Not sure if this belongs here, but doubtless someone will redirect me if necessary.
I found that large downloads were occurring without my knowledge, consuming my bandwidth allowance. Have spent ages trying to work out what is going on with limited success.
TBB Meter shows that there is a repeated connection to 126.96.36.199 which resolves to ww-in-f99-1e100.net a google server. No browser running, I see repeated downloads of several 10s or 100s of KB, totalling 200 - 300 MB per day if the machine is left running, which it often is. There are other connections, many to other google servers, but this is the one that seems to be the main culprit, the others download only small amounts. Connections seem to be mainly over HTTPS (port 443), but some are HTTP (port 80).
I am not aware of any software installed that would be doing this, and netstat doesn't appear to reveal which software is involved - a search for IP Address and hostname comes up with nothing.
I have disabled two scheduled tasks for Google Updater, with no change.
Does anyone have any ideas?