe), Safari(safari.exe) - and perhaps others. Some website pages you visit may be designed to periodically load information to update the screen's state. Its volume can sometimes be significant. Unfortunately, there is no easy way to “freeze” a browser bookmark. Therefore, on the “first pass” you will have to bypass all bookmarks and close all suspicious ones. For the future, having identified such pages, do not leave them after viewing - but close them. The sites themselves can be very different - for example, this year I saw that the pages of the GisMeteo site are periodically (and quite often) updated - although the weather does not change so quickly)).
There may also be “forgotten” programs that are automatically loaded when the system boots - most often these are programs for working with torrents (trackers) - for example, muTorrent (uTorrent.exe). Just prevent such programs from starting automatically - while you are in limited traffic conditions.
If the program does not belong to the above and it is not a system one (see list below), then there is reason to be wary. It is very likely that your system is infected with a virus/Trojan - and it quietly does its “dirty deed” without notifying you. “Freeze” such processes and do not “unfreeze” them - and look on the Internet what kind of program it is. If this is a harmless program, then simply disable it for the duration of the “limited exchange”. If, according to information on the Internet, it is a Trojan/virus program, treat your computer.
If the traffic is consumed by a system program, then it is best to enable the firewall in the system - the system one or an external program - and prohibit unnecessary calls. Setting up a furwall is a matter for a separate article, but the Internet is full of all sorts of descriptions of the settings. Use what you understand. A firewall will allow you to more accurately control traffic and allow you to block Internet access to those programs that you do not want to be released into the world.
But, you say, this one is quite complicated for beginners. Is there something that is functionally the same - but as simple as possible? It turns out there is! This is an extremely simple, but at the same time quite powerful Task Manager, which has the ability to “freeze”/“unfreeze” programs - and does not require installation. its size is generally insignificant - the program itself is 38.4k and all the files are about 100k. This size will not “ruin” your traffic package much.
After you launch it (it’s better to put it in startup altogether - it needs very little memory) you can call it using a keyboard shortcut Ctr+Shift+~. We will see a window with a list of running programs - the higher the program, the later it is launched. The most recent one is at the top of the list.

In order to “freeze” a program, click on it and through the context menu (called with the right mouse button) select “Pause/Continue the process”. At the same time, a symbol will appear to the left of this program. To “defrost”, select “Pause/Continue process” again through the context menu. The program “defrosts” and the symbol disappears. Thus, we can quickly “freeze” all suspicious programs and see how the activity of the network/wireless network/modem indicator changes as a result. By the way, clicking on the “cross” to close the program does not terminate its work, but only “hides” its window, which can be called again by Ctr+Shift+~.
Now, using one of these programs, you can find the “source of the leak” and decide what to do with this program/programs.

Application - names of programs and their executable files appearing in the list of TaskManagers:

Browsers:
Internet Explorer - iexplorer.exe
Mozilla FireFox - firefox.exe
Mozilla SeaMonkey - seamonkey.exe
Opera - opera.exe
Google Chrome - chrome.exe
Safari - safari.exe
Maxthon Browser - maxthon.exe

Instant messaging and communication programs:
Skype - skype.exe
ICQ - icq.exe
Qip - qip.exe
Miranda - miranda32.exe
R&Q - rnq.exe

P2P programs (for working with torrents and direct file exchange):
muTorrent - uTorrent.exe
Edonkey - edonkey.exe
Emule - emule.exe

System programs - do not “freeze” them unless necessary - a complete “freezing” of the system is possible!:
System Idle Process
System
smss.exe
winlogon.exe
services.exe
lsass.exe
svchost.exe

The list is given more as an example; only the most famous programs are listed. If you see a program not from this list, look on the Internet what kind of executable file it is.

