I need some advice on how to track down a problem. Can anyone recommend software that will show me which software running on a Windows XP machine is generating net traffic?

The problem I am trying to solve is this: I have a customer who uses a mobile data card in his laptop. He is billed on the amount of data transferred. His normal bill is about $50, last month it shot to $700 out of no ware. Obviously I assumed it was an infection, but a ton of scans and even reinstall of the PC from scratch did not find or solve the problem. So I guess it much we one of the legitimate programs generating the traffic because of the way it is configured, but which one?

The usage logs show a pattern of 3.1Mb data in lumps coming and going (I cannot tell from the logs if a program on the PC is sending the data or receiving, just that is passing through the card).

I do not think I need packet sniffing software that tells me what is moving cross the network. I think I need something that tells me which executable running on the system is generating traffic and ideally to what IP address.

Is there something that will do the trick? (If needs to be free or cheap, but probably not that sophisticated).

Let me know what you think.

Ratbag.

Have you tried running Sygate Personal Firewall, it should tell you where everything is going. You can still get it here: http://www.majorgeeks.com/Sygate_Personal_Firewall_Free_d3356.html
Good Luck :)