Been away from my pc for a few hours and just now came back and noticed in/out traffic going, a 3 or 4 megs worth been exchanged. I have a anti-virus and firewall on. The only thing I notice running that wasn't are two things in task manager, wowexec.exe and ntvdm.exe with a space before the first w in wowexec.exe. Is this anything to worry about ? I've searched the net with all the info being the same and the info basically said it's part of Windows which leads me to my next question, what triggered this and why is it exchanging so much info

If you have some DOS Programs (NOT Windows) like Games, those two applications may be seen . Check your Startup and see if you can disable them. M

No games and haven't installed any 16bit apps that I know of, startup consist of bootskin, ati, 2 avg's, rainmeter, window fx and hdd thermometer.

Any of the auto update features turned on may cause this. Use netcap to capture and use a 2003 network monitor to decifer output. You could use any of the linux machines with a network monitor too. Just because you have a firewall doesn't mean that you have one that can block all traffic.

Don't know which firewall you use but ZoneAlarm gives you an option to stop all internet activity & then you should get a warning saying which program is trying to get access. "I know that I'm mad - I've always been mad..."

I stopped it for a minute then re-enabled it and it resumed, I then stopped it for about 10 minutes and it didn't. I don't have anything set to autoupdate except windows update. I don't understand what the two files mentioned would have to do with it. This has happened 3 or 4 times before and these two files are then listed in task manager and this is the only time they are ever listed.

I go this info from http://www.liutilities.com/products/wintaskspro/processlibrary/wowexec/ Wowexec.exe Author: Microsoft Corp. Part Of: Microsoft Execution Process System Process: Yes Background Process: No Uses Network: No Hardware Related: No Common Errors: N/A Memory Usage: N/A That one is not the problem since it does not use the network. Ntvdm.exe Author: Microsoft Corp. Part Of: Windows System Process: Yes Background Process: Yes Uses Network: No Hardware Related: No Common Errors: N/A Memory Usage: N/A This is not part of the problem either. You must have something else causing this. Does this mass transfer happen all the time? You should look for the above mentioned programs and try that. Also scan for viruses and spyware. Scan with: http://housecall.trendmicro.com Also, you can use what firewall you would like but I prefer Sygate Personal Firewall Pro on clients and another machine setup with a Linux firewall. Check your logs to see what might be causing this. Your firewall logs and event viewer. Also, I agree with Jefro, just because you have a firewall and updated antivirus and spyware does not always prevent things from coming in or going out. There is SOOOO many aspects of security to look at. Also, maybe your machine has been compromised and someone keeps getting in and transferring data. Anything’s possible. Hope this helps.