The article is discussed on the General Forum in this top.
A copy of the article is posted

This article is also available in the following languages: Thai

Next

THANK YOU so much for the very useful information in the article. Everything is presented very clearly. It feels like a lot of work has been done to analyze the operation of the eBay store
- rootsshell
  
  Thank you and other regular readers of my blog. Without you, I would not have been motivated enough to dedicate much time to maintaining this site. My brain is structured this way: I like to dig deep, systematize scattered data, try things that no one has done before or looked at from this angle. It’s a pity that our compatriots have no time for shopping on eBay because of the crisis in Russia. They buy from Aliexpress from China, since goods there are much cheaper (often at the expense of quality). But online auctions eBay, Amazon, ETSY will easily give the Chinese a head start in the range of branded items, vintage items, handmade items and various ethnic goods.
  - Next
    
    What is valuable in your articles is your personal attitude and analysis of the topic. Don't give up this blog, I come here often. There should be a lot of us like that. Email me I recently received an email with an offer that they would teach me how to trade on Amazon and eBay. And I remembered your detailed articles about these trades. area I re-read everything again and concluded that the courses are a scam. I haven't bought anything on eBay yet. I am not from Russia, but from Kazakhstan (Almaty). But we also don’t need any extra expenses yet. I wish you good luck and stay safe in Asia.
rootsshell

It’s also nice that eBay’s attempts to Russify the interface for users from Russia and the CIS countries have begun to bear fruit. After all, the overwhelming majority of citizens of the countries of the former USSR do not have strong knowledge of foreign languages. No more than 5% of the population speak English. There are more among young people. Therefore, at least the interface is in Russian - this is a big help for online shopping on this trading platform. eBay did not follow the path of its Chinese counterpart Aliexpress, where a machine (very clumsy and incomprehensible, sometimes causing laughter) translation of product descriptions is performed. I hope that at a more advanced stage of development of artificial intelligence, high-quality machine translation from any language to any in a matter of seconds will become a reality. So far we have this (the profile of one of the sellers on eBay with a Russian interface, but an English description):
https://uploads.disquscdn.com/images/7a52c9a89108b922159a4fad35de0ab0bee0c8804b9731f56d8a1dc659655d60.png

DIY bicycle illumination with LED strip DIY LED strip for bicycle spokes

Illuminating bicycle wheels using an LED strip is a great way to highlight your two-wheeled friend against the background of darkness and surprise passers-by with its original appearance. Unlike the advertised...

Combine harvesters Polesie: review of models and prices

For 20 years, the Belarusian plant "Gomselmash" has been successfully producing agricultural machinery, including grain harvesters, which are famous in the domestic and foreign markets for their high...

Longitudinal section of the Titanic

Drawings of the Titanic, a steamship of the British shipbuilding company White Star Line. Construction of a large ship took more than two years. About 3,000 people worked at the shipyard. In May...

Basic techniques for working with the machine

All photos from the article Wood is not only a material for making beams, boards and other building elements, it is also a space for creativity, since this material is processed...

How to create interior paintings yourself?

Hand-made decor items are becoming more and more popular every year, as everyone wants to have an exclusive decoration in their home, and not a replicated faceless souvenir from...

How to combine copper with aluminum - the better and more reliable

When installing electrical wiring, sometimes the question arises about connecting copper and aluminum wires. This issue is especially relevant during electrical work in old housing stock, where the main part...

How to choose the best moonshine still for home use

To prepare a high-quality alcoholic drink yourself, you need to carefully select raw materials and devote a lot of time to the technological process. Moonshine stills simplify this task -...

Homemade mini flour mill

All farm owners know how useful a personal grain mill is, which is easy to make with your own hands. Using this design, you can renew food supplies for rabbits...

Free photo frames online - beautiful photo effects

Make fun, smile and create with our photo effects! The service site contains a unique collection of beautiful photo effects, and modern ones (like Instagram effects). You will like...

Old lighthouses Abandoned lighthouses Photos

Clickable 1920 px Remember, I showed you. I didn’t want to fill the topic with all sorts of interesting things and details, there was already something to see there :-) But now I’ll tell you about